Jump to content

Recommended Posts

Hi

 

I was wondering if anyone could help me with my problem. 

 

They other day I tried using Yahoo Video Conferencing and I got video but no sound.  I then tried to load some new software from a disk but it would not work.  My drive was working fine previous to the Yahoo Video attempt.  When I attempt to run the DVD drive my computer tells me this,

 

Insert disk
Please insert a disk into Drive (E:).

 

Microsoft Support says this,

 

This problem occurs because of an error in the Mcicda.dll file. 

 

Microsoft Suport does not tell me how to fix the problem.  I currently on using Microsoft Vista.

 

Thanks in advance,

Jen

Link to post
Share on other sites

I have tried both DVDs and CDs with no luck.  I have also uninstalled the drive and rebooted my computer.  Nothing worked.  I'm afraid that if I go out and by a new DVD drive I will still have the problem because of the bad file.  Any suggestions?

 

 

Thanks in advance,

Jen

Link to post
Share on other sites

If you like we can review some logs to see if we can find any issues, but it would be nice if you can either borrow a spare DVD drive for a friend to test or get a new one to test.. they are not that expensive... If you like, please provide the logs below so we can look through them and see if we find any issues...

STEP 1

NOTE: If you have Win8/8.1 Skip Step 1 and go to Step 2 as DDS does not work on Win8/8.1

Please run the DDS scanner and send back both logs as attachments to your next reply.

Download DDS from one of the locations below and save it to your Desktop:

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include both of the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
STEP 2

Please run mbam-check and send back the log as an attachment to your next reply.

  • Download mbam-check.exe from HERE and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post; instead please attach to your next reply the CheckResults.txt log file which should now be located on your desktop.
STEP 3

Please run the FRST tool and send back both logs as attachments to your next reply.

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system - that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your next reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your next reply.
Link to post
Share on other sites

Opps here is the FRST.text.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jen (administrator) on OUR-CPU on 07-04-2014 20:20:20
Running from C:\Users\Jen\Downloads
Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSr64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Western Digital Technologies, Inc.) C:\Windows\SysWOW64\WDBtnMgr.exe
(Yahoo! Inc) C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe
() C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\NOTEPAD.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WPCUMI] - C:\Windows\system32\WpcUmi.exe [182784 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [skytel] - Skytel.exe
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6431232 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [1683456 2007-08-07] (Dell Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Button Manager] - WDBtnMgr.exe
HKLM-x32\...\Run: [YSearchProtection] - C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-24] (Sonic Solutions)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [eBook Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe [902504 2009-10-19] (Sony Corporation)
HKLM-x32\...\Run: [DMXLauncher] - C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe [113136 2008-05-24] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] - "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2005-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Nena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Nena.Our-CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\protected\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5090116
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2929250
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2929250
SearchScopes: HKCU - {2964F230-6750-4F92-8A6A-FC0FFD9B8656} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {DE83D8E5-54D8-4CE6-AAFD-AD7D0B8E4CCC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} -  No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {CE7499E7-AF3C-4662-AC92-454212345DDB} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 19 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default
FF Homepage: rr.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @real.com/npracplug;version=1.0.0.0 - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.8.1 - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Extension: NoScript - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-09-24]
FF Extension: Adblock Plus - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======

CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
CHR Plugin: (eBook Library) - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.8.1) - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-12-20] ()
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-18] (Andrea Electronics Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2008-05-24] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2008-05-24] (Sonic Solutions)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1889792 2007-08-07] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 Msi_ssvawt; No ImagePath
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2008-07-21] (Windows ® Codename Longhorn DDK provider)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 20:20 - 2014-04-07 20:20 - 00025397 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-07 20:20 - 2014-04-07 20:20 - 00000000 ____D () C:\FRST
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:35 - 2014-04-04 16:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:02 - 2014-04-01 13:03 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:08 - 2014-03-30 16:11 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-28 19:01 - 2014-03-28 19:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:20 - 2014-03-20 00:22 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize
2014-03-13 03:02 - 2014-02-23 00:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 03:02 - 2014-02-22 23:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 03:02 - 2014-02-22 23:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 03:02 - 2014-02-22 23:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 03:02 - 2014-02-22 23:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 03:02 - 2014-02-22 23:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 03:02 - 2014-02-22 23:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 03:02 - 2014-02-22 23:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 03:02 - 2014-02-22 23:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 03:02 - 2014-02-22 23:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 03:02 - 2014-02-22 23:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 03:02 - 2014-02-22 23:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 03:02 - 2014-02-22 23:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 03:02 - 2014-02-22 23:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 03:02 - 2014-02-22 23:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 03:02 - 2014-02-22 23:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 03:02 - 2014-02-22 22:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 03:02 - 2014-02-22 22:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 03:02 - 2014-02-22 22:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 03:02 - 2014-02-22 22:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 03:02 - 2014-02-22 22:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 03:02 - 2014-02-22 22:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 03:02 - 2014-02-22 22:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-13 03:02 - 2014-02-22 22:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 03:02 - 2014-02-22 22:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 03:02 - 2014-02-22 22:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 03:02 - 2014-02-22 22:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 03:02 - 2014-02-22 22:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 03:02 - 2014-02-22 22:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 03:02 - 2014-02-22 22:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 03:02 - 2014-02-22 22:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 03:02 - 2014-02-22 22:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 17:14 - 2014-02-07 05:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:14 - 2014-02-03 06:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:14 - 2014-02-03 03:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:14 - 2014-01-30 03:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:14 - 2014-01-30 00:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:14 - 2013-11-12 18:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-12 17:14 - 2013-11-12 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-07 20:20 - 2014-04-07 20:20 - 00025397 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-07 20:20 - 2014-04-07 20:20 - 00000000 ____D () C:\FRST
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-07 20:05 - 2013-10-18 14:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 20:03 - 2010-03-25 14:00 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 18:46 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 18:46 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 16:59 - 2009-01-16 08:07 - 01989129 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 07:03 - 2010-03-25 14:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 01:12 - 2009-01-23 23:38 - 00120832 _____ () C:\Users\Jen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-06 22:08 - 2009-02-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:53 - 2006-11-02 05:46 - 00822840 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-04 16:47 - 2009-01-16 13:22 - 00000288 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-04-04 16:47 - 2006-11-02 08:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 16:45 - 2006-11-02 08:42 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-04 16:36 - 2014-04-04 16:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-02 03:02 - 2013-02-27 05:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 15:23 - 2012-08-30 10:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-04-01 15:23 - 2010-03-25 13:49 - 00120832 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 14:49 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:24 - 2006-11-02 08:21 - 00415736 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 13:23 - 2012-09-23 19:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 13:23 - 2012-08-23 15:07 - 00121146 _____ () C:\Windows\PFRO.log
2014-04-01 13:06 - 2012-06-17 22:42 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:03 - 2014-04-01 13:02 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 13:03 - 2012-06-17 22:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:26 - 2009-01-16 13:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-30 16:11 - 2014-03-30 16:08 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:07 - 2012-09-10 23:45 - 00011828 _____ () C:\Windows\setupact.log
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-30 16:02 - 2009-01-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-30 16:02 - 2006-11-02 08:07 - 00000000 ____D () C:\Windows\ShellNew
2014-03-30 16:02 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\Help
2014-03-30 15:59 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\system
2014-03-29 01:14 - 2014-02-14 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-28 19:02 - 2014-03-28 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 06:58 - 2010-03-25 14:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 06:58 - 2010-03-25 14:00 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:22 - 2014-03-20 00:20 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize
2014-03-20 00:20 - 2009-01-23 23:34 - 00000000 ____D () C:\Users\Jen
2014-03-18 03:05 - 2013-08-15 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 03:00 - 2006-11-02 05:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-13 03:40 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\rescache
2014-03-13 03:20 - 2009-02-08 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 00:32 - 2012-06-17 22:47 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-03-11 18:05 - 2013-10-18 14:08 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 18:05 - 2012-05-23 07:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 18:05 - 2011-10-06 20:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-11 09:52 - 2012-08-30 22:03 - 00133928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NisDrvWFP.sys

Files to move or delete:
====================
C:\Users\Jen\AppData\Roaming\desktop.ini


Some content of TEMP:
====================
C:\Users\Jen\AppData\Local\Temp\APNStub.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\JREInstall??.exe
C:\Users\Jen\AppData\Local\Temp\mssinstaller.exe
C:\Users\Jen\AppData\Local\Temp\NEW14C4.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 17:27

==================== End Of Log ============================

Link to post
Share on other sites

  • Root Admin

The computer is having some issues that may be software conflict related or it could be that your computer is infected.

 

Is this a work computer ?

Is this a virtual workstation ?

 

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.


Thanks

==== Event Viewer Messages From Past Week ========.4/7/2014 3:03:10 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Office XP Service Pack 3.4/7/2014 10:11:07 AM, Error: bowser [8003]  - The master browser has received a server announcement from the computer CHARLIE-VAIO that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2F23932D-DF9C-47F4-AFE7-E7855F016713}. The master browser is stopping or an election is being forced.4/4/2014 4:49:33 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.      Feature: Network Inspection System      Error Code: 0x8007041d      Error description: The service did not respond to the start or control request in a timely fashion.       Reason: The system is missing updates that are required for running Network Inspection System.  Install the required updates and restart the computer.4/4/2014 4:49:30 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft Network Inspection service to connect.4/4/2014 4:49:30 PM, Error: Service Control Manager [7000]  - The Microsoft Network Inspection service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.4/4/2014 4:48:57 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Beep4/4/2014 4:48:43 PM, Error: Service Control Manager [7022]  - The Client Virtualization Handler service hung on starting.4/3/2014 10:24:55 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.1.8 for the Network Card with network address 00234EC02861 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).4/1/2014 3:51:28 PM, Error: netbt [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.8. The computer with the IP address 192.168.1.6 did not allow the name to be claimed by this computer.4/1/2014 3:18:57 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.4/1/2014 3:18:57 PM, Error: Service Control Manager [7001]  - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.4/1/2014 3:18:57 PM, Error: Service Control Manager [7000]  - The Application Virtualization Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.4/1/2014 3:12:28 PM, Error: volsnap [20]  - The shadow copies of volume C: were aborted because of a failed free space computation.4/1/2014 10:34:11 PM, Error: netbt [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.8. The computer with the IP address 192.168.1.5 did not allow the name to be claimed by this computer..==== End Of File ===========================
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.