Jump to content

Help Downloading to Data Disk for other computer that has virus.


Recommended Posts

I've used Malwarebytes Anti-Malware for years, on all my computers, and usually to help other friends fix their computers. Recently a friend got the white screen virus so my plan was to try to go into safemode with networking, download MAM and run a scan to get rid of the virus. Well, when I got into safemode with networking, the white screen also showed up there, so there went the ability to get online and download the program. So I decided to make a data disk and try it that way, by going into safemode with cmd prompt,  and when I try to bring it up and try to download it to the computer, I keep getting Match Type or Runtime errors.This has had me stumped. What do I do? I have noticed when I do try to download to a data disc, it seems that all the .dlls wont transfer over, so I just tried doing that once too, and add them seperately but that didn't work either. I'm lost and need help! Thanks!

 

Link to post
Share on other sites

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/8/2011 12:13:31 AM
System Uptime: 1/20/2014 7:15:28 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0G3HR7
Processor: Intel® Core i5 CPU         760  @ 2.80GHz | CPU 1 | 1176/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 455 GiB total, 275.246 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP349: 1/7/2014 4:17:16 AM - Windows Update
RP350: 1/8/2014 9:43:04 AM - avast! antivirus system restore point
RP351: 1/8/2014 11:15:41 AM - DMX_DriverMax Driver Installation
RP352: 1/8/2014 11:26:18 AM - Device Driver Package Install: TechnoScope Co., Ltd.
RP353: 1/8/2014 11:30:59 AM - DMX_DriverMax Driver Installation
RP354: 1/8/2014 11:59:39 AM - Device Driver Package Install: Pluralinput Keyboards
RP355: 1/14/2014 1:34:16 AM - Windows Update
RP356: 1/15/2014 3:00:13 AM - Windows Update
RP357: 1/15/2014 3:24:16 AM - Installed Java 7 Update 51
RP358: 1/16/2014 3:00:12 AM - Windows Update
.
==== Installed Programs ======================
.
7-zip v9.20
Adobe Download Manager
Adobe Flash Player 11 Plugin
Adobe Flash Player 12 ActiveX
Adobe Reader XI (11.0.05)
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
avast! Free Antivirus
Bing Desktop
Bonjour
CameraHelperMsi
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Edoc Viewer
Dell Getting Started Guide
Dell System Detect
DirectXInstallService
DivX Setup
Download App
Download Updater (AOL Inc.)
DriverMax 7
Dual-Core Optimizer
DVDVideoSoftTB Toolbar
EA SPORTS Game Face Browser Plugin 1.8.0.0
EMC 10 Content
EMCGadgets64
EPSON Scan
EPSON WF-2540 Series Printer Uninstall
EPSON WorkForce 500 Series Printer Uninstall
EPSON WorkForce 645 Series Printer Uninstall
erLT
F.E.A.R. 2: Project Origin
Facebook Video Calling 2.0.0.447
Feedback Tool
Free Video to Tablet PC Converter version 5.0.20.1031
Free YouTube Downloader 3.5.184
Free YouTube to MP3 Converter version 3.12.2.430
GameStop App
GeForce Experience NvStream Client Components
GIMP 2.8.6
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
HippoGeek
Intel® Control Center
Intel® Rapid Storage Technology
Internet Explorer
iTunes
Java 7 Update 51
Java Auto Updater
Java 6 Update 24
Java 6 Update 31
Java 6 Update 39 (64-bit)
Junk Mail filter update
Left 4 Dead
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0 Refresh
Movie Maker
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
My Dell
NVIDIA 3D Vision Controller Driver 331.82
NVIDIA Control Panel 331.93
NVIDIA GeForce Experience 1.8.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.0725
NVIDIA ShadowPlay 10.11.15
NVIDIA Update 10.11.15
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.19
Opera 12.15
Opera Stable 18.0.1284.63
Paint.NET v3.5.10
Photo Common
Photo Gallery
Portal
PS3 Media Server
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Activation Module
Roxio BackOnTrack
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy CD and DVD Burning
Roxio Express Labeler 3
Roxio File Backup
Roxio Update Manager
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SHIELD Streaming
Skype Click to Call
Skype™ 6.11
Sonic CinePlayer Decoder Pack
Source SDK Base 2007
Source SDK Base 2013 Multiplayer
Source SDK Base 2013 Singleplayer
Spelling Dictionaries Support For Adobe Reader 9
Steam
Strongvault Online Backup
Team Fortress 2
THX TruStudio PC
Unity
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VD64Inst
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Winamp
Winamp Detector Plug-in
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Detect
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
1/20/2014 7:16:16 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  amdkmafd RxFilter
1/20/2014 7:15:59 PM, Error: Service Control Manager [7000]  - The SessionLauncher service failed to start due to the following error:  The system cannot find the file specified.
1/20/2014 7:15:44 PM, Error: Service Control Manager [7000]  - The Dock Login Service service failed to start due to the following error:  The system cannot find the file specified.
1/20/2014 7:15:04 PM, Error: Service Control Manager [7024]  - The PS3 Media Server service terminated with service-specific error The system cannot join or substitute a drive to or for a directory on the same drive..
1/18/2014 3:33:07 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
1/16/2014 3:19:46 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
1/16/2014 3:18:35 AM, Error: Service Control Manager [7000]  - The Update Jump Flip service failed to start due to the following error:  The system cannot find the file specified.
1/15/2014 9:01:57 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  and APPID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  to the user Yoho2011\kevin SID (S-1-5-21-2746841257-3173690658-1319258332-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/15/2014 9:01:57 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  and APPID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  to the user Yoho2011\kevin SID (S-1-5-21-2746841257-3173690658-1319258332-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
1/15/2014 3:25:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2913431).
1/15/2014 3:25:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2913602).
1/15/2014 3:25:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2862330).
1/15/2014 3:21:11 AM, Error: Service Control Manager [7031]  - The Update Jump Flip service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
1/15/2014 3:15:40 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:15:40 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
1/15/2014 3:15:40 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
1/15/2014 3:15:38 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/15/2014 3:15:38 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/15/2014 3:15:35 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
1/15/2014 3:15:35 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
1/15/2014 3:15:32 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/15/2014 3:15:25 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/15/2014 3:15:15 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\kevin\ntuser.dat' was corrupted and it has been recovered. Some data might have been lost.
1/15/2014 3:15:11 AM, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:59 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD amdkmafd aswRdr aswRvrt aswSnx aswSP aswVmm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss RxFilter spldr tdx Wanarpv6 WfpLwf
1/15/2014 3:14:59 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
1/15/2014 3:14:59 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:59 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:59 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:59 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:58 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
1/15/2014 3:14:58 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
1/15/2014 3:14:58 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
1/15/2014 3:14:58 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
1/15/2014 3:14:58 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
.
==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.51.2
Run by kevin at 19:45:34 on 2014-01-20
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3031.1287 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
C:\Program Files (x86)\PS3 Media Server\jre\bin\java.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\kevin\AppData\Local\Akamai\netsession_win.exe
C:\Users\kevin\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIHVA.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIIUE.EXE
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Users\kevin\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.



uProxyOverride = <local>;*.local

uURLSearchHooks: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - <orphaned>
mURLSearchHooks: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - <orphaned>
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: {b4de90bb-150d-4b33-95fe-6baac97e1c21} - <orphaned>
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [Akamai NetSession Interface] "C:\Users\kevin\AppData\Local\Akamai\netsession_win.exe"
uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIHVA.EXE /EPT "EPLTarget\P0000000000000000" /M "WorkForce 645"
uRun: [EPLTarget\P0000000000000002] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000002" /M "WF-2540 Series"
uRun: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
uRun: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
uRun: [EPLTarget\P0000000000000003] C:\Windows\System32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000003" /M "WF-2540 Series"
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [sMessaging] C:\Users\kevin\AppData\Local\Strongvault Online Backup\SMessaging.exe
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [bingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [b Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] "C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
StartupFolder: C:\Users\kevin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DOWNLO~1.LNK - C:\Users\kevin\AppData\Roaming\CBS Interactive\Download App\CBSI.AppStore.Main.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: dell.com








TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B4178C9-2293-4EE5-9D50-2C0C4B61AC6F} : DHCPNameServer = 208.180.42.68 208.180.42.100
TCP: Interfaces\{4FC05052-53A7-4AB6-8328-E68876B9C428} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: DVDVideoSoft WebPageAdjuster Class: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -



x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\kevin\AppData\Roaming\Mozilla\Firefox\Profiles\s4m21hmi.default-1365196672664\

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\kevin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\kevin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\kevin\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
---- FIREFOX POLICIES ----
.
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 28f0c248000000000000842b2ba971f4
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15908
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.51:54:45
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119351&tt=210713_nt&tsp=4951
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.mysearchdial.hmpg - true

FF - user.js: extensions.mysearchdial.dfltSrch - true
FF - user.js: extensions.mysearchdial.srchPrvdr - Mysearchdial
FF - user.js: extensions.mysearchdial.dnsErr - true
FF - user.js: extensions.mysearchdial_i.newTab - false


FF - user.js: extensions.mysearchdial.id - 842B2BA971F4C248
FF - user.js: extensions.mysearchdial.instlDay - 16085
FF - user.js: extensions.mysearchdial.vrsn - 1.8.21.0
FF - user.js: extensions.mysearchdial.vrsni - 1.8.21.0
FF - user.js: extensions.mysearchdial_i.vrsnTs - 1.8.21.02:34:45
FF - user.js: extensions.mysearchdial.prtnrId - mysearchdial
FF - user.js: extensions.mysearchdial.prdct - mysearchdial
FF - user.js: extensions.mysearchdial.aflt - irmsd0101
FF - user.js: extensions.mysearchdial_i.smplGrp - none
FF - user.js: extensions.mysearchdial.tlbrId - base
FF - user.js: extensions.mysearchdial.instlRef -
FF - user.js: extensions.mysearchdial.dfltLng -
FF - user.js: extensions.mysearchdial.appId - {CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
FF - user.js: extensions.mysearchdial.excTlbr - false
FF - user.js: extensions.mysearchdial_i.hmpg - true
FF - user.js: extensions.mysearchdial.cr - 28646784
FF - user.js: extensions.mysearchdial.cd - 2XzuyEtN2Y1L1QzuzzyEtB0BtB0B0AzyyBtC0FyE0CtByEzztN0D0Tzu0SyByEyDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T
FF - user.js: extensions.irmysearch.aflt - irmsd0101
FF - user.js: extensions.irmysearch.instlRef -
FF - user.js: extensions.irmysearch.cr - 28646784
FF - user.js: extensions.irmysearch.cd - 2XzuyEtN2Y1L1QzuzzyEtB0BtB0B0AzyyBtC0FyE0CtByEzztN0D0Tzu0SyByEyDtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T
.
.
.
.
.
FF - user.js: extensions.mysearchdial.AL - 2
.
.
.
.
.
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-4-4 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-4-4 207904]
R0 MxEFUF;Matrox Extio Upper Function Filter;C:\Windows\System32\drivers\MxEFUF64.sys [2012-11-18 157696]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-12-8 55856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-4-4 1034464]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-4-4 422216]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-4-4 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-1-8 50344]
R2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-10-23 173272]
R2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [2011-10-21 151648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-8 13336]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-11-5 33528]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2010-11-5 822264]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-12 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-6 15129376]
R2 PS3 Media Server;PS3 Media Server;C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2012-11-27 384280]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-8 1692480]
R2 ubsbm;Unibrain 1394 SBM Driver;C:\Windows\System32\drivers\UBSBM.sys [2013-5-22 24064]
R2 ubumapi;Unibrain 1394 FireAPI Driver;C:\Windows\System32\drivers\UBUMAPI.sys [2013-5-22 92160]
R3 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-8 79672]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2014-1-4 57848]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-11-14 317440]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2013-11-14 458960]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2013-5-22 351520]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2013-5-28 4763680]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-12-20 39200]
R3 pikbd;Pluralinput Keyboard 0.8.6;C:\Windows\System32\drivers\pikbd.sys [2014-1-8 22880]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-12-5 34544]
R3 ubohci;Unibrain 1394 OHCI Driver;C:\Windows\System32\drivers\ubohci.sys [2013-5-22 132608]
R3 ZCLDRV;ZCL Service;C:\Windows\System32\drivers\ZCLDrv64.sys [2014-1-8 71680]
S0 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\drivers\amdkmafd.sys [2013-5-21 21600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe --> C:\Program Files\Dell\DellDock\DockLogin.exe [?]
S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-6-26 57840]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-16 111616]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-13 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-15 19456]
S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]
S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2012-11-14 15712]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-15 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-9 1255736]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-01-17 08:10:54    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73E4666B-2FA1-4061-A80C-09D177CB9E1C}\offreg.dll
2014-01-17 08:09:28    10315576    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73E4666B-2FA1-4061-A80C-09D177CB9E1C}\mpengine.dll
2014-01-15 08:26:01    96168    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 08:10:58    --------    d-----w-    C:\Users\kevin\.android
2014-01-15 08:10:51    --------    d-----w-    C:\Users\kevin\AppData\Local\cache
2014-01-15 08:10:48    --------    d-----w-    C:\Users\kevin\AppData\Local\Mobogenie
2014-01-15 08:10:48    --------    d-----w-    C:\Users\kevin\AppData\Local\genienext
2014-01-15 08:10:35    --------    d-----w-    C:\Program Files (x86)\Mobogenie
2014-01-15 08:06:45    --------    d-----w-    C:\ProgramData\HitmanPro
2014-01-15 07:29:28    --------    d-----w-    C:\Program Files (x86)\GreenTree Applications
2014-01-15 02:41:49    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 02:41:49    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 02:41:49    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 02:41:49    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 02:41:49    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 02:41:49    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 02:41:48    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 02:41:46    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-15 02:41:45    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-08 16:31:25    22880    ----a-w-    C:\Windows\System32\drivers\pikbd.sys
2014-01-08 16:16:54    71680    ----a-w-    C:\Windows\System32\drivers\ZCLDrv64.sys
2014-01-08 16:16:54    425472    ----a-w-    C:\Windows\System32\Zcl64.dll
2014-01-08 16:16:54    42496    ----a-w-    C:\Windows\System32\ZclDrv64.dll
2014-01-08 16:16:54    40960    ----a-w-    C:\Windows\SysWow64\Ccm.dll
2014-01-08 16:16:54    393216    ----a-w-    C:\Windows\SysWow64\Zcl.dll
2014-01-08 16:16:54    36352    ----a-w-    C:\Windows\SysWow64\ZclDrv.dll
2014-01-08 14:46:09    79672    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-01-05 15:25:47    10752    ----a-w-    C:\Windows\System32\E_GCINST.DLL
2014-01-05 15:25:46    83968    ----a-w-    C:\Windows\System32\E_YD4BIUE.DLL
2014-01-05 15:25:46    120320    ----a-w-    C:\Windows\System32\E_YLMIUE.DLL
2014-01-05 03:01:58    57848    ----a-w-    C:\Windows\System32\drivers\HECIx64.sys
2013-12-28 06:06:35    --------    d-----w-    C:\Users\kevin\AppData\Roaming\NVIDIA
2013-12-26 20:38:48    31520    ----a-w-    C:\Windows\System32\nvhdap64.dll
2013-12-26 20:38:48    197408    ----a-w-    C:\Windows\System32\drivers\nvhda64v.sys
2013-12-26 20:38:48    1515296    ----a-w-    C:\Windows\System32\nvhdagenco6420103.dll
.
==================== Find3M  ====================
.
2014-01-15 07:53:41    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 07:53:41    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-08 14:46:04    207904    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-01-08 14:46:04    1034464    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-01-08 14:46:03    78648    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-01-08 14:46:00    43152    ----a-w-    C:\Windows\avastSS.scr
2013-12-10 02:13:11    982232    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2013-12-10 02:13:01    1100248    ----a-w-    C:\Windows\System32\nvspcap64.dll
2013-12-05 08:42:30    39200    ----a-w-    C:\Windows\System32\drivers\nvvad64v.sys
2013-12-05 08:42:26    35104    ----a-w-    C:\Windows\System32\nvaudcap64v.dll
2013-12-05 08:42:26    32544    ----a-w-    C:\Windows\SysWow64\nvaudcap32v.dll
2013-11-26 10:19:07    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ----a-w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ----a-w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ----a-w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ----a-w-    C:\Windows\System32\WMPhoto.dll
2013-11-23 17:42:12    6674208    ----a-w-    C:\Windows\System32\nvcpl.dll
2013-11-23 17:42:12    3490080    ----a-w-    C:\Windows\System32\nvsvc64.dll
2013-11-23 17:42:10    922912    ----a-w-    C:\Windows\System32\nvvsvc.exe
2013-11-23 17:42:10    63776    ----a-w-    C:\Windows\System32\nvshext.dll
2013-11-23 17:42:10    2559776    ----a-w-    C:\Windows\System32\nvsvcr.dll
2013-11-23 17:42:10    219424    ----a-w-    C:\Windows\System32\nvmctray.dll
2013-11-19 08:33:38    267936    ------w-    C:\Windows\System32\MpSigStub.exe
2013-11-14 11:55:27    61216    ----a-w-    C:\Windows\System32\OpenCL.dll
2013-11-14 11:55:27    53024    ----a-w-    C:\Windows\SysWow64\OpenCL.dll
2013-11-14 11:55:24    1884448    ----a-w-    C:\Windows\System32\nvdispco6433182.dll
2013-11-14 11:55:24    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433182.dll
2013-11-12 02:23:09    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-11-12 02:07:29    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-11-05 11:02:16    458960    ----a-w-    C:\Windows\System32\drivers\k57nd60a.sys
2013-10-30 02:32:01    335360    ----a-w-    C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52    301568    ----a-w-    C:\Windows\SysWow64\msieftp.dll
2013-10-25 23:36:26    34544    ----a-w-    C:\Windows\System32\drivers\Smb_driver_Intel.sys
2013-10-24 01:59:53    92544    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2013-10-24 01:59:53    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2013-10-23 10:30:23    1884448    ----a-w-    C:\Windows\System32\nvdispco6433165.dll
2013-10-23 10:30:23    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6433165.dll
.
============= FINISH: 19:49:00.05 ===============
 

Link to post
Share on other sites

Hi, knathaniely: :)

 

 

Thanks for the logs.

 

OOPS!

We actually need those logs posted over in the malware removal section. :)

 

It looks as if you already have an open, working topic with MrCharlie >>HERE<<.

 

Please stay with him in that topic until he gives you the "all clear".

 

Thanks very much for your patience and understanding,

 

daledoc1

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.