Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

A device connected to your computer... Problem


  • This topic is locked This topic is locked
86 replies to this topic

#1 dmssargent

dmssargent

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 31 May 2013 - 12:19 PM

This problem appears to malware, yet nothing I run can remove it or even detect it. After it starts anything wanting elavation does not run, including basically even single anti-malware software currently avaible. It only starts after doing something in Windows Explorer to present UAC prompt twice. Then afterwards everything wants an elvation presents the exact same error message. "A device attached to the computer in not working properly." Yet, everything in Device Manager looks okay and the fact I have access to Device Manager and Task Manager. It seems to block Rkill, Malwarebytes, RogueKiller, and TDSSKiller. It appears not happen in Safe Mode. I will get a DDS log ASAP.

 

Edit: Since I needed to do I reboot and I am new here I figured I should attach the first DDS log to the first post. I also wanted to finish my description. Since the "infection" my computer lags about 1000% more and boot times went from 57 seconds to 4 minutes. I was doing spring cleaning before it started.

 

LOG:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16483
Run by David at 12:26:47 on 2013-05-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7927.6395 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
c:\program files\soluto\soluto.exe
C:\windows\system32\Dwm.exe
C:\windows\explorer.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k ftpsvc
C:\windows\System32\svchost.exe -k LPDService
C:\windows\system32\mfevtps.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\System32\tcpsvcs.exe
C:\windows\System32\snmp.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\windows\explorer.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\windows\System32\alg.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\WUDFHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=avantsearch6
mStart Page = hxxp://www.google.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uWinlogon: Shell = expstart.exe
mWinlogon: Userinit = userinit.exe,
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSnc.20130529132902.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cleanup.bat
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
LSP: %windir%\system32\vsocklib.dll
DPF: {10000000-1000-1000-1000-100000000000} - hxxp://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{670E2375-31E8-4028-9185-98545737127C} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\473757E616D696 : DHCPNameServer = 164.58.253.10 164.58.233.202
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSnc.20130529132901.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2013-5-6 82560]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2013-5-6 42624]
R0 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-5-15 74560]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2012-11-9 771096]
R0 Soluto;Soluto;C:\windows\System32\drivers\Soluto.sys [2013-2-4 54728]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-5-29 70296]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2012-11-9 339776]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-6-19 66040]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 ftpsvc;Microsoft FTP Service;C:\windows\System32\svchost.exe -k ftpsvc [2009-7-13 27136]
R2 iPodDrv;iPodDrv;C:\windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-5 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-5 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-1-5 182312]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2012-12-16 46136]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2012-11-9 69672]
R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\windows\System32\drivers\hcw72ADFilter.sys [2010-4-23 38656]
R3 hcw72ATV;WinTV HVR-950 NTSC;C:\windows\System32\drivers\hcw72ATV.sys [2010-4-23 1631488]
R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\windows\System32\drivers\hcw72DTV.sys [2010-4-23 1634176]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2013-5-15 197264]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2013-4-27 103536]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2012-11-9 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-2 35008]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2010-4-26 1103904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 HP8207_8307;HP-HP8207_8307;C:\windows\System32\drivers\HP8207_8307.sys [2010-2-5 15360]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2012-5-27 15360]
S3 pnetmdm;PdaNet Modem;C:\windows\System32\drivers\pnetmdm64.sys [2012-5-27 17920]
S3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-29 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-3-2 239136]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2012-5-27 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-29 57856]
S3 VBoxUSB;VirtualBox USB;C:\windows\System32\drivers\VBoxUSB.sys [2012-3-14 117040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-2 1255736]
S3 WMSVC;Web Management Service;C:\windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-2 202752]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
S4 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-3 201304]
S4 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S4 PuranDefrag;PuranDefrag;C:\windows\System32\PuranDefragS.exe [2012-4-1 289792]
S4 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
S4 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S4 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-2-3 183264]
S4 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-2-3 1239552]
S4 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-2-3 552928]
S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-2 54136]
S4 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]
S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S4 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
.
=============== Created Last 30 ================
.
2013-05-31 18:50:38 2870272 ----a-w- C:\windows\explorer.exe
2013-05-31 18:49:26 2870272 ----a-w- C:\explorer.exe
2013-05-31 18:31:46 975872 ----a-w- C:\windows\SysWow64\basebrd.dll
2013-05-31 18:30:56 975872 ----a-w- C:\windows\System32\basebrd.dll
2013-05-31 18:29:50 3894784 ----a-w- C:\windows\SysWow64\authui.dll
2013-05-31 17:20:45 688992 ------r- C:\Users\David\dds.com
2013-05-31 15:12:55 3894784 ----a-w- C:\windows\System32\authui.dll
2013-05-31 13:36:34 -------- d-----w- C:\Program Files (x86)\ESET
2013-05-31 07:55:25 -------- d-----w- C:\Users\David\AppData\Local\Temp
2013-05-31 03:43:40 -------- d-----w- C:\ProgramData\Best Buy pc app
2013-05-31 03:41:46 -------- d-----w- C:\Users\David\AppData\Local\PackageAware
2013-05-31 03:07:47 -------- d-----w- C:\Program Files (x86)\EMET
2013-05-31 01:59:34 925184 ----a-w- C:\windows\expstart.exe
2013-05-31 01:59:08 2871808 ----a-w- C:\windows\explorer.backup.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_edit_w7upfc.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_backup_w7upfc.exe
2013-05-31 01:57:55 2792960 ----a-w- C:\windows\explorer2.exe
2013-05-31 01:57:55 -------- d-----w- C:\windows\w7upfc
2013-05-31 01:50:36 1865728 ----a-w- C:\windows\SysWow64\ExplorerFrame.dll
2013-05-31 01:30:31 332288 ----a-w- C:\windows\System32\uxtheme.dll.backup
2013-05-31 01:30:27 2851840 ----a-w- C:\windows\System32\themeui.dll.backup
2013-05-31 01:30:23 44544 ----a-w- C:\windows\System32\themeservice.dll.backup
2013-05-30 22:44:34 -------- d-----w- C:\Users\David\AppData\Local\Vlite
2013-05-30 21:45:56 22096 ----a-w- C:\windows\System32\drivers\wimfltr.sys
2013-05-30 20:56:04 -------- d-----w- C:\Program Files\Windows Imaging
2013-05-30 20:55:35 -------- d-----w- C:\Program Files\Windows AIK
2013-05-30 20:44:04 -------- d-----w- C:\Program Files (x86)\WinDirStat
2013-05-30 19:30:30 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2013-05-30 02:21:58 -------- d-----w- C:\Program Files (x86)\vLite
2013-05-29 22:46:21 -------- d-----w- C:\Users\David\AppData\Local\VMware
2013-05-29 22:44:14 70296 ----a-w- C:\windows\System32\drivers\vsock.sys
2013-05-29 22:44:14 67224 ----a-w- C:\windows\System32\vsocklib.dll
2013-05-29 22:44:14 63128 ----a-w- C:\windows\SysWow64\vsocklib.dll
2013-05-29 22:42:15 67664 ----a-w- C:\windows\System32\drivers\vmx86.sys
2013-05-29 22:42:14 33360 ----a-w- C:\windows\System32\drivers\VMkbd.sys
2013-05-29 22:40:02 357456 ----a-w- C:\windows\SysWow64\vmnetdhcp.exe
2013-05-29 22:39:58 436304 ----a-w- C:\windows\SysWow64\vmnat.exe
2013-05-29 22:39:58 30800 ----a-w- C:\windows\System32\drivers\vmnetuserif.sys
2013-05-29 22:39:49 933968 ----a-w- C:\windows\System32\vnetlib64.dll
2013-05-29 22:38:50 52376 ----a-w- C:\windows\System32\drivers\hcmon.sys
2013-05-29 22:37:43 -------- d-----w- C:\Program Files\Common Files\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2013-05-29 20:19:53 -------- d-----w- C:\Users\David\AppData\Local\Supremus Corporation
2013-05-29 19:08:28 -------- d-----w- C:\ie10
2013-05-29 19:07:10 846864 ----a-w- C:\IE10-Windows6.1-en-us.exe
2013-05-29 18:37:07 -------- d-----w- C:\windows\System32\RT 7 Lite
2013-05-29 18:36:59 -------- d-----w- C:\Program Files\Rockers Team
2013-05-29 17:55:53 -------- d-----w- C:\win7
2013-05-29 17:36:17 -------- d-----w- C:\Users\David\.android
2013-05-29 17:35:06 971680 ----a-w- C:\windows\System32\deployJava1.dll
2013-05-29 17:35:06 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-05-29 17:35:00 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-05-23 14:54:37 -------- d-----w- C:\res
2013-05-23 14:54:09 -------- d-----w- C:\Users\David\AppData\Local\Nikon
2013-05-23 02:40:35 61440 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-05-23 02:39:33 -------- d-----w- C:\Program Files (x86)\Common Files\Nikon
2013-05-23 02:39:24 -------- d-----w- C:\ProgramData\Filters
2013-05-23 02:38:21 -------- d-----w- C:\Program Files\Common Files\Nikon
2013-05-23 02:38:13 -------- d-----w- C:\Program Files (x86)\Nikon
2013-05-23 02:38:07 -------- d-----w- C:\Program Files\Nikon
2013-05-23 02:38:05 106496 ----a-w- C:\windows\SysWow64\ATL71.DLL
2013-05-23 02:37:54 -------- d-----w- C:\ProgramData\Font Book
2013-05-23 02:37:52 -------- d-----w- C:\ProgramData\Error Handlers
2013-05-23 02:37:23 -------- d-----w- C:\Users\David\AppData\Local\Downloaded Installations
2013-05-23 02:37:00 -------- d-----w- C:\ProgramData\Organic
2013-05-22 02:04:34 -------- d-----w- C:\Program Files\iPod
2013-05-22 02:04:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-22 02:04:33 -------- d-----w- C:\Program Files\iTunes
2013-05-22 02:04:33 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-22 02:01:33 -------- d-----w- C:\Program Files\Bonjour
2013-05-22 02:01:33 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-05-19 10:54:27 97176 ----a-w- C:\windows\SysWow64\ElbyCDIO.dll
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-05-16 01:25:30 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Downloader
2013-05-16 01:25:27 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Profiles
2013-05-16 01:14:34 -------- d-----w- C:\Program Files (x86)\Avant Browser
2013-05-15 23:46:38 74560 ----a-w- C:\windows\System32\drivers\McPvDrv.sys
2013-05-15 23:46:07 197264 ----a-w- C:\windows\System32\drivers\HipShieldK.sys
2013-05-15 22:09:07 -------- d-sh--w- C:\Users\David\AppData\Local\ms-drivers
2013-05-15 22:09:04 -------- d-----w- C:\Users\David\AppData\Local\MetaGeek,_LLC
2013-05-15 21:37:35 1930752 ----a-w- C:\windows\System32\authui_old.dll
2013-05-15 21:37:33 1796096 ----a-w- C:\windows\SysWow64\authui_old.dll
2013-05-15 21:37:33 111448 ----a-w- C:\windows\System32\consent.exe
2013-05-15 21:37:32 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-05-15 21:36:07 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-15 21:36:07 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-05-15 21:36:06 144384 ----a-w- C:\windows\System32\cdd.dll
2013-05-15 21:36:04 230400 ----a-w- C:\windows\System32\wwansvc.dll
2013-05-15 21:36:03 48640 ----a-w- C:\windows\System32\wwanprotdim.dll
2013-05-15 21:35:59 3153920 ----a-w- C:\windows\System32\win32k.sys
2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-07 23:53:45 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2013-05-06 12:51:53 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2013-05-06 12:47:42 82560 ----a-w- C:\windows\System32\drivers\amd_sata.sys
2013-05-06 12:47:42 42624 ----a-w- C:\windows\System32\drivers\amd_xata.sys
2013-05-06 12:47:42 16552 ----a-w- C:\windows\System32\drivers\AtiPcie64.sys
2013-05-05 14:58:59 -------- d-----w- C:\Fonts
.
==================== Find3M  ====================
.
2013-05-31 01:30:31 332288 ----a-w- C:\windows\System32\uxtheme.dll
2013-05-31 01:30:27 2851840 ----a-w- C:\windows\System32\themeui.dll
2013-05-31 01:30:23 44544 ----a-w- C:\windows\System32\themeservice.dll
2013-05-15 02:50:36 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 02:50:36 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-04-27 15:53:34 866720 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
2013-04-27 15:53:34 788896 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-04-25 01:37:57 129944 ----a-w- C:\windows\SysWow64\ElbyVCD.dll
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-07 00:55:00 2448384 ----a-w- C:\windows\SysWow64\python27.dll
2013-04-05 01:08:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-04-05 01:00:30 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-04-05 00:59:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-04-05 00:56:16 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-04-05 00:55:47 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-04-04 22:11:34 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-04-04 19:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-11 00:49:12 36352 ----a-w- C:\windows\System32\drivers\VClone.sys
2013-03-04 12:24:27 40344 ----a-w- C:\windows\System32\drivers\ElbyCDIO.sys
2012-05-25 08:20:21 3993600 ----a-w- C:\Program Files (x86)\GUT9EC0.tmp
.
============= FINISH: 12:30:22.70 ===============
 
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 3/2/2012 7:40:02 PM
System Uptime: 5/31/2013 12:21:43 PM (0 hours ago)
.
Motherboard: AMD Corp. |  | Guam
Processor: AMD Athlon™ II P320 Dual-Core Processor | Socket S1G4 | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 287 GiB total, 146.199 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft Virtual WiFi Miniport Adapter
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&C7EAC44&0&01
Manufacturer: Microsoft
Name: Microsoft Virtual WiFi Miniport Adapter
PNP Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP\5&C7EAC44&0&01
Service: vwifimp
.
==== System Restore Points ===================
.
RP286: 5/30/2013 8:37:58 PM - Pre-8
RP287: 5/30/2013 10:07:00 PM - Installed EMET
RP288: 5/30/2013 10:39:58 PM - Removed Academic Fitness Control Panel
RP289: 5/30/2013 10:40:28 PM - Removed Advanced Archive Password Recovery
RP290: 5/30/2013 10:41:06 PM - Removed Panorama Maker
RP291: 5/30/2013 10:48:19 PM - Removed inSSIDer 3
RP292: 5/30/2013 10:48:57 PM - Removed Java 7 Update 21
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 12.0
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Avant Browser (remove only)
Best Buy pc app
Bonjour
Canon Easy-PhotoPrint EX
Canon IJ Network Tool
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
doubleTwist
Dropbox
EMET
ESET Online Scanner v3
F.lux
Free YouTube Downloader HD 3.1.2
GameMaker 8.1
Google Chrome
Google Earth Plug-in
Google Update Helper
Greeting Card Factory Deluxe 9.0
Internet TV for Windows Media Center
iTunes
Java 7 Update 21 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 21 (64-bit)
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Mavis Beacon Platinum - 25th Anniv. Ed.
McAfee Online Backup
McAfee Total Protection
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Access database engine 2010 (English)
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2010
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft WSE 3.0 Runtime
Movie Maker
MSVC90_x64
MSVC90_x86
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Nikon Message Center 2
Nikon Movie Editor
NirSoft BlueScreenView
Origin
PC Connectivity Solution
Photo Common
Photo Gallery
PreReq
Puran Defrag 7.3
Puran Defrag Free Edition 7.3
PyScripter 2.5.3
Python 2.7.4
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Recuva
Revo Uninstaller 1.94
RT 7 Lite (64-Bit)
RT 7 Lite x64
s3pe - Sims3 Package Editor
Secunia PSI (3.0.0.6005)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shared C Run-time for x64
Skype™ 6.3
SlimDrivers
Soluto
Speccy
Synaptics Pointing Device Driver
tools-windows
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
ViewNX 2
Virtual City
Virtual City 2: Paradise Resort
VirtualCloneDrive
vLite
VMware Player
WildTangent Games
WildTangent Games App
WildTangent Games App (Toshiba Games)
WinDirStat 1.1.2
Windows Automated Installation Kit
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
XnConvert 1.55
.
==== Event Viewer Messages From Past Week ========
.
5/31/2013 8:59:05 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34}
5/31/2013 8:13:18 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
5/31/2013 12:27:29 PM, Error: Service Control Manager [7024]  - The IIS Admin Service service terminated with service-specific error %%-2146893818.
5/31/2013 12:25:17 PM, Error: Service Control Manager [7001]  - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.
5/31/2013 12:24:59 PM, Error: SNMP [1500]  - The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
5/31/2013 12:24:58 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Net.Tcp Port Sharing Service service to connect.
5/31/2013 12:24:58 PM, Error: Service Control Manager [7000]  - The Net.Tcp Port Sharing Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
5/31/2013 12:21:46 PM, Error: volmgr [46]  - Crash dump initialization failed!
5/31/2013 12:03:23 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
5/31/2013 12:00:42 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
5/31/2013 12:00:42 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
5/31/2013 11:24:28 AM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
5/31/2013 10:54:34 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
5/31/2013 10:54:31 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
5/31/2013 10:54:31 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
5/31/2013 10:54:23 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
5/31/2013 10:54:04 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache ElbyCDIO MOBKFilter Soluto spldr Wanarpv6
5/31/2013 10:54:04 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
5/31/2013 10:53:59 AM, Error: Service Control Manager [7001]  - The LPD Service service depends on the Print Spooler service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 9:43:21 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Net.Pipe Listener Adapter service to connect.
5/30/2013 9:43:21 PM, Error: Service Control Manager [7000]  - The Net.Pipe Listener Adapter service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
5/30/2013 9:42:45 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Soluto PCGenome Core Service service to connect.
5/30/2013 9:42:45 PM, Error: Service Control Manager [7000]  - The Soluto PCGenome Core Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
5/30/2013 6:16:50 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004]  - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
5/30/2013 6:16:40 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 00-22-FA-1D-0B-2C. Network operations on this system may be disrupted as a result.
5/30/2013 11:58:55 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
5/30/2013 11:58:55 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
5/30/2013 11:58:40 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD DfsC discache ElbyCDIO mfehidk mfewfpk MOBKFilter NetBIOS NetBT nsiproxy Psched rdbss Soluto spldr Tcpip tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
5/30/2013 11:58:38 PM, Error: Service Control Manager [7001]  - The TCP/IP Registry Compatibility service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:38 PM, Error: Service Control Manager [7001]  - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:38 PM, Error: Service Control Manager [7001]  - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:38 PM, Error: Service Control Manager [7001]  - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:38 PM, Error: Service Control Manager [7001]  - The McAfee Anti-Malware Core service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Simple TCP/IP Services service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
5/30/2013 11:58:18 PM, Error: Service Control Manager [7001]  - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
.
==== End Of File ===========================
 
.
 

Edited by dmssargent, 31 May 2013 - 12:47 PM.


BC AdBot (Login to Remove)

 


#2 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 31 May 2013 - 05:26 PM

I ran a SFC scan that found at least a 100 corrupt files but it repaired everything except explorer.exe and everything within the Windows folder with the same name. I have re-install my mouse driver to fix the laging issue every reboot. I have a re-installation disk for Windows as well as recovery DVDs from the manufacturer, Linux live CD and a standard recovery CD.



#3 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 02 June 2013 - 09:17 PM

The lag was fixed by re-installing the mouse driver. The original problem remains. I can elvate (via UAC) anything as long as I do not have made any changes via explorer to folders that require authorization. My computer is now in a usable state. Any ideas? New DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16483
Run by David at 21:12:03 on 2013-06-02
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7927.4042 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
c:\program files\soluto\soluto.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\EMET\EMET_notifier.exe
C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k ftpsvc
C:\windows\System32\svchost.exe -k LPDService
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\mfevtps.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\System32\tcpsvcs.exe
C:\windows\System32\snmp.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\System32\alg.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\windows\splwow64.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files\Puran Defrag\PuranADT.exe
C:\windows\system32\PuranDefragS.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\windows\SysWOW64\vmnat.exe
C:\program files (x86)\secunia\psi\psi_tray.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\doubleTwist 2.0\doubleTwist.DeviceHelper.exe
C:\program files (x86)\mcafee online backup\mobkstat.exe
C:\Users\David\Local Settings\Apps\F.lux\flux.exe
C:\windows\system32\taskeng.exe
C:\Windows\System32\cleanmgr.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=avantsearch6
mStart Page = hxxp://www.google.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSnc.20130529132902.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cleanup.bat
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
LSP: %windir%\system32\vsocklib.dll
DPF: {10000000-1000-1000-1000-100000000000} - hxxp://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{670E2375-31E8-4028-9185-98545737127C} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\473757E616D696 : DHCPNameServer = 164.58.253.10 164.58.233.202
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSnc.20130529132901.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2013-5-6 82560]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2013-5-6 42624]
R0 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-5-15 74560]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2012-11-9 771096]
R0 Soluto;Soluto;C:\windows\System32\drivers\Soluto.sys [2013-2-4 54728]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-5-29 70296]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2012-11-9 339776]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-6-19 66040]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-2 202752]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 ftpsvc;Microsoft FTP Service;C:\windows\System32\svchost.exe -k ftpsvc [2009-7-13 27136]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 iPodDrv;iPodDrv;C:\windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-3 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-5 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-5 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-1-5 182312]
R2 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-2-3 183264]
R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-2-3 552928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2012-12-16 46136]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2012-11-9 69672]
R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\windows\System32\drivers\hcw72ADFilter.sys [2013-4-9 38656]
R3 hcw72ATV;WinTV HVR-950 NTSC;C:\windows\System32\drivers\hcw72ATV.sys [2013-4-9 1667328]
R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\windows\System32\drivers\hcw72DTV.sys [2013-4-9 1669760]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2013-5-15 197264]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2013-4-27 103536]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2012-11-9 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-2 35008]
R3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
R3 PuranDefrag;PuranDefrag;C:\windows\System32\PuranDefragS.exe [2012-4-1 289792]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2010-4-26 1103904]
R3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-2 54136]
R3 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 HP8207_8307;HP-HP8207_8307;C:\windows\System32\drivers\HP8207_8307.sys [2010-2-5 15360]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2012-5-27 15360]
S3 pnetmdm;PdaNet Modem;C:\windows\System32\drivers\pnetmdm64.sys [2012-5-27 17920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-29 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-3-2 239136]
S3 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
S3 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-2-3 1239552]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2012-5-27 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 SWDUMon;SWDUMon;C:\windows\System32\drivers\SWDUMon.sys [2013-4-27 16152]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-29 57856]
S3 VBoxUSB;VirtualBox USB;C:\windows\System32\drivers\VBoxUSB.sys [2012-3-14 117040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-2 1255736]
S3 WMSVC;Web Management Service;C:\windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S4 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
.
=============== Created Last 30 ================
.
2013-05-31 19:07:00 -------- d-----w- C:\Users\David\AppData\Roaming\Logishrd
2013-05-31 18:54:45 -------- d-----w- C:\Users\David\AppData\Local\ElevatedDiagnostics
2013-05-31 18:50:38 2871808 ----a-w- C:\windows\explorer.exe
2013-05-31 18:49:26 2870272 ----a-w- C:\explorer.exe
2013-05-31 18:31:46 975872 ----a-w- C:\windows\SysWow64\basebrd.dll
2013-05-31 18:30:56 975872 ----a-w- C:\windows\System32\basebrd.dll
2013-05-31 17:20:45 688992 ------r- C:\Users\David\dds.com
2013-05-31 13:36:34 -------- d-----w- C:\Program Files (x86)\ESET
2013-05-31 07:55:25 -------- d-----w- C:\Users\David\AppData\Local\Temp
2013-05-31 03:43:40 -------- d-----w- C:\ProgramData\Best Buy pc app
2013-05-31 03:41:46 -------- d-----w- C:\Users\David\AppData\Local\PackageAware
2013-05-31 03:07:47 -------- d-----w- C:\Program Files (x86)\EMET
2013-05-31 01:59:34 925184 ----a-w- C:\windows\expstart.exe
2013-05-31 01:59:08 2871808 ----a-w- C:\windows\explorer.backup.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_edit_w7upfc.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_backup_w7upfc.exe
2013-05-31 01:57:55 2792960 ----a-w- C:\windows\explorer2.exe
2013-05-31 01:57:55 -------- d-----w- C:\windows\w7upfc
2013-05-31 01:30:31 332288 ----a-w- C:\windows\System32\uxtheme.dll.backup
2013-05-31 01:30:27 2851840 ----a-w- C:\windows\System32\themeui.dll.backup
2013-05-31 01:30:23 44544 ----a-w- C:\windows\System32\themeservice.dll.backup
2013-05-30 22:44:34 -------- d-----w- C:\Users\David\AppData\Local\Vlite
2013-05-30 21:45:56 22096 ----a-w- C:\windows\System32\drivers\wimfltr.sys
2013-05-30 20:56:04 -------- d-----w- C:\Program Files\Windows Imaging
2013-05-30 20:55:35 -------- d-----w- C:\Program Files\Windows AIK
2013-05-30 20:44:04 -------- d-----w- C:\Program Files (x86)\WinDirStat
2013-05-30 19:30:30 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2013-05-30 02:21:58 -------- d-----w- C:\Program Files (x86)\vLite
2013-05-29 22:46:21 -------- d-----w- C:\Users\David\AppData\Local\VMware
2013-05-29 22:44:14 70296 ----a-w- C:\windows\System32\drivers\vsock.sys
2013-05-29 22:44:14 67224 ----a-w- C:\windows\System32\vsocklib.dll
2013-05-29 22:44:14 63128 ----a-w- C:\windows\SysWow64\vsocklib.dll
2013-05-29 22:42:15 67664 ----a-w- C:\windows\System32\drivers\vmx86.sys
2013-05-29 22:42:14 33360 ----a-w- C:\windows\System32\drivers\VMkbd.sys
2013-05-29 22:40:02 357456 ----a-w- C:\windows\SysWow64\vmnetdhcp.exe
2013-05-29 22:39:58 436304 ----a-w- C:\windows\SysWow64\vmnat.exe
2013-05-29 22:39:58 30800 ----a-w- C:\windows\System32\drivers\vmnetuserif.sys
2013-05-29 22:39:49 933968 ----a-w- C:\windows\System32\vnetlib64.dll
2013-05-29 22:38:50 52376 ----a-w- C:\windows\System32\drivers\hcmon.sys
2013-05-29 22:37:43 -------- d-----w- C:\Program Files\Common Files\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2013-05-29 20:19:53 -------- d-----w- C:\Users\David\AppData\Local\Supremus Corporation
2013-05-29 19:08:28 -------- d-----w- C:\ie10
2013-05-29 19:07:10 846864 ----a-w- C:\IE10-Windows6.1-en-us.exe
2013-05-29 18:37:07 -------- d-----w- C:\windows\System32\RT 7 Lite
2013-05-29 18:36:59 -------- d-----w- C:\Program Files\Rockers Team
2013-05-29 17:55:53 -------- d-----w- C:\win7
2013-05-29 17:36:17 -------- d-----w- C:\Users\David\.android
2013-05-29 17:35:06 971680 ----a-w- C:\windows\System32\deployJava1.dll
2013-05-29 17:35:06 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-05-29 17:35:00 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-05-23 14:54:37 -------- d-----w- C:\res
2013-05-23 14:54:09 -------- d-----w- C:\Users\David\AppData\Local\Nikon
2013-05-23 02:40:35 61440 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-05-23 02:39:33 -------- d-----w- C:\Program Files (x86)\Common Files\Nikon
2013-05-23 02:39:24 -------- d-----w- C:\ProgramData\Filters
2013-05-23 02:38:21 -------- d-----w- C:\Program Files\Common Files\Nikon
2013-05-23 02:38:13 -------- d-----w- C:\Program Files (x86)\Nikon
2013-05-23 02:38:07 -------- d-----w- C:\Program Files\Nikon
2013-05-23 02:38:05 106496 ----a-w- C:\windows\SysWow64\ATL71.DLL
2013-05-23 02:37:54 -------- d-----w- C:\ProgramData\Font Book
2013-05-23 02:37:52 -------- d-----w- C:\ProgramData\Error Handlers
2013-05-23 02:37:23 -------- d-----w- C:\Users\David\AppData\Local\Downloaded Installations
2013-05-23 02:37:00 -------- d-----w- C:\ProgramData\Organic
2013-05-22 02:04:34 -------- d-----w- C:\Program Files\iPod
2013-05-22 02:04:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-22 02:04:33 -------- d-----w- C:\Program Files\iTunes
2013-05-22 02:04:33 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-22 02:01:33 -------- d-----w- C:\Program Files\Bonjour
2013-05-22 02:01:33 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-05-19 10:54:27 97176 ----a-w- C:\windows\SysWow64\ElbyCDIO.dll
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-05-16 01:25:30 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Downloader
2013-05-16 01:25:27 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Profiles
2013-05-16 01:14:34 -------- d-----w- C:\Program Files (x86)\Avant Browser
2013-05-15 23:46:38 74560 ----a-w- C:\windows\System32\drivers\McPvDrv.sys
2013-05-15 23:46:07 197264 ----a-w- C:\windows\System32\drivers\HipShieldK.sys
2013-05-15 22:09:07 -------- d-sh--w- C:\Users\David\AppData\Local\ms-drivers
2013-05-15 22:09:04 -------- d-----w- C:\Users\David\AppData\Local\MetaGeek,_LLC
2013-05-15 21:37:35 1930752 ----a-w- C:\windows\System32\authui_old.dll
2013-05-15 21:37:35 1930752 ----a-w- C:\windows\System32\authui.dll
2013-05-15 21:37:33 1796096 ----a-w- C:\windows\SysWow64\authui_old.dll
2013-05-15 21:37:33 1796096 ----a-w- C:\windows\SysWow64\authui.dll
2013-05-15 21:37:33 111448 ----a-w- C:\windows\System32\consent.exe
2013-05-15 21:37:32 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-05-15 21:36:07 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-15 21:36:07 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-05-15 21:36:06 144384 ----a-w- C:\windows\System32\cdd.dll
2013-05-15 21:36:04 230400 ----a-w- C:\windows\System32\wwansvc.dll
2013-05-15 21:36:03 48640 ----a-w- C:\windows\System32\wwanprotdim.dll
2013-05-15 21:35:59 3153920 ----a-w- C:\windows\System32\win32k.sys
2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-07 23:53:45 -------- d-----w- C:\Program Files (x86)\SlimDrivers
2013-05-06 12:51:53 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2013-05-06 12:47:42 82560 ----a-w- C:\windows\System32\drivers\amd_sata.sys
2013-05-06 12:47:42 42624 ----a-w- C:\windows\System32\drivers\amd_xata.sys
2013-05-06 12:47:42 16552 ----a-w- C:\windows\System32\drivers\AtiPcie64.sys
2013-05-05 14:58:59 -------- d-----w- C:\Fonts
.
==================== Find3M  ====================
.
2013-06-01 18:00:18 16152 ----a-w- C:\windows\System32\drivers\SWDUMon.sys
2013-05-15 02:50:36 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 02:50:36 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-04-27 15:53:34 866720 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
2013-04-27 15:53:34 788896 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-04-25 01:37:57 129944 ----a-w- C:\windows\SysWow64\ElbyVCD.dll
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-09 23:12:08 42496 ----a-w- C:\windows\System32\hcw72Co.dll
2013-04-09 23:12:08 38656 ----a-w- C:\windows\System32\drivers\hcw72ADFilter.sys
2013-04-09 23:12:08 1669760 ----a-w- C:\windows\System32\drivers\hcw72DTV.sys
2013-04-09 23:12:08 1667328 ----a-w- C:\windows\System32\drivers\hcw72ATV.sys
2013-04-07 00:55:00 2448384 ----a-w- C:\windows\SysWow64\python27.dll
2013-04-05 01:08:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-04-05 01:00:30 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-04-05 00:59:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-04-05 00:56:16 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-04-05 00:55:47 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-04-04 22:11:34 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-04-04 19:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-11 00:49:12 36352 ----a-w- C:\windows\System32\drivers\VClone.sys
2012-05-25 08:20:21 3993600 ----a-w- C:\Program Files (x86)\GUT9EC0.tmp
.
============= FINISH: 21:12:39.13 ===============


#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 10,775 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:32 AM

Posted 05 June 2013 - 12:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/496571 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 06 June 2013 - 06:40 PM

The answers to majority of the questions are answered above. I will post a new DDS log below.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 9.0.8112.16483
Run by David at 18:22:00 on 2013-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.7927.4371 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
c:\program files\soluto\soluto.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k ftpsvc
C:\windows\system32\taskhost.exe
C:\windows\System32\svchost.exe -k LPDService
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\windows\system32\mfevtps.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\System32\tcpsvcs.exe
C:\windows\System32\snmp.exe
C:\Program Files\Soluto\SolutoLauncherService.exe
C:\Program Files\Soluto\SolutoService.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\windows\System32\alg.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\windows\splwow64.exe
C:\windows\system32\atiesrxx.exe
C:\windows\system32\atieclxx.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Puran Defrag\PuranADT.exe
C:\windows\system32\PuranDefragS.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\windows\SysWOW64\vmnetdhcp.exe
C:\windows\SysWOW64\vmnat.exe
C:\Users\David\appdata\roaming\dropbox\bin\dropbox.exe
C:\Program Files (x86)\EMET\EMET_notifier.exe
C:\program files (x86)\secunia\psi\psi_tray.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\doubleTwist 2.0\doubleTwist.DeviceHelper.exe
C:\program files (x86)\mcafee online backup\mobkstat.exe
C:\Users\David\Local Settings\Apps\F.lux\flux.exe
C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\windows\system32\taskeng.exe
C:\Windows\System32\cleanmgr.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?fr=avantsearch6
mStart Page = hxxp://www.google.com
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: PodcastBHO Class: {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSnc.20130529132902.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [SkyDrive] "C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
StartupFolder: C:\Users\David\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cleanup.bat
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
LSP: %windir%\system32\vsocklib.dll
DPF: {10000000-1000-1000-1000-100000000000} - hxxp://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{670E2375-31E8-4028-9185-98545737127C} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\2375942554236393 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\473757E616D696 : DHCPNameServer = 164.58.253.10 164.58.233.202
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : NameServer = 192.168.1.254,208.67.220.220,192.168.2.1
TCP: Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}\B4546594E4 : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mWinlogon: Userinit = C:\windows\System32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSnc.20130529132901.dll
x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - <orphaned>
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\windows\System32\ieudinit.exe
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\windows\System32\drivers\amd_sata.sys [2013-5-6 82560]
R0 amd_xata;amd_xata;C:\windows\System32\drivers\amd_xata.sys [2013-5-6 42624]
R0 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-5-15 74560]
R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2012-11-9 771096]
R0 Soluto;Soluto;C:\windows\System32\drivers\Soluto.sys [2013-2-4 54728]
R0 vsock;vSockets Driver;C:\windows\System32\drivers\vsock.sys [2013-5-29 70296]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2012-11-9 339776]
R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-6-19 66040]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-3-2 202752]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-7-4 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 ftpsvc;Microsoft FTP Service;C:\windows\System32\svchost.exe -k ftpsvc [2009-7-13 27136]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 iPodDrv;iPodDrv;C:\windows\System32\drivers\iPodDrv.sys [2011-7-27 14952]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-10-3 201304]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-1-5 1007288]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-1-5 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-1-5 182312]
R2 SolutoLauncherService;Soluto Launcher Service;C:\Program Files\Soluto\SolutoLauncherService.exe [2013-2-3 183264]
R2 SolutoService;Soluto PCGenome Core Service;C:\Program Files\Soluto\SolutoService.exe [2013-2-3 552928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 amdiox64;AMD IO Driver;C:\windows\System32\drivers\amdiox64.sys [2012-12-16 46136]
R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2012-11-9 69672]
R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\windows\System32\drivers\hcw72ADFilter.sys [2013-4-9 38656]
R3 hcw72ATV;WinTV HVR-950 NTSC;C:\windows\System32\drivers\hcw72ATV.sys [2013-4-9 1667328]
R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\windows\System32\drivers\hcw72DTV.sys [2013-4-9 1669760]
R3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2013-5-15 197264]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2013-4-27 103536]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2012-11-9 309400]
R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2012-11-9 515528]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2012-11-2 328976]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-3-2 35008]
R3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
R3 PuranDefrag;PuranDefrag;C:\windows\System32\PuranDefragS.exe [2012-4-1 289792]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2010-4-26 1103904]
R3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-3-2 54136]
R3 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 HP8207_8307;HP-HP8207_8307;C:\windows\System32\drivers\HP8207_8307.sys [2010-2-5 15360]
S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2012-11-2 97208]
S3 pneteth;PdaNet Broadband;C:\windows\System32\drivers\pneteth.sys [2012-5-27 15360]
S3 pnetmdm;PdaNet Modem;C:\windows\System32\drivers\pnetmdm64.sys [2012-5-27 17920]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-11-29 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-3-2 239136]
S3 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
S3 SolutoRemoteService;Soluto Remote Service;C:\Program Files\Soluto\SolutoRemoteService.exe [2013-2-3 1239552]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2012-5-27 157160]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 SWDUMon;SWDUMon;C:\windows\System32\drivers\SWDUMon.sys [2013-4-27 16152]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-11-29 57856]
S3 VBoxUSB;VirtualBox USB;C:\windows\System32\drivers\VBoxUSB.sys [2012-3-14 117040]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-2 1255736]
S3 WMSVC;Web Management Service;C:\windows\System32\inetsrv\WMSvc.exe [2009-7-13 10752]
S4 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-1-5 221296]
S4 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]
S4 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2012-10-11 918680]
.
=============== Created Last 30 ================
.
2013-05-31 19:07:00 -------- d-----w- C:\Users\David\AppData\Roaming\Logishrd
2013-05-31 18:54:45 -------- d-----w- C:\Users\David\AppData\Local\ElevatedDiagnostics
2013-05-31 18:50:38 2871808 ----a-w- C:\windows\explorer.exe
2013-05-31 18:49:26 2870272 ----a-w- C:\explorer.exe
2013-05-31 18:31:46 975872 ----a-w- C:\windows\SysWow64\basebrd.dll
2013-05-31 18:30:56 975872 ----a-w- C:\windows\System32\basebrd.dll
2013-05-31 17:20:45 688992 ------r- C:\Users\David\dds.com
2013-05-31 13:36:34 -------- d-----w- C:\Program Files (x86)\ESET
2013-05-31 07:55:25 -------- d-----w- C:\Users\David\AppData\Local\Temp
2013-05-31 03:43:40 -------- d-----w- C:\ProgramData\Best Buy pc app
2013-05-31 03:41:46 -------- d-----w- C:\Users\David\AppData\Local\PackageAware
2013-05-31 03:07:47 -------- d-----w- C:\Program Files (x86)\EMET
2013-05-31 01:59:34 925184 ----a-w- C:\windows\expstart.exe
2013-05-31 01:59:08 2871808 ----a-w- C:\windows\explorer.backup.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_edit_w7upfc.exe
2013-05-31 01:57:55 2871808 ----a-w- C:\windows\explorer_backup_w7upfc.exe
2013-05-31 01:57:55 2792960 ----a-w- C:\windows\explorer2.exe
2013-05-31 01:57:55 -------- d-----w- C:\windows\w7upfc
2013-05-31 01:30:31 332288 ----a-w- C:\windows\System32\uxtheme.dll.backup
2013-05-31 01:30:27 2851840 ----a-w- C:\windows\System32\themeui.dll.backup
2013-05-31 01:30:23 44544 ----a-w- C:\windows\System32\themeservice.dll.backup
2013-05-30 22:44:34 -------- d-----w- C:\Users\David\AppData\Local\Vlite
2013-05-30 21:45:56 22096 ----a-w- C:\windows\System32\drivers\wimfltr.sys
2013-05-30 20:56:04 -------- d-----w- C:\Program Files\Windows Imaging
2013-05-30 20:55:35 -------- d-----w- C:\Program Files\Windows AIK
2013-05-30 20:44:04 -------- d-----w- C:\Program Files (x86)\WinDirStat
2013-05-30 19:30:30 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2013-05-30 02:21:58 -------- d-----w- C:\Program Files (x86)\vLite
2013-05-29 22:46:21 -------- d-----w- C:\Users\David\AppData\Local\VMware
2013-05-29 22:44:14 70296 ----a-w- C:\windows\System32\drivers\vsock.sys
2013-05-29 22:44:14 67224 ----a-w- C:\windows\System32\vsocklib.dll
2013-05-29 22:44:14 63128 ----a-w- C:\windows\SysWow64\vsocklib.dll
2013-05-29 22:42:15 67664 ----a-w- C:\windows\System32\drivers\vmx86.sys
2013-05-29 22:42:14 33360 ----a-w- C:\windows\System32\drivers\VMkbd.sys
2013-05-29 22:40:02 357456 ----a-w- C:\windows\SysWow64\vmnetdhcp.exe
2013-05-29 22:39:58 436304 ----a-w- C:\windows\SysWow64\vmnat.exe
2013-05-29 22:39:58 30800 ----a-w- C:\windows\System32\drivers\vmnetuserif.sys
2013-05-29 22:39:49 933968 ----a-w- C:\windows\System32\vnetlib64.dll
2013-05-29 22:38:50 52376 ----a-w- C:\windows\System32\drivers\hcmon.sys
2013-05-29 22:37:43 -------- d-----w- C:\Program Files\Common Files\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\VMware
2013-05-29 22:37:02 -------- d-----w- C:\Program Files (x86)\Common Files\VMware
2013-05-29 20:19:53 -------- d-----w- C:\Users\David\AppData\Local\Supremus Corporation
2013-05-29 19:08:28 -------- d-----w- C:\ie10
2013-05-29 19:07:10 846864 ----a-w- C:\IE10-Windows6.1-en-us.exe
2013-05-29 18:37:07 -------- d-----w- C:\windows\System32\RT 7 Lite
2013-05-29 18:36:59 -------- d-----w- C:\Program Files\Rockers Team
2013-05-29 17:55:53 -------- d-----w- C:\win7
2013-05-29 17:36:17 -------- d-----w- C:\Users\David\.android
2013-05-29 17:35:06 971680 ----a-w- C:\windows\System32\deployJava1.dll
2013-05-29 17:35:06 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll
2013-05-29 17:35:00 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2013-05-23 14:54:37 -------- d-----w- C:\res
2013-05-23 14:54:09 -------- d-----w- C:\Users\David\AppData\Local\Nikon
2013-05-23 02:40:35 61440 ----a-r- C:\Users\David\AppData\Roaming\Microsoft\Installer\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}\ARPPRODUCTICON.exe
2013-05-23 02:39:33 -------- d-----w- C:\Program Files (x86)\Common Files\Nikon
2013-05-23 02:39:24 -------- d-----w- C:\ProgramData\Filters
2013-05-23 02:38:21 -------- d-----w- C:\Program Files\Common Files\Nikon
2013-05-23 02:38:13 -------- d-----w- C:\Program Files (x86)\Nikon
2013-05-23 02:38:07 -------- d-----w- C:\Program Files\Nikon
2013-05-23 02:38:05 106496 ----a-w- C:\windows\SysWow64\ATL71.DLL
2013-05-23 02:37:54 -------- d-----w- C:\ProgramData\Font Book
2013-05-23 02:37:52 -------- d-----w- C:\ProgramData\Error Handlers
2013-05-23 02:37:23 -------- d-----w- C:\Users\David\AppData\Local\Downloaded Installations
2013-05-23 02:37:00 -------- d-----w- C:\ProgramData\Organic
2013-05-22 02:04:34 -------- d-----w- C:\Program Files\iPod
2013-05-22 02:04:33 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-22 02:04:33 -------- d-----w- C:\Program Files\iTunes
2013-05-22 02:04:33 -------- d-----w- C:\Program Files (x86)\iTunes
2013-05-22 02:01:33 -------- d-----w- C:\Program Files\Bonjour
2013-05-22 02:01:33 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-05-19 10:54:27 97176 ----a-w- C:\windows\SysWow64\ElbyCDIO.dll
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-05-16 08:04:16 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2013-05-16 01:25:30 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Downloader
2013-05-16 01:25:27 -------- d-----w- C:\Users\David\AppData\Roaming\Avant Profiles
2013-05-16 01:14:34 -------- d-----w- C:\Program Files (x86)\Avant Browser
2013-05-15 23:46:38 74560 ----a-w- C:\windows\System32\drivers\McPvDrv.sys
2013-05-15 23:46:07 197264 ----a-w- C:\windows\System32\drivers\HipShieldK.sys
2013-05-15 22:09:07 -------- d-sh--w- C:\Users\David\AppData\Local\ms-drivers
2013-05-15 22:09:04 -------- d-----w- C:\Users\David\AppData\Local\MetaGeek,_LLC
2013-05-15 21:37:35 1930752 ----a-w- C:\windows\System32\authui_old.dll
2013-05-15 21:37:35 1930752 ----a-w- C:\windows\System32\authui.dll
2013-05-15 21:37:33 1796096 ----a-w- C:\windows\SysWow64\authui_old.dll
2013-05-15 21:37:33 1796096 ----a-w- C:\windows\SysWow64\authui.dll
2013-05-15 21:37:33 111448 ----a-w- C:\windows\System32\consent.exe
2013-05-15 21:37:32 70144 ----a-w- C:\windows\System32\appinfo.dll
2013-05-15 21:36:07 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-05-15 21:36:07 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-05-15 21:36:06 144384 ----a-w- C:\windows\System32\cdd.dll
2013-05-15 21:36:04 230400 ----a-w- C:\windows\System32\wwansvc.dll
2013-05-15 21:36:03 48640 ----a-w- C:\windows\System32\wwanprotdim.dll
2013-05-15 21:35:59 3153920 ----a-w- C:\windows\System32\win32k.sys
2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-05-07 23:53:45 -------- d-----w- C:\Program Files (x86)\SlimDrivers
.
==================== Find3M  ====================
.
2013-06-04 13:26:15 16152 ----a-w- C:\windows\System32\drivers\SWDUMon.sys
2013-05-15 02:50:36 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 02:50:36 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-04-27 15:53:34 866720 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
2013-04-27 15:53:34 788896 ----a-w- C:\windows\SysWow64\deployJava1.dll
2013-04-25 01:37:57 129944 ----a-w- C:\windows\SysWow64\ElbyVCD.dll
2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-04-09 23:12:08 42496 ----a-w- C:\windows\System32\hcw72Co.dll
2013-04-09 23:12:08 38656 ----a-w- C:\windows\System32\drivers\hcw72ADFilter.sys
2013-04-09 23:12:08 1669760 ----a-w- C:\windows\System32\drivers\hcw72DTV.sys
2013-04-09 23:12:08 1667328 ----a-w- C:\windows\System32\drivers\hcw72ATV.sys
2013-04-07 00:55:00 2448384 ----a-w- C:\windows\SysWow64\python27.dll
2013-04-05 01:08:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2013-04-05 01:00:30 1392128 ----a-w- C:\windows\System32\wininet.dll
2013-04-05 00:59:24 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2013-04-05 00:56:16 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2013-04-05 00:55:47 599040 ----a-w- C:\windows\System32\vbscript.dll
2013-04-04 22:11:34 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-04-04 19:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll
2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe
2013-03-11 00:49:12 36352 ----a-w- C:\windows\System32\drivers\VClone.sys
2012-05-25 08:20:21 3993600 ----a-w- C:\Program Files (x86)\GUT9EC0.tmp
.
============= FINISH: 18:22:27.07 ===============


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 08:48 AM

Greetings dmssargent and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible. While I do that please run the following program for me.

===================================================

Farbar Recovery Scan Tool (FRST) in Normal or Safe Mode

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Attach.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST log
  • Attach log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 07 June 2013 - 12:19 PM

Gary, you can call me by my first name. Here are the Farbar logs:

(The names are FRST.txt and Addition.txt, there is no Attach.txt that I found)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-06-2013 01
Ran by David (administrator) on 07-06-2013 11:59:15
Running from C:\Users\David\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Soluto) c:\program files\soluto\soluto.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\windows\System32\snmp.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Microsoft Corporation) C:\windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Microsoft Corporation) C:\windows\splwow64.exe
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Conexant Systems, Inc.) C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
() C:\Program Files (x86)\Nova Development\Greeting Card Factory Deluxe 9.0\ReminderApp.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Puran Software) C:\Program Files\Puran Defrag\PuranADT.exe
(Puran Software) C:\windows\system32\PuranDefragS.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(VMware, Inc.) C:\windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\windows\SysWOW64\vmnat.exe
(Dropbox, Inc.) C:\Users\David\appdata\roaming\dropbox\bin\dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET\EMET_notifier.exe
(Secunia) C:\program files (x86)\secunia\psi\psi_tray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(doubleTwist Corporation) C:\Program Files (x86)\doubleTwist 2.0\doubleTwist.DeviceHelper.exe
(McAfee, Inc.) C:\program files (x86)\mcafee online backup\mobkstat.exe
() C:\Users\David\Local Settings\Apps\F.lux\flux.exe
(Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsmap.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: []  [x]
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKCU\...\Run: [SkyDrive] "C:\Users\David\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background [257136 2013-06-05] (Microsoft Corporation)
HKCU\...\Winlogon: [Shell] explorer.exe
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {0189820c-c87b-11e2-b1c9-005056c00008} - E:\StartCD.exe
MountPoints2: {5de35bfd-b96c-11e2-9f19-806e6f6e6963} - D:\setup.exe
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454600 2013-02-28] (McAfee, Inc.)
HKU\Kevin\...\Run: [Best Buy pc app] C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]
HKU\Kevin\...\Policies\system: [LogonHoursAction] 2
HKU\Kevin\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Melinda\...\Run: [Best Buy pc app] C:\Users\Melinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]
Startup: C:\ProgramData\Start Menu\Programs\Startup\cleanup.bat ()
BootExecute: autocheck autochk * autocheck PuranDefragBT -AD
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?fr=avantsearch6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
URLSearchHook: (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
HKCU SearchScopes: DefaultScope {D58A471D-6F6C-4008-BF96-CDFF2739F186} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
SearchScopes: HKCU - {325B4F11-F977-4DC9-BBA1-B21F445D5263} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKCU - {B7918FA1-0CA8-49F5-9C38-0AADB22FC16F} URL = 
SearchScopes: HKCU - {D58A471D-6F6C-4008-BF96-CDFF2739F186} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=mcafee&hsimp=yhs-01&type=mcafee&p={SearchTerms}
SearchScopes: HKCU - {EC4487E5-F62C-417E-B23F-083F9AD0E29B} URL = 
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSnc.20130529132901.dll (McAfee, Inc.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PodcastBHO Class - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSnc.20130529132902.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} -  No File
PDF: HKLM-x32 {10000000-1000-1000-1000-100000000000} http://cdn.betteradvertising.com/ghostery/addons/ie/2.4.2.0/ghostery.cab
PDF: HKLM-x32 {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futuremark.com/calico/systeminfodeploy/FMSI_v490.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8CF35FA3-7257-488D-A318-178365CE83A7}: [NameServer]192.168.1.254,208.67.220.220,192.168.2.1
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (doubletwist Plugin 1, 3, 0, 0) - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll No File
CHR Plugin: (Unity Player) - C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Hulu Desktop) - C:\Users\David\AppData\Local\HuluDesktop\instances\0.9.14.1\npHDPlg.dll No File
CHR Plugin: (Shockwave for Director) - C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\Program Files\McAfee\MSC\npMcSnFFPl64.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Extension: (SiteAdvisor) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.61.113.2_0
 
==================== Services (Whitelisted) =================
 
R3 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-07-04] (Advanced Micro Devices, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
S4 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [388680 2013-03-01] (McAfee, Inc.)
S4 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1007288 2012-10-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-12-26] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182312 2012-12-26] (McAfee, Inc.)
S4 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [221296 2013-03-05] (McAfee, Inc.)
R3 PuranDefrag; C:\windows\system32\PuranDefragS.exe [289792 2011-12-26] (Puran Software)
R3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
S3 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [183264 2013-02-03] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1239552 2013-02-03] (Soluto)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-12-26] (McAfee, Inc.)
R3 hcw72ADFilter; C:\Windows\System32\DRIVERS\hcw72ADFilter.sys [38656 2013-04-09] (Hauppauge Computer Works, Inc.)
R3 hcw72ATV; C:\Windows\System32\DRIVERS\hcw72ATV.sys [1667328 2013-04-09] (Hauppauge Computer Works, Inc.)
R3 hcw72DTV; C:\Windows\System32\DRIVERS\hcw72DTV.sys [1669760 2013-04-09] (Hauppauge Computer Works, Inc.)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-05] (Windows ® Win 7 DDK provider)
R0 McPvDrv; C:\Windows\System32\drivers\McPvDrv.sys [74560 2013-04-22] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [178840 2012-12-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309400 2012-12-26] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515528 2012-12-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [339776 2012-12-26] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-06-04] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2012-03-14] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
R3 cpuz135; \??\C:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 cpuz136; \??\C:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R1 ElbyCDIO; System32\Drivers\ElbyCDIO.sys [x]
U3 mfeavfk01; No ImagePath
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-06-07 11:58 - 2013-06-07 11:58 - 00000000 ____D C:\FRST
2013-06-07 11:57 - 2013-06-07 11:57 - 01918758 ____A (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-06-07 07:51 - 2013-06-07 07:51 - 00535058 ____A C:\Users\David\Downloads\060713-24086-01.zip
2013-06-03 13:36 - 2013-06-07 07:52 - 00000000 ____D C:\Users\David\Downloads\Dump
2013-06-01 13:00 - 2013-06-07 11:30 - 00000410 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-05-31 14:45 - 2013-06-06 18:23 - 00027381 ____A C:\Users\David\Desktop\attach.txt
2013-05-31 14:45 - 2013-06-06 18:22 - 00029235 ____A C:\Users\David\Desktop\dds.txt
2013-05-31 14:28 - 2013-05-31 14:26 - 01535974 ____A C:\Users\David\Desktop\CBS.log
2013-05-31 14:07 - 2013-05-31 14:07 - 00000000 ____D C:\Users\David\AppData\Roaming\Logitech
2013-05-31 14:07 - 2013-05-31 14:07 - 00000000 ____D C:\Users\David\AppData\Roaming\Logishrd
2013-05-31 14:02 - 2013-05-31 14:06 - 59248080 ____A (Logitech Inc.) C:\Users\David\Downloads\setpoint652_x64.exe
2013-05-31 13:50 - 2011-02-25 01:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-05-31 13:49 - 2011-02-26 04:23 - 02870272 ____A (Microsoft Corporation) C:\explorer.exe
2013-05-31 13:31 - 2009-07-14 02:05 - 00975872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\basebrd.dll
2013-05-31 13:30 - 2009-07-14 02:05 - 00975872 ____A (Microsoft Corporation) C:\Windows\System32\basebrd.dll
2013-05-31 12:20 - 2013-05-31 12:20 - 00688992 ____R (Swearware) C:\Users\David\dds.com
2013-05-31 10:23 - 2009-08-03 01:17 - 02868224 ____A (Microsoft Corporation) C:\Users\David\Documents\explorer.exe
2013-05-31 08:58 - 2013-05-31 08:59 - 04745728 ____A (AVAST Software) C:\Users\David\Downloads\aswMBR.exe
2013-05-31 08:52 - 2013-05-31 08:52 - 00050477 ____A C:\Users\David\Downloads\Defogger.exe
2013-05-31 08:52 - 2013-05-31 08:52 - 00000472 ____A C:\Users\David\Downloads\defogger_disable.log
2013-05-31 08:52 - 2013-05-31 08:52 - 00000000 ____A C:\Users\David\defogger_reenable
2013-05-31 08:36 - 2013-05-31 08:36 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-30 23:37 - 2013-05-30 23:37 - 00816128 ____A C:\Users\David\Downloads\RogueKiller.exe
2013-05-30 23:24 - 2013-05-30 23:24 - 02347384 ____A (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-05-30 23:04 - 2013-05-30 23:04 - 00467813 ____A C:\Users\David\Downloads\metro_clock_v3_by_dejco-d3hxoj9.rar
2013-05-30 22:43 - 2013-05-30 23:36 - 00000000 ____D C:\ProgramData\Best Buy pc app
2013-05-30 22:41 - 2013-05-30 22:41 - 00000000 ____D C:\Users\David\AppData\Local\PackageAware
2013-05-30 22:34 - 2013-05-30 22:34 - 01549632 ____A (IObit) C:\Users\David\Downloads\iobituninstaller.exe
2013-05-30 22:31 - 2013-06-07 07:51 - 00000000 ____D C:\Users\David\Downloads\Download
2013-05-30 22:30 - 2013-05-30 22:30 - 00942896 ____A C:\Users\David\Downloads\IObit_Uninstaller_downloader.exe
2013-05-30 22:23 - 2013-05-30 22:23 - 08771072 ____A (IvoSoft) C:\Users\David\Downloads\ClassicShellSetup_3_6_7 (2).exe
2013-05-30 22:23 - 2013-05-30 22:23 - 08771072 ____A (IvoSoft) C:\Users\David\Downloads\ClassicShellSetup_3_6_7 (1).exe
2013-05-30 22:19 - 2013-05-30 22:20 - 01678013 ____A C:\Users\David\Downloads\pc-decrapifier-2.3.1.exe
2013-05-30 22:19 - 2013-05-30 22:20 - 01678013 ____A C:\Users\David\Downloads\pc-decrapifier-2.3.1 (1).exe
2013-05-30 22:11 - 2013-05-30 22:11 - 00000000 ____D C:\Users\David\Downloads\windows8_rtm_logon_for_windows7_by_peterrollar-d58x4cp
2013-05-30 22:07 - 2013-05-30 22:07 - 00000000 ____D C:\Program Files (x86)\EMET
2013-05-30 22:06 - 2013-05-30 22:19 - 04722870 ____A C:\Users\David\Downloads\ClassicShellSetup_3_6_7.exe
2013-05-30 22:03 - 2013-05-30 22:03 - 00057457 ____A C:\Users\David\Downloads\Windows-8-Metro-Task-Manager.zip
2013-05-30 22:00 - 2013-05-30 22:00 - 06325248 ____A C:\Users\David\Downloads\EMET Setup.msi
2013-05-30 21:56 - 2013-05-30 21:56 - 00001555 ____A C:\Users\David\Downloads\Add-Take-Ownership-Option.zip
2013-05-30 21:55 - 2013-05-30 21:55 - 00676061 ____A C:\Users\David\Downloads\windows8_rtm_logon_for_windows7_by_peterrollar-d58x4cp.rar
2013-05-30 21:19 - 2009-07-13 20:24 - 00350720 ____A (Microsoft Corporation) C:\Windows\System32\config\shellstyle.dll
2013-05-30 20:59 - 2013-05-30 21:29 - 00925184 ____A C:\Windows\expstart.exe
2013-05-30 20:59 - 2011-02-25 01:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer.backup.exe
2013-05-30 20:57 - 2013-05-30 20:58 - 00000000 ____D C:\Windows\w7upfc
2013-05-30 20:57 - 2011-02-25 01:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer_edit_w7upfc.exe
2013-05-30 20:57 - 2011-02-25 01:19 - 02871808 ____A (Microsoft Corporation) C:\Windows\explorer_backup_w7upfc.exe
2013-05-30 20:57 - 2011-02-25 01:19 - 02792960 ____A (Microsoft Corporation) C:\Windows\explorer2.exe
2013-05-30 20:56 - 2013-05-30 20:56 - 00452830 ____A C:\Users\David\Downloads\Windows 7 User Picture Frame Changer.zip
2013-05-30 20:55 - 2013-05-30 20:56 - 00216168 ____A C:\Users\David\Downloads\Windows 7 Start Orb Changer.zip
2013-05-30 20:36 - 2013-05-30 20:36 - 00000000 ____D C:\Users\David\Downloads\windows_8_rtm_theme_for_windows_7_by_mare_m-d59vtny
2013-05-30 20:36 - 2012-08-09 03:17 - 01865728 ____A (Microsoft Corporation) C:\Users\David\Downloads\ExplorerFrame.dll
2013-05-30 20:30 - 2010-11-20 08:27 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll.backup
2013-05-30 20:30 - 2009-07-13 20:41 - 00332288 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll.backup
2013-05-30 20:30 - 2009-07-13 20:41 - 00044544 ____A (Microsoft Corporation) C:\Windows\System32\themeservice.dll.backup
2013-05-30 20:29 - 2013-05-30 20:30 - 17653895 ____A C:\Users\David\Downloads\windows_8_rtm_theme_for_windows_7_by_mare_m-d59vtny.7z
2013-05-30 20:29 - 2013-05-30 20:29 - 00082664 ____A C:\Users\David\Downloads\UniversalThemePatcher_20090409.zip
2013-05-30 17:44 - 2013-05-30 17:44 - 00000000 ____D C:\Users\David\AppData\Local\Vlite
2013-05-30 16:45 - 2009-07-13 18:48 - 00022096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wimfltr.sys
2013-05-30 15:56 - 2013-05-30 15:56 - 00000000 ____D C:\Program Files\Windows Imaging
2013-05-30 15:55 - 2013-05-30 16:00 - 00000000 ____D C:\Program Files\Windows AIK
2013-05-30 15:44 - 2013-05-30 15:44 - 00001046 ____A C:\Users\Melinda\Desktop\WinDirStat.lnk
2013-05-30 15:44 - 2013-05-30 15:44 - 00001046 ____A C:\Users\Kevin\Desktop\WinDirStat.lnk
2013-05-30 15:44 - 2013-05-30 15:44 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2013-05-30 15:43 - 2013-05-30 15:43 - 00645729 ____A (WDS Team) C:\Users\David\Downloads\windirstat1_1_2_setup.exe
2013-05-30 15:28 - 2013-05-30 15:28 - 00632031 ____A C:\Users\David\Downloads\AdwCleaner.exe
2013-05-30 14:30 - 2013-05-30 14:30 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-05-30 14:27 - 2013-05-30 14:27 - 01588760 ____A C:\Users\David\Downloads\SetupVirtualCloneDrive5460.exe
2013-05-30 14:25 - 2013-05-30 15:52 - 1789542400 ____A C:\Users\David\Downloads\KB3AIK_EN.iso
2013-05-29 21:42 - 2013-05-29 21:42 - 00000020 ____A C:\Windows\System32\b.txt
2013-05-29 21:41 - 2013-05-29 21:41 - 00000084 ____A C:\Windows\System32\a.txt
2013-05-29 21:27 - 2011-05-17 23:52 - 00000000 ____D C:\Users\David\Downloads\ISO Maker 1.0
2013-05-29 21:26 - 2013-05-29 21:26 - 02383580 ____A C:\Users\David\Downloads\ISO Maker 1.0.7z
2013-05-29 21:21 - 2013-05-30 18:05 - 00000000 ____D C:\Program Files (x86)\vLite
2013-05-29 21:21 - 2013-05-29 21:21 - 01620715 ____A (Dino Nuhagic (nuhi)                                         ) C:\Users\David\Downloads\vLite-1.2.installer.exe
2013-05-29 17:52 - 2013-05-29 17:52 - 00000000 ____D C:\Users\David\Documents\Virtual Machines
2013-05-29 17:46 - 2013-05-29 18:12 - 00000000 ____D C:\Users\David\AppData\Local\VMware
2013-05-29 17:45 - 2013-05-29 17:53 - 00000000 ____D C:\Users\David\AppData\Roaming\VMware
2013-05-29 17:44 - 2013-05-29 18:02 - 00000000 ____D C:\Users\David\Documents\win7 iso
2013-05-29 17:44 - 2012-10-24 14:17 - 00070296 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vsock.sys
2013-05-29 17:44 - 2012-10-24 14:17 - 00067224 ____A (VMware, Inc.) C:\Windows\System32\vsocklib.dll
2013-05-29 17:44 - 2012-10-24 14:17 - 00063128 ____A (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-05-29 17:42 - 2013-02-26 02:28 - 00067664 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmx86.sys
2013-05-29 17:42 - 2013-02-26 02:27 - 00033360 ____A (VMware, Inc.) C:\Windows\System32\Drivers\VMkbd.sys
2013-05-29 17:40 - 2013-02-26 02:28 - 00357456 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-05-29 17:39 - 2013-02-26 02:29 - 00933968 ____A (VMware, Inc.) C:\Windows\System32\vnetlib64.dll
2013-05-29 17:39 - 2013-02-26 02:28 - 00436304 ____A (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-05-29 17:39 - 2013-02-26 02:28 - 00030800 ____A (VMware, Inc.) C:\Windows\System32\Drivers\vmnetuserif.sys
2013-05-29 17:38 - 2012-10-11 16:15 - 00052376 ____A (VMware, Inc.) C:\Windows\System32\Drivers\hcmon.sys
2013-05-29 17:37 - 2013-06-06 11:29 - 00000000 ____D C:\ProgramData\VMware
2013-05-29 17:37 - 2013-05-29 17:37 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-05-29 17:37 - 2013-05-29 17:37 - 00000000 ____D C:\Program Files (x86)\VMware
2013-05-29 17:13 - 2013-05-29 17:19 - 79676336 ____A (VMware, Inc.) C:\Users\David\Downloads\VMware-player-5.0.2-1031769.exe
2013-05-29 15:28 - 2013-05-29 15:31 - 00000000 ____D C:\Users\David\Downloads\New folder
2013-05-29 15:24 - 2013-05-29 18:05 - 00000000 ____D C:\Users\David\Documents\Windows Updates Downloader
2013-05-29 15:19 - 2013-05-29 15:19 - 00000000 ____D C:\Users\David\AppData\Local\Supremus Corporation
2013-05-29 15:18 - 2013-05-29 15:18 - 00256053 ____A C:\Users\David\Downloads\WUD250B1002Setup.exe
2013-05-29 15:18 - 2013-05-29 15:18 - 00012534 ____A C:\Users\David\Downloads\windows-7-sp1-x64-enu.ulz
2013-05-29 14:09 - 2013-05-29 14:12 - 42225628 ____A C:\Users\David\Downloads\IE10-Windows6.1-KB2718695-x64.cab
2013-05-29 14:08 - 2013-05-29 14:08 - 00000000 ____D C:\ie10
2013-05-29 14:07 - 2013-05-29 14:07 - 00846864 ____A (Microsoft Corporation) C:\IE10-Windows6.1-en-us.exe
2013-05-29 13:37 - 2013-05-29 13:37 - 00000000 ____D C:\Windows\System32\RT 7 Lite
2013-05-29 13:36 - 2013-05-29 13:36 - 00000000 ____D C:\Program Files\Rockers Team
2013-05-29 13:29 - 2013-05-29 13:31 - 16184710 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x64_sp1.exe
2013-05-29 12:55 - 2013-05-30 18:43 - 00000000 ____D C:\win7
2013-05-29 12:36 - 2013-05-29 14:18 - 00000000 ____D C:\Users\David\.android
2013-05-29 12:35 - 2013-05-29 12:33 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-29 12:35 - 2013-05-29 12:33 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-29 12:35 - 2013-05-29 12:33 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-29 12:35 - 2013-05-29 12:33 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-29 12:35 - 2013-05-29 12:33 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-29 12:35 - 2013-05-29 12:33 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-29 12:07 - 2013-05-29 12:30 - 00000000 ____D C:\Program Files\Java
2013-05-29 11:54 - 2013-05-29 12:33 - 00000000 ____D C:\Users\David\Downloads\adt-bundle-windows-x86_64-20130514
2013-05-29 11:52 - 2013-05-29 12:01 - 94973848 ____A (Oracle Corporation) C:\Users\David\Downloads\jdk-7u21-windows-x64.exe
2013-05-29 11:21 - 2013-05-29 11:22 - 16183067 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x64.exe
2013-05-29 11:20 - 2013-05-29 11:20 - 16144455 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x86.exe
2013-05-27 20:14 - 2013-05-27 20:14 - 00078639 ____A C:\Users\David\Downloads\900x900px-LL-48341c04_SC-65_rear.jpeg
2013-05-27 16:42 - 2013-05-27 16:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-27 10:17 - 2013-05-27 10:18 - 00000000 ____D C:\Users\David\Documents\Security
2013-05-25 19:34 - 2013-05-25 20:02 - 440868113 ____A C:\Users\David\Downloads\adt-bundle-windows-x86_64-20130514.zip
2013-05-24 15:42 - 2013-05-24 15:44 - 27024112 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer (2).exe
2013-05-23 16:16 - 2013-05-23 16:16 - 00009238 ____A C:\Users\David\Downloads\AwesomeMod Updater v2.8.0.181.zip
2013-05-23 16:00 - 2013-05-23 16:04 - 63210976 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer (1).exe
2013-05-23 15:59 - 2013-05-23 16:00 - 27024112 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer.exe
2013-05-23 11:12 - 2013-05-31 13:46 - 00016048 ____A C:\Windows\PFRO.log
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\Users\David\AppData\Roaming\Nikon
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\Users\David\AppData\Local\Nikon
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\res
2013-05-22 21:44 - 2013-05-22 21:44 - 00000000 ____D C:\Users\David\AppData\Roaming\ArcSoft
2013-05-22 21:39 - 2013-05-22 21:39 - 00000268 ___RH C:\Users\David\AppData\Roaming\PageLibraries
2013-05-22 21:39 - 2013-05-22 21:39 - 00000268 ___RH C:\ProgramData\Perl
2013-05-22 21:39 - 2013-05-22 21:39 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-05-22 21:39 - 2013-05-22 21:39 - 00000000 ____D C:\ProgramData\Filters
2013-05-22 21:38 - 2013-05-22 21:41 - 00000000 ____D C:\Program Files (x86)\Nikon
2013-05-22 21:38 - 2013-05-22 21:40 - 00000000 ____D C:\Program Files\Common Files\Nikon
2013-05-22 21:38 - 2013-05-22 21:38 - 00000000 ____D C:\Program Files\Nikon
2013-05-22 21:38 - 2013-05-22 21:37 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2013-05-22 21:37 - 2013-05-23 09:55 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-05-22 21:37 - 2013-05-22 21:40 - 00000000 ____D C:\Users\David\AppData\Local\Downloaded Installations
2013-05-22 21:37 - 2013-05-22 21:39 - 00000000 ____D C:\ProgramData\Ultima_T15
2013-05-22 21:37 - 2013-05-22 21:39 - 00000000 ____D C:\ProgramData\EnterNHelp
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\PPD Plugins
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\Planets
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\Pedal Hard
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Plugins
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Phaser
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Percussion Kit
2013-05-22 21:37 - 2013-05-22 21:37 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2013-05-22 21:37 - 2013-05-22 21:37 - 00000020 ____H C:\ProgramData\PKP_DLeo.DAT
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Organic
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Font Book
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Error Handlers
2013-05-22 21:19 - 2013-05-22 21:19 - 00000000 ____D C:\Users\David\Documents\100PHOTO
2013-05-22 21:16 - 2013-05-22 21:16 - 00000000 ____D C:\Users\David\Downloads\Nikon
2013-05-22 21:03 - 2013-05-30 21:03 - 01366280 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-21 22:01 - 2013-05-30 20:53 - 00447064 ____A C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-21 21:45 - 2013-06-06 11:19 - 00002711 ____A C:\Windows\setupact.log
2013-05-21 21:45 - 2013-05-21 21:45 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-05-21 21:45 - 2013-05-21 21:45 - 00000000 ____A C:\Windows\setuperr.log
2013-05-21 21:42 - 2013-03-27 10:35 - 00000000 ____D C:\Users\David\Downloads\S6300Update
2013-05-21 21:39 - 2013-05-21 21:40 - 08508536 ____A C:\Users\David\Downloads\F-S6300-V11W.exe
2013-05-21 21:04 - 2013-05-21 21:05 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-21 21:04 - 2013-05-21 21:05 - 00000000 ____D C:\Program Files\iTunes
2013-05-21 21:04 - 2013-05-21 21:05 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-21 21:04 - 2013-05-21 21:04 - 00000000 ____D C:\Program Files\iPod
2013-05-21 21:01 - 2013-05-21 21:01 - 00000000 ____D C:\Program Files\Bonjour
2013-05-21 21:01 - 2013-05-21 21:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-05-20 20:23 - 2013-05-20 20:23 - 00108829 ____A C:\Users\David\Downloads\fracture.zip
2013-05-20 18:51 - 2013-05-20 18:51 - 00000151 ____A C:\Users\David\Documents\Ad.txt
2013-05-19 05:54 - 2013-05-19 05:54 - 00097176 ____A (Elaborate Bytes AG) C:\Windows\SysWOW64\ElbyCDIO.dll
2013-05-16 03:04 - 2013-05-05 16:36 - 17818624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-16 03:04 - 2013-05-05 16:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-16 03:04 - 2013-05-05 14:25 - 12324864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-16 03:04 - 2013-05-05 14:12 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-16 03:02 - 2013-04-04 20:19 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-16 03:02 - 2013-04-04 20:08 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-16 03:02 - 2013-04-04 20:01 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-16 03:02 - 2013-04-04 20:00 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-16 03:02 - 2013-04-04 19:59 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-16 03:02 - 2013-04-04 19:58 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-16 03:02 - 2013-04-04 19:57 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-16 03:02 - 2013-04-04 19:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-16 03:02 - 2013-04-04 19:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-16 03:02 - 2013-04-04 19:55 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-16 03:02 - 2013-04-04 19:54 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-16 03:02 - 2013-04-04 19:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-16 03:02 - 2013-04-04 19:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-16 03:02 - 2013-04-04 19:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-16 03:02 - 2013-04-04 17:11 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-16 03:02 - 2013-04-04 17:09 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-16 03:02 - 2013-04-04 17:02 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-16 03:02 - 2013-04-04 17:02 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-16 03:02 - 2013-04-04 17:02 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-16 03:02 - 2013-04-04 17:01 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-16 03:02 - 2013-04-04 16:59 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-16 03:02 - 2013-04-04 16:58 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-16 03:02 - 2013-04-04 16:58 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-16 03:02 - 2013-04-04 16:57 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-16 03:02 - 2013-04-04 16:56 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-16 03:02 - 2013-04-04 16:55 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-16 03:02 - 2013-04-04 16:54 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-16 03:02 - 2013-04-04 16:50 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 20:25 - 2013-05-15 20:25 - 00000000 ____D C:\Users\David\AppData\Roaming\Avant Downloader
2013-05-15 20:14 - 2013-05-15 20:17 - 00000000 ____D C:\Program Files (x86)\Avant Browser
2013-05-15 20:12 - 2013-05-15 20:13 - 30274780 ____A (SRWare                                                      ) C:\Users\David\Downloads\srware_iron.exe
2013-05-15 20:09 - 2013-05-15 20:12 - 47482784 ____A (Avant Force) C:\Users\David\Downloads\asetup.exe
2013-05-15 18:46 - 2013-04-22 15:46 - 00074560 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\McPvDrv.sys
2013-05-15 18:46 - 2012-05-28 10:28 - 00197264 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2013-05-15 17:09 - 2013-05-15 17:09 - 00000037 ___SH C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420
2013-05-15 17:09 - 2013-05-15 17:09 - 00000000 ____D C:\Users\David\AppData\Local\MetaGeek,_LLC
2013-05-15 17:05 - 2013-05-15 17:05 - 00368070 ____A C:\Users\David\Downloads\iperf-3.0b5.tar.gz
2013-05-15 17:03 - 2013-05-15 17:04 - 06635520 ____A C:\Users\David\Downloads\inSSIDer-installer.msi
2013-05-15 17:01 - 2013-05-15 17:01 - 04303160 ____A C:\Users\David\Downloads\tt1.zip
2013-05-15 16:37 - 2013-02-27 01:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 16:37 - 2013-02-27 00:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 16:37 - 2013-02-27 00:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 16:37 - 2013-02-27 00:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui_old.dll
2013-05-15 16:37 - 2013-02-27 00:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 16:37 - 2013-02-27 00:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 16:37 - 2013-02-26 23:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 16:37 - 2013-02-26 23:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 16:37 - 2013-02-26 23:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui_old.dll
2013-05-15 16:37 - 2013-02-26 23:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 16:36 - 2013-04-10 01:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 16:36 - 2013-04-10 01:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 16:36 - 2013-03-19 00:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 16:36 - 2013-03-19 00:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-15 16:36 - 2011-02-03 06:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 16:35 - 2013-04-09 22:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-12 20:32 - 2013-05-12 20:36 - 90130256 ____A (Apple Inc.) C:\Users\David\Downloads\iTunes64Setup.exe
2013-05-12 18:26 - 2013-05-12 18:26 - 00001093 ____A C:\Users\Melinda\Desktop\Network Stumbler.lnk
2013-05-12 18:26 - 2013-05-12 18:26 - 00001093 ____A C:\Users\Kevin\Desktop\Network Stumbler.lnk
2013-05-12 18:25 - 2013-05-12 18:25 - 01324940 ____A C:\Users\David\Downloads\NetStumblerInstaller_0_4_0.exe
2013-05-08 20:29 - 2013-05-08 20:31 - 08435712 ____A C:\Users\David\Downloads\archpr_setup_en.msi
2013-05-08 20:29 - 2013-05-08 20:29 - 00311808 ____A C:\Users\David\Downloads\setup (3).exe
2013-05-08 20:28 - 2013-05-08 20:28 - 00311808 ____A C:\Users\David\Downloads\setup (2).exe
 
==================== One Month Modified Files and Folders =======
 
2013-06-07 11:58 - 2013-06-07 11:58 - 00000000 ____D C:\FRST
2013-06-07 11:57 - 2013-06-07 11:57 - 01918758 ____A (Farbar) C:\Users\David\Downloads\FRST64.exe
2013-06-07 11:48 - 2012-04-01 18:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-07 11:30 - 2013-06-01 13:00 - 00000410 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-06-07 11:16 - 2012-04-14 21:43 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-07 07:52 - 2013-06-03 13:36 - 00000000 ____D C:\Users\David\Downloads\Dump
2013-06-07 07:51 - 2013-06-07 07:51 - 00535058 ____A C:\Users\David\Downloads\060713-24086-01.zip
2013-06-07 07:51 - 2013-05-30 22:31 - 00000000 ____D C:\Users\David\Downloads\Download
2013-06-06 18:23 - 2013-05-31 14:45 - 00027381 ____A C:\Users\David\Desktop\attach.txt
2013-06-06 18:22 - 2013-05-31 14:45 - 00029235 ____A C:\Users\David\Desktop\dds.txt
2013-06-06 14:05 - 2012-04-01 11:17 - 00000000 ____D C:\Program Files\Puran Defrag
2013-06-06 12:53 - 2012-04-22 08:13 - 01632063 ____A C:\Windows\WindowsUpdate.log
2013-06-06 11:31 - 2012-06-13 13:33 - 00000000 ___RD C:\Users\David\SkyDrive
2013-06-06 11:30 - 2012-05-25 12:30 - 00000000 ____D C:\Users\David\AppData\Roaming\Dropbox
2013-06-06 11:29 - 2013-05-29 17:37 - 00000000 ____D C:\ProgramData\VMware
2013-06-06 11:29 - 2009-07-13 23:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-06 11:29 - 2009-07-13 23:45 - 00018736 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-06 11:23 - 2012-06-19 21:56 - 00000000 __RSD C:\Users\David\Documents\McAfee Vaults
2013-06-06 11:22 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\inetsrv
2013-06-06 11:20 - 2012-05-06 19:38 - 00000435 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-06-06 11:20 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-06 11:19 - 2013-05-21 21:45 - 00002711 ____A C:\Windows\setupact.log
2013-06-05 10:58 - 2009-07-14 00:13 - 00881532 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-04 10:46 - 2012-09-20 22:03 - 00000000 ____D C:\Users\David\AppData\Roaming\Skype
2013-06-04 08:26 - 2013-04-27 10:08 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-06-03 09:28 - 2012-09-10 17:34 - 00000632 _RASH C:\Users\David\ntuser.pol
2013-06-03 09:28 - 2012-03-02 20:40 - 00000000 ____D C:\users\David
2013-06-02 12:30 - 2013-02-28 20:37 - 00000000 ____D C:\Users\David\AppData\Roaming\GameMaker
2013-06-01 13:52 - 2012-09-20 22:03 - 00000000 ____D C:\ProgramData\Skype
2013-06-01 12:49 - 2012-05-25 12:44 - 00000000 ___RD C:\Users\David\Documents\Dropbox
2013-05-31 14:26 - 2013-05-31 14:28 - 01535974 ____A C:\Users\David\Desktop\CBS.log
2013-05-31 14:07 - 2013-05-31 14:07 - 00000000 ____D C:\Users\David\AppData\Roaming\Logitech
2013-05-31 14:07 - 2013-05-31 14:07 - 00000000 ____D C:\Users\David\AppData\Roaming\Logishrd
2013-05-31 14:06 - 2013-05-31 14:02 - 59248080 ____A (Logitech Inc.) C:\Users\David\Downloads\setpoint652_x64.exe
2013-05-31 13:46 - 2013-05-23 11:12 - 00016048 ____A C:\Windows\PFRO.log
2013-05-31 13:44 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-05-31 13:44 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
2013-05-31 12:43 - 2012-03-07 21:11 - 00007592 ____A C:\Users\David\AppData\Local\Resmon.ResmonCfg
2013-05-31 12:20 - 2013-05-31 12:20 - 00688992 ____R (Swearware) C:\Users\David\dds.com
2013-05-31 08:59 - 2013-05-31 08:58 - 04745728 ____A (AVAST Software) C:\Users\David\Downloads\aswMBR.exe
2013-05-31 08:52 - 2013-05-31 08:52 - 00050477 ____A C:\Users\David\Downloads\Defogger.exe
2013-05-31 08:52 - 2013-05-31 08:52 - 00000472 ____A C:\Users\David\Downloads\defogger_disable.log
2013-05-31 08:52 - 2013-05-31 08:52 - 00000000 ____A C:\Users\David\defogger_reenable
2013-05-31 08:36 - 2013-05-31 08:36 - 00000000 ____D C:\Program Files (x86)\ESET
2013-05-31 00:07 - 2013-03-21 14:06 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-05-30 23:39 - 2012-11-23 20:12 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-05-30 23:39 - 2012-07-22 17:18 - 00000000 ____D C:\Program Files\s3oc
2013-05-30 23:37 - 2013-05-30 23:37 - 00816128 ____A C:\Users\David\Downloads\RogueKiller.exe
2013-05-30 23:36 - 2013-05-30 22:43 - 00000000 ____D C:\ProgramData\Best Buy pc app
2013-05-30 23:36 - 2012-03-02 21:52 - 00000000 __HDC C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}
2013-05-30 23:24 - 2013-05-30 23:24 - 02347384 ____A (ESET) C:\Users\David\Downloads\esetsmartinstaller_enu.exe
2013-05-30 23:07 - 2012-03-17 09:22 - 00000000 ____D C:\ProgramData\WildTangent
2013-05-30 23:07 - 2012-03-17 09:22 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-05-30 23:04 - 2013-05-30 23:04 - 00467813 ____A C:\Users\David\Downloads\metro_clock_v3_by_dejco-d3hxoj9.rar
2013-05-30 22:46 - 2012-03-17 09:32 - 00000000 ____D C:\Program Files (x86)\WildGames
2013-05-30 22:46 - 2010-03-23 20:06 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-05-30 22:44 - 2012-03-02 21:52 - 00000000 ____D C:\Users\David\AppData\Local\Deployment
2013-05-30 22:43 - 2013-01-09 18:58 - 00000000 ____D C:\Windows\pss
2013-05-30 22:41 - 2013-05-30 22:41 - 00000000 ____D C:\Users\David\AppData\Local\PackageAware
2013-05-30 22:34 - 2013-05-30 22:34 - 01549632 ____A (IObit) C:\Users\David\Downloads\iobituninstaller.exe
2013-05-30 22:34 - 2013-03-31 11:38 - 00000000 ____D C:\Users\David\AppData\Roaming\IObit
2013-05-30 22:30 - 2013-05-30 22:30 - 00942896 ____A C:\Users\David\Downloads\IObit_Uninstaller_downloader.exe
2013-05-30 22:23 - 2013-05-30 22:23 - 08771072 ____A (IvoSoft) C:\Users\David\Downloads\ClassicShellSetup_3_6_7 (2).exe
2013-05-30 22:23 - 2013-05-30 22:23 - 08771072 ____A (IvoSoft) C:\Users\David\Downloads\ClassicShellSetup_3_6_7 (1).exe
2013-05-30 22:20 - 2013-05-30 22:19 - 01678013 ____A C:\Users\David\Downloads\pc-decrapifier-2.3.1.exe
2013-05-30 22:20 - 2013-05-30 22:19 - 01678013 ____A C:\Users\David\Downloads\pc-decrapifier-2.3.1 (1).exe
2013-05-30 22:19 - 2013-05-30 22:06 - 04722870 ____A C:\Users\David\Downloads\ClassicShellSetup_3_6_7.exe
2013-05-30 22:11 - 2013-05-30 22:11 - 00000000 ____D C:\Users\David\Downloads\windows8_rtm_logon_for_windows7_by_peterrollar-d58x4cp
2013-05-30 22:07 - 2013-05-30 22:07 - 00000000 ____D C:\Program Files (x86)\EMET
2013-05-30 22:03 - 2013-05-30 22:03 - 00057457 ____A C:\Users\David\Downloads\Windows-8-Metro-Task-Manager.zip
2013-05-30 22:00 - 2013-05-30 22:00 - 06325248 ____A C:\Users\David\Downloads\EMET Setup.msi
2013-05-30 21:56 - 2013-05-30 21:56 - 00001555 ____A C:\Users\David\Downloads\Add-Take-Ownership-Option.zip
2013-05-30 21:55 - 2013-05-30 21:55 - 00676061 ____A C:\Users\David\Downloads\windows8_rtm_logon_for_windows7_by_peterrollar-d58x4cp.rar
2013-05-30 21:43 - 2013-04-27 10:08 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys.old
2013-05-30 21:30 - 2013-01-02 21:49 - 00000000 ____D C:\Windows\Minidump
2013-05-30 21:29 - 2013-05-30 20:59 - 00925184 ____A C:\Windows\expstart.exe
2013-05-30 21:03 - 2013-05-22 21:03 - 01366280 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-30 20:58 - 2013-05-30 20:57 - 00000000 ____D C:\Windows\w7upfc
2013-05-30 20:56 - 2013-05-30 20:56 - 00452830 ____A C:\Users\David\Downloads\Windows 7 User Picture Frame Changer.zip
2013-05-30 20:56 - 2013-05-30 20:55 - 00216168 ____A C:\Users\David\Downloads\Windows 7 Start Orb Changer.zip
2013-05-30 20:53 - 2013-05-21 22:01 - 00447064 ____A C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT
2013-05-30 20:36 - 2013-05-30 20:36 - 00000000 ____D C:\Users\David\Downloads\windows_8_rtm_theme_for_windows_7_by_mare_m-d59vtny
2013-05-30 20:30 - 2013-05-30 20:29 - 17653895 ____A C:\Users\David\Downloads\windows_8_rtm_theme_for_windows_7_by_mare_m-d59vtny.7z
2013-05-30 20:29 - 2013-05-30 20:29 - 00082664 ____A C:\Users\David\Downloads\UniversalThemePatcher_20090409.zip
2013-05-30 19:45 - 2010-04-13 20:11 - 00003788 ____A C:\Windows\MOBK.blk
2013-05-30 19:45 - 2010-04-13 20:11 - 00002194 ____A C:\Windows\MOBK.flt
2013-05-30 18:43 - 2013-05-29 12:55 - 00000000 ____D C:\win7
2013-05-30 18:05 - 2013-05-29 21:21 - 00000000 ____D C:\Program Files (x86)\vLite
2013-05-30 17:44 - 2013-05-30 17:44 - 00000000 ____D C:\Users\David\AppData\Local\Vlite
2013-05-30 16:00 - 2013-05-30 15:55 - 00000000 ____D C:\Program Files\Windows AIK
2013-05-30 15:56 - 2013-05-30 15:56 - 00000000 ____D C:\Program Files\Windows Imaging
2013-05-30 15:54 - 2009-07-14 02:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-05-30 15:52 - 2013-05-30 14:25 - 1789542400 ____A C:\Users\David\Downloads\KB3AIK_EN.iso
2013-05-30 15:44 - 2013-05-30 15:44 - 00001046 ____A C:\Users\Melinda\Desktop\WinDirStat.lnk
2013-05-30 15:44 - 2013-05-30 15:44 - 00001046 ____A C:\Users\Kevin\Desktop\WinDirStat.lnk
2013-05-30 15:44 - 2013-05-30 15:44 - 00000000 ____D C:\Program Files (x86)\WinDirStat
2013-05-30 15:44 - 2013-03-24 21:12 - 00000000 ___RD C:\Users\David\Desktop\Junk
2013-05-30 15:43 - 2013-05-30 15:43 - 00645729 ____A (WDS Team) C:\Users\David\Downloads\windirstat1_1_2_setup.exe
2013-05-30 15:28 - 2013-05-30 15:28 - 00632031 ____A C:\Users\David\Downloads\AdwCleaner.exe
2013-05-30 15:11 - 2010-11-11 18:08 - 00000000 ____D C:\Users\David\Documents\SCD2013
2013-05-30 14:30 - 2013-05-30 14:30 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-05-30 14:27 - 2013-05-30 14:27 - 01588760 ____A C:\Users\David\Downloads\SetupVirtualCloneDrive5460.exe
2013-05-29 21:42 - 2013-05-29 21:42 - 00000020 ____A C:\Windows\System32\b.txt
2013-05-29 21:41 - 2013-05-29 21:41 - 00000084 ____A C:\Windows\System32\a.txt
2013-05-29 21:26 - 2013-05-29 21:26 - 02383580 ____A C:\Users\David\Downloads\ISO Maker 1.0.7z
2013-05-29 21:21 - 2013-05-29 21:21 - 01620715 ____A (Dino Nuhagic (nuhi)                                         ) C:\Users\David\Downloads\vLite-1.2.installer.exe
2013-05-29 18:12 - 2013-05-29 17:46 - 00000000 ____D C:\Users\David\AppData\Local\VMware
2013-05-29 18:05 - 2013-05-29 15:24 - 00000000 ____D C:\Users\David\Documents\Windows Updates Downloader
2013-05-29 18:02 - 2013-05-29 17:44 - 00000000 ____D C:\Users\David\Documents\win7 iso
2013-05-29 17:53 - 2013-05-29 17:45 - 00000000 ____D C:\Users\David\AppData\Roaming\VMware
2013-05-29 17:52 - 2013-05-29 17:52 - 00000000 ____D C:\Users\David\Documents\Virtual Machines
2013-05-29 17:37 - 2013-05-29 17:37 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-05-29 17:37 - 2013-05-29 17:37 - 00000000 ____D C:\Program Files (x86)\VMware
2013-05-29 17:37 - 2012-03-03 01:18 - 00894886 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-05-29 17:19 - 2013-05-29 17:13 - 79676336 ____A (VMware, Inc.) C:\Users\David\Downloads\VMware-player-5.0.2-1031769.exe
2013-05-29 15:31 - 2013-05-29 15:28 - 00000000 ____D C:\Users\David\Downloads\New folder
2013-05-29 15:19 - 2013-05-29 15:19 - 00000000 ____D C:\Users\David\AppData\Local\Supremus Corporation
2013-05-29 15:18 - 2013-05-29 15:18 - 00256053 ____A C:\Users\David\Downloads\WUD250B1002Setup.exe
2013-05-29 15:18 - 2013-05-29 15:18 - 00012534 ____A C:\Users\David\Downloads\windows-7-sp1-x64-enu.ulz
2013-05-29 14:18 - 2013-05-29 12:36 - 00000000 ____D C:\Users\David\.android
2013-05-29 14:12 - 2013-05-29 14:09 - 42225628 ____A C:\Users\David\Downloads\IE10-Windows6.1-KB2718695-x64.cab
2013-05-29 14:08 - 2013-05-29 14:08 - 00000000 ____D C:\ie10
2013-05-29 14:07 - 2013-05-29 14:07 - 00846864 ____A (Microsoft Corporation) C:\IE10-Windows6.1-en-us.exe
2013-05-29 13:37 - 2013-05-29 13:37 - 00000000 ____D C:\Windows\System32\RT 7 Lite
2013-05-29 13:36 - 2013-05-29 13:36 - 00000000 ____D C:\Program Files\Rockers Team
2013-05-29 13:31 - 2013-05-29 13:29 - 16184710 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x64_sp1.exe
2013-05-29 12:33 - 2013-05-29 12:35 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-29 12:33 - 2013-05-29 12:35 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-29 12:33 - 2013-05-29 12:35 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-29 12:33 - 2013-05-29 12:35 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-29 12:33 - 2013-05-29 12:35 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-29 12:33 - 2013-05-29 12:35 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-29 12:33 - 2013-05-29 11:54 - 00000000 ____D C:\Users\David\Downloads\adt-bundle-windows-x86_64-20130514
2013-05-29 12:30 - 2013-05-29 12:07 - 00000000 ____D C:\Program Files\Java
2013-05-29 12:29 - 2013-03-19 12:28 - 00000000 ____D C:\win8
2013-05-29 12:01 - 2013-05-29 11:52 - 94973848 ____A (Oracle Corporation) C:\Users\David\Downloads\jdk-7u21-windows-x64.exe
2013-05-29 11:22 - 2013-05-29 11:21 - 16183067 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x64.exe
2013-05-29 11:20 - 2013-05-29 11:20 - 16144455 ____A (Rockers Team) C:\Users\David\Downloads\rt_7_lite_win7_Vista_x86.exe
2013-05-27 20:14 - 2013-05-27 20:14 - 00078639 ____A C:\Users\David\Downloads\900x900px-LL-48341c04_SC-65_rear.jpeg
2013-05-27 16:56 - 2010-03-23 20:08 - 00000000 ____D C:\ProgramData\Adobe
2013-05-27 16:42 - 2013-05-27 16:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-27 10:18 - 2013-05-27 10:17 - 00000000 ____D C:\Users\David\Documents\Security
2013-05-25 20:02 - 2013-05-25 19:34 - 440868113 ____A C:\Users\David\Downloads\adt-bundle-windows-x86_64-20130514.zip
2013-05-24 15:44 - 2013-05-24 15:42 - 27024112 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer (2).exe
2013-05-23 16:16 - 2013-05-23 16:16 - 00009238 ____A C:\Users\David\Downloads\AwesomeMod Updater v2.8.0.181.zip
2013-05-23 16:13 - 2012-06-04 09:50 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-05-23 16:04 - 2013-05-23 16:00 - 63210976 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer (1).exe
2013-05-23 16:00 - 2013-05-23 15:59 - 27024112 ____A (Microsoft Corporation) C:\Users\David\Downloads\PowerPointViewer.exe
2013-05-23 09:55 - 2013-05-22 21:37 - 00000020 ____H C:\ProgramData\PKP_DLet.DAT
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\Users\David\AppData\Roaming\Nikon
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\Users\David\AppData\Local\Nikon
2013-05-23 09:54 - 2013-05-23 09:54 - 00000000 ____D C:\res
2013-05-23 08:40 - 2012-05-13 20:38 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-05-22 21:44 - 2013-05-22 21:44 - 00000000 ____D C:\Users\David\AppData\Roaming\ArcSoft
2013-05-22 21:41 - 2013-05-22 21:38 - 00000000 ____D C:\Program Files (x86)\Nikon
2013-05-22 21:40 - 2013-05-22 21:38 - 00000000 ____D C:\Program Files\Common Files\Nikon
2013-05-22 21:40 - 2013-05-22 21:37 - 00000000 ____D C:\Users\David\AppData\Local\Downloaded Installations
2013-05-22 21:40 - 2010-03-23 20:06 - 00000000 ____D C:\Windows\Downloaded Installations
2013-05-22 21:39 - 2013-05-22 21:39 - 00000268 ___RH C:\Users\David\AppData\Roaming\PageLibraries
2013-05-22 21:39 - 2013-05-22 21:39 - 00000268 ___RH C:\ProgramData\Perl
2013-05-22 21:39 - 2013-05-22 21:39 - 00000020 ____H C:\ProgramData\PKP_DLes.DAT
2013-05-22 21:39 - 2013-05-22 21:39 - 00000000 ____D C:\ProgramData\Filters
2013-05-22 21:39 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Ultima_T15
2013-05-22 21:39 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\EnterNHelp
2013-05-22 21:38 - 2013-05-22 21:38 - 00000000 ____D C:\Program Files\Nikon
2013-05-22 21:37 - 2013-05-22 21:38 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ATL71.DLL
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\PPD Plugins
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\Planets
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\Users\David\AppData\Roaming\Pedal Hard
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Plugins
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Phaser
2013-05-22 21:37 - 2013-05-22 21:37 - 00000268 ___RH C:\ProgramData\Percussion Kit
2013-05-22 21:37 - 2013-05-22 21:37 - 00000020 ____H C:\ProgramData\PKP_DLev.DAT
2013-05-22 21:37 - 2013-05-22 21:37 - 00000020 ____H C:\ProgramData\PKP_DLeo.DAT
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Organic
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Font Book
2013-05-22 21:37 - 2013-05-22 21:37 - 00000000 ____D C:\ProgramData\Error Handlers
2013-05-22 21:19 - 2013-05-22 21:19 - 00000000 ____D C:\Users\David\Documents\100PHOTO
2013-05-22 21:16 - 2013-05-22 21:16 - 00000000 ____D C:\Users\David\Downloads\Nikon
2013-05-21 21:45 - 2013-05-21 21:45 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2013-05-21 21:45 - 2013-05-21 21:45 - 00000000 ____A C:\Windows\setuperr.log
2013-05-21 21:40 - 2013-05-21 21:39 - 08508536 ____A C:\Users\David\Downloads\F-S6300-V11W.exe
2013-05-21 21:05 - 2013-05-21 21:04 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-05-21 21:05 - 2013-05-21 21:04 - 00000000 ____D C:\Program Files\iTunes
2013-05-21 21:05 - 2013-05-21 21:04 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-05-21 21:04 - 2013-05-21 21:04 - 00000000 ____D C:\Program Files\iPod
2013-05-21 21:01 - 2013-05-21 21:01 - 00000000 ____D C:\Program Files\Bonjour
2013-05-21 21:01 - 2013-05-21 21:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-05-21 20:56 - 2013-03-21 14:21 - 00000000 ____D C:\Users\David\Documents\regback
2013-05-20 20:23 - 2013-05-20 20:23 - 00108829 ____A C:\Users\David\Downloads\fracture.zip
2013-05-20 18:51 - 2013-05-20 18:51 - 00000151 ____A C:\Users\David\Documents\Ad.txt
2013-05-19 05:54 - 2013-05-19 05:54 - 00097176 ____A (Elaborate Bytes AG) C:\Windows\SysWOW64\ElbyCDIO.dll
2013-05-16 21:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-05-16 03:16 - 2012-03-02 20:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-16 03:10 - 2012-03-02 22:13 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-15 20:25 - 2013-05-15 20:25 - 00000000 ____D C:\Users\David\AppData\Roaming\Avant Downloader
2013-05-15 20:17 - 2013-05-15 20:14 - 00000000 ____D C:\Program Files (x86)\Avant Browser
2013-05-15 20:13 - 2013-05-15 20:12 - 30274780 ____A (SRWare                                                      ) C:\Users\David\Downloads\srware_iron.exe
2013-05-15 20:12 - 2013-05-15 20:09 - 47482784 ____A (Avant Force) C:\Users\David\Downloads\asetup.exe
2013-05-15 17:09 - 2013-05-15 17:09 - 00000037 ___SH C:\Users\David\AppData\Local\70149b02515b3bb20dd492.47983420
2013-05-15 17:09 - 2013-05-15 17:09 - 00000000 ____D C:\Users\David\AppData\Local\MetaGeek,_LLC
2013-05-15 17:05 - 2013-05-15 17:05 - 00368070 ____A C:\Users\David\Downloads\iperf-3.0b5.tar.gz
2013-05-15 17:04 - 2013-05-15 17:03 - 06635520 ____A C:\Users\David\Downloads\inSSIDer-installer.msi
2013-05-15 17:01 - 2013-05-15 17:01 - 04303160 ____A C:\Users\David\Downloads\tt1.zip
2013-05-14 21:50 - 2012-04-01 18:26 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 21:50 - 2012-03-02 23:14 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-13 23:04 - 2012-03-13 21:32 - 00000000 ____D C:\Users\David\Documents\Homework
2013-05-12 20:36 - 2013-05-12 20:32 - 90130256 ____A (Apple Inc.) C:\Users\David\Downloads\iTunes64Setup.exe
2013-05-12 18:26 - 2013-05-12 18:26 - 00001093 ____A C:\Users\Melinda\Desktop\Network Stumbler.lnk
2013-05-12 18:26 - 2013-05-12 18:26 - 00001093 ____A C:\Users\Kevin\Desktop\Network Stumbler.lnk
2013-05-12 18:25 - 2013-05-12 18:25 - 01324940 ____A C:\Users\David\Downloads\NetStumblerInstaller_0_4_0.exe
2013-05-08 20:31 - 2013-05-08 20:29 - 08435712 ____A C:\Users\David\Downloads\archpr_setup_en.msi
2013-05-08 20:29 - 2013-05-08 20:29 - 00311808 ____A C:\Users\David\Downloads\setup (3).exe
2013-05-08 20:28 - 2013-05-08 20:28 - 00311808 ____A C:\Users\David\Downloads\setup (2).exe
2013-05-08 20:13 - 2013-05-07 16:58 - 00000000 ____D C:\Users\David\Documents\Crackr
 
Files to move or delete:
====================
C:\Users\David\GoToAssistDownloadHelper.exe
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
Last Boot: 2013-06-03 16:40
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2013 01
Ran by David at 2013-06-07 12:12:22 Run:
Running from C:\Users\David\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Fuel (Version: 2012.0704.2139.36919)
AMD VISION Engine Control Center (Version: 2012.0704.2139.36919)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 2.0.12.13)
Avant Browser (remove only) (Version: 12.5.0.0)
Best Buy pc app (Version: 3.2.2.1)
Bonjour (Version: 3.0.0.10)
Canon Easy-PhotoPrint EX
Canon IJ Network Tool (Version: 3.1.1)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MP Navigator EX 4.0
Canon MP495 series MP Drivers
Canon MP495 series User Registration
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center InstallProxy (Version: 2012.0704.2139.36919)
Catalyst Control Center Localization All (Version: 2012.0704.2139.36919)
CCC Help Chinese Standard (Version: 2012.0704.2138.36919)
CCC Help Chinese Traditional (Version: 2012.0704.2138.36919)
CCC Help Czech (Version: 2012.0704.2138.36919)
CCC Help Danish (Version: 2012.0704.2138.36919)
CCC Help Dutch (Version: 2012.0704.2138.36919)
CCC Help English (Version: 2012.0704.2138.36919)
CCC Help Finnish (Version: 2012.0704.2138.36919)
CCC Help French (Version: 2012.0704.2138.36919)
CCC Help German (Version: 2012.0704.2138.36919)
CCC Help Greek (Version: 2012.0704.2138.36919)
CCC Help Hungarian (Version: 2012.0704.2138.36919)
CCC Help Italian (Version: 2012.0704.2138.36919)
CCC Help Japanese (Version: 2012.0704.2138.36919)
CCC Help Korean (Version: 2012.0704.2138.36919)
CCC Help Norwegian (Version: 2012.0704.2138.36919)
CCC Help Polish (Version: 2012.0704.2138.36919)
CCC Help Portuguese (Version: 2012.0704.2138.36919)
CCC Help Russian (Version: 2012.0704.2138.36919)
CCC Help Spanish (Version: 2012.0704.2138.36919)
CCC Help Swedish (Version: 2012.0704.2138.36919)
CCC Help Thai (Version: 2012.0704.2138.36919)
CCC Help Turkish (Version: 2012.0704.2138.36919)
ccc-utility64 (Version: 2012.0704.2139.36919)
CCleaner (Version: 4.01)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.119.0.60)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
doubleTwist (Version: 3.2.1.14961)
Dropbox (Version: 2.0.22)
EMET (Version: 3.0.0)
ESET Online Scanner v3
F.lux
Free YouTube Downloader HD 3.1.2
GameMaker 8.1
Google Chrome (Version: 27.0.1453.110)
Google Earth Plug-in (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
Greeting Card Factory Deluxe 9.0 (Version: 9.0.0.22)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.0.3.42)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Java SE Development Kit 7 Update 21 (64-bit) (Version: 1.7.0.210)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 16.4.3505.0912)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Mavis Beacon Platinum - 25th Anniv. Ed. (Version: 21.00.0000)
McAfee Online Backup (Version: 1.16.4.0)
McAfee Total Protection (Version: 12.1.323)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access database engine 2010 (English) (Version: 14.0.6029.1000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (Version: 17.0.2010.0530)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Movie Maker (Version: 16.4.3505.0912)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
Nikon Message Center 2 (Version: 2.1.0)
Nikon Movie Editor (Version: 2.7.0)
NirSoft BlueScreenView
Origin (Version: 8.5.0.4554)
PC Connectivity Solution (Version: 11.5.29.0)
Photo Gallery (Version: 16.4.3505.0912)
PreReq (Version: 6.2.4.0)
Puran Defrag 7.3
Puran Defrag Free Edition 7.3
PyScripter 2.5.3 (Version: 2.5.3)
Python 2.7.4 (Version: 2.7.4150)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Realtek WLAN Driver (Version: 2.00.0011)
Recuva (Version: 1.44)
Revo Uninstaller 1.94 (Version: 1.94)
RT 7 Lite (64-Bit) (Version: 2.6.0)
RT 7 Lite x64 (Version: 2.6.0)
s3pe - Sims3 Package Editor (Version: 12-1225-1206)
Secunia PSI (3.0.0.6005) (Version: 3.0.0.6005)
Shared C Run-time for x64 (Version: 10.0.0)
Skype™ 6.3 (Version: 6.3.107)
SlimDrivers (Version: 2.2.29035)
Soluto (Version: 1.3.1149.0)
Speccy (Version: 1.21)
Synaptics Pointing Device Driver (Version: 15.0.8.1)
tools-windows (Version: 9.2.3.1031769)
TOSHIBA Application Installer (Version: 9.0.1.0)
TOSHIBA Assist (Version: 3.00.10)
TOSHIBA Bulletin Board (Version: 1.6.06.64)
TOSHIBA Disc Creator (Version: 2.1.0.2 for x64)
TOSHIBA eco Utility (Version: 1.2.7.64)
TOSHIBA Face Recognition (Version: 3.1.3.64)
TOSHIBA Hardware Setup (Version: 4.03.02.00)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6)
TOSHIBA Media Controller (Version: 1.0.80.3.64)
TOSHIBA Media Controller Plug-in (Version: 1.0.4.9)
TOSHIBA PC Health Monitor (Version: 1.6.0.64)
TOSHIBA Quality Application (Version: 1.0.3)
TOSHIBA Recovery Media Creator (Version: 2.1.0.4 for x64)
TOSHIBA ReelTime (Version: 1.6.05.64)
TOSHIBA Service Station (Version: 2.2.9)
TOSHIBA Supervisor Password (Version: 4.03.02.00)
TOSHIBA Value Added Package (Version: 1.3.2.64)
TOSHIBA Web Camera Application (Version: 1.1.1.15)
ToshibaRegistration (Version: 1.0.4)
Unity Web Player (Version: )
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
ViewNX 2 (Version: 2.7.5)
Virtual City (Version: 2.2.0.95)
Virtual City 2: Paradise Resort (Version: 2.2.0.98)
VirtualCloneDrive
vLite (Version: 1.2)
VMware Player (Version: 5.0.2)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Toshiba Games) (Version: 4.0.5.36)
WildTangent Games App (Version: 4.0.9.3)
WinDirStat 1.1.2
Windows Automated Installation Kit (Version: 2.0.0.0)
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
XnConvert 1.55 (Version: 1.55)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
  ::1             localhost
 
 127.0.0.1       localhost
 
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/06/2013 11:30:14 AM) (Source: MsiInstaller) (User: David-PC)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
 
Error: (06/06/2013 11:20:20 AM) (Source: EvntAgnt) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
 
Error: (06/06/2013 11:20:20 AM) (Source: EvntAgnt) (User: )
Description: Error processing registry parameters. Extension agent terminating.
 
Error: (06/06/2013 11:20:20 AM) (Source: EvntAgnt) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
 
Error: (06/04/2013 03:07:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/04/2013 08:25:22 AM) (Source: MsiInstaller) (User: David-PC)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
 
Error: (06/04/2013 08:16:11 AM) (Source: EvntAgnt) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
 
Error: (06/04/2013 08:16:11 AM) (Source: EvntAgnt) (User: )
Description: Error processing registry parameters. Extension agent terminating.
 
Error: (06/04/2013 08:16:11 AM) (Source: EvntAgnt) (User: )
Description: SNMP Event Log Extension Agent did not initialize correctly.
 
Error: (06/03/2013 04:41:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (06/06/2013 11:22:24 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
Error: (06/06/2013 11:21:54 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
Error: (06/06/2013 11:21:24 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
Error: (06/06/2013 11:21:23 AM) (Source: DCOM) (User: )
Description: {A9E69610-B80D-11D0-B9B9-00A0C922E750}
 
Error: (06/06/2013 11:20:53 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
Error: (06/06/2013 11:20:20 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
Error: (06/06/2013 11:20:16 AM) (Source: SNMP) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
 
Error: (06/06/2013 11:19:46 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!
 
Error: (06/05/2013 10:53:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
 
Error: (06/04/2013 08:17:54 AM) (Source: Service Control Manager) (User: )
Description: The IIS Admin Service service terminated with service-specific error %%-2146893818.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-31 00:10:19.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-31 00:10:19.272
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-31 00:10:19.257
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\McAfee\VSCore\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-28 09:25:21.448
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.2.9200.16384_none_1e6fca32e090c9e9\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-28 09:25:20.486
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Program Files\Windows Defender\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-21 07:42:20.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.2.9200.16384_none_1e6fca32e090c9e9\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-21 07:42:19.919
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Program Files\Windows Defender\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-20 16:57:23.506
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.2.9200.16384_none_1e6fca32e090c9e9\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-20 16:57:22.553
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Program Files\Windows Defender\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-05-19 10:02:03.450
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\win8\test\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.2.9200.16384_none_1e6fca32e090c9e9\MsMpEng.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 34%
Total physical RAM: 7926.86 MB
Available physical RAM: 5179.08 MB
Total Pagefile: 7925.05 MB
Available Pagefile: 5176.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (TI105828W0G) (Fixed) (Total:286.55 GB) (Free:147.7 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D128BFEF)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=17)
 
==================== End Of Log ============================

 



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 04:54 PM

Hi David,

Please do this for me.

===================================================

ListParts by Farbar for 64 bit Systems

--------------------
  • Please download ListParts64.exe (for 64 bit systems), or and save it to your desktop
  • Double click the icon to launch the program
  • Select Run
  • Select Scan
  • Select OK and wait for a Result - Notepad document to open on your desktop
  • Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Result log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 07 June 2013 - 05:15 PM

The log:

 

ListParts by Farbar Version: 10-05-2013
Ran by David (administrator) on 07-06-2013 at 17:14:33
Windows 7 (X64)
Running From: C:\Users\David\Downloads
Language: 0409
************************************************************
 
========================= Memory info ====================== 
 
Percentage of memory in use: 44%
Total physical RAM: 7926.86 MB
Available physical RAM: 4397.5 MB
Total Pagefile: 7925.05 MB
Available Pagefile: 4132.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
======================= Partitions =========================
 
1 Drive c: (TI105828W0G) (Fixed) (Total:286.55 GB) (Free:147.7 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          298 GB  1024 KB         
 
Partitions of Disk 0:
===============
 
Disk ID: D128BFEF
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Recovery          1500 MB  1024 KB
  Partition 2    Primary            286 GB  1501 MB
  Partition 3    Primary             10 GB   288 GB
 
======================================================================================================
 
Disk: 0
Partition 1
Type  : 27
Hidden: Yes
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2         System       NTFS   Partition   1500 MB  Healthy    Hidden  
 
======================================================================================================
 
Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     C   TI105828W0G  NTFS   Partition    286 GB  Healthy    Boot    
 
======================================================================================================
 
Disk: 0
Partition 3
Type  : 17
Hidden: Yes
Active: No
 
There is no volume associated with this partition.
 
======================================================================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: D128BFEF
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=287 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=17)
 
 
****** End Of Log ****** 

 



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 07:47 PM

Hi David,

Thank you for the information. I would like to test something. Please do this.

===================================================

Creating a New User Profile With Administrative Privileges

--------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Copy and paste the following in the run box then press Enter

control /name Microsoft.UserAccounts

  • Click Manage another account
  • Click Create a new account
  • Type Test in the new account name box then click Next
  • Select Administrator then click Create Account
  • Close the User Accounts window
  • Reboot your computer and log in as Test
  • Check for the UAC prompt behavior
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 07 June 2013 - 08:52 PM

That works. I guess my User Account is corrupted. What folders could copy the contents of into a new user account? Any suggestions for my computer? Any Anti-Virus to replace McAfee that also free (and that is also not AVG, or Norton)? Any ideas on how to rid the uninstalled Best Buy PC App or DefaultTab or SweetPack remaining parts? 

Is that the solution or are you working on towards on bigger picture solution?

Any knowledge on how to prevent Account corruptage?



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 09:02 PM

Greetings,

Let's first set up your user account with all your information, except the corruption. Please do this.

===================================================

Creating a New User Profile

--------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type nusrmgr.cpl and press Enter
  • Click Create a new account
  • Type the new account name you want to use then click Next
  • Select Computer administrator then click Create Account
  • Repeat these steps and create another account with Computer administrator privileges and name it Guest
  • Close the User Accounts window
  • Reboot your computer and log in as Guest
  • Click Start, then select Documents (or My Documents)
  • Click Tools, then Folder Options
  • Click View, place a checkmark next to Show hidden files and folders, and uncheck Hide protected operating system files
  • Click OK
  • Using Windows Explorer navigate to C:\Users\David
  • Holding down the Ctrl key, left click each entry in the folder EXCEPT for the following, if they exist:
    • Ntuser.dat
    • Ntuser.dat.log
    • Ntuser.ini
  • Right click and select Copy
  • Left click on the new user account name you created (not Guest)
  • Right click on the screen to the right and select Paste
  • Close any open windows, reboot your computer, and log in to the new user name
  • Check All Programs and Accessories to see if they appear and work properly
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Were you able to successfully create a new user profile?

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 dmssargent

dmssargent
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:32 PM

Posted 07 June 2013 - 10:26 PM

Step 2 Problem 

Windows cannot find 'nusrmgr.cpl'. Make sure you typed the name correctly, and the try again.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 10:37 PM

Click Start, type/click on User Accounts, Manage Another Account, then Create a New Account.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 17,403 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:32 AM

Posted 07 June 2013 - 10:48 PM

Hi David,

Just wanted to let you know I am closing shop for the night but will check in on you in the morning. Once we get the new account set up we will deal with any remaining issues.

G'Nite......

Edited by Oh My, 07 June 2013 - 10:48 PM.

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users