Recent Posts

Pages: [1] 2 3 ... 10
1
Hello briannab1369 and welcome,

Forum protocol asks that all logs are copy/pasted to your replies, if for any reason that is not possible please zip them up before attaching them.

I do not see any obvious malware/infection in those logs you post, we have a look with other scanners:

Scan with Gmer rootkit scanner

Please download Gmer from Here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
Sections
        IAT/EAT
        Show All
( should be unchecked by default )

  • Leave everything else as it is.
  • Close all other running Programs as well as your Browsers.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.

Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

**If GMER crashes** Follow the instructions here and disable your security temporarily…

Next,

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
  • Post back the report which should also be located here:

C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------XP

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Thank you,

Kevin...

2
I have removed your attachments, please follow the instructions posted in the stickie at the top of the thread I gave in my initial reply. Do not attach logs, copy and paste them to your reply as follows. Thank you...

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17344  BrowserJavaVersion: 11.25.2
Run by Kaylynn Dixon-Ruiz at 1:48:24 on 2014-10-31
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3891.1062 [GMT -6:00]
.
AV: COMODO Antivirus *Enabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
c:\program files (x86)\cmcm\Clean Master\cmcore.exe
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k apphost
C:\windows\system32\CISVC.EXE
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\windows\System32\snmp.exe
C:\windows\system32\ThpSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\PROGRA~2\SPEEDB~1\VideoAcceleratorService.exe
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\alg.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Comodo\IceDragon\icedragon_updater.exe
C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\GlassWire\GWIdlMon.exe
C:\Program Files (x86)\GlassWire\GlassWire.exe
C:\windows\system32\igfxext.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Comodo\IceDragon\icedragon.exe
C:\windows\System32\WUDFHost.exe
C:\Program Files (x86)\Comodo\IceDragon\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: AutorunsDisabled - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide
uRun: [AutoStartVMA] C:\Program Files (x86)\Verizon\Verizon Messages\WinVMAClient.exe
mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
mRun: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} -
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: secunia.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{71BD0572-01B5-491F-BEDE-46D9B2895D4B} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C0759AF6-90D2-43E7-8890-7FCA2CABFBF7} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{DDE82CB6-8BED-46EB-AB72-56F888DF3573} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: AutorunsDisabled - <Clsid value has no data>
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://start.toshiba.com/
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll
x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll
x64-BHO: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - <orphaned>
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [IntelPROSet] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
x64-Run: [IntelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-Handler: AutorunsDisabled - <Clsid value has no data>
x64-Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\Mozilla\Firefox\Profiles\hrxrlwvh.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll
FF - plugin: C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2014-4-1 482384]
R1 CFRMD;CFRMD;C:\windows\System32\drivers\CFRMD.sys [2014-6-25 37976]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\windows\System32\drivers\cmderd.sys [2014-3-25 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\windows\System32\drivers\cmdguard.sys [2014-3-25 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\windows\System32\drivers\cmdhlp.sys [2014-3-25 48360]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2014-10-9 63000]
R1 gwdrv;GlassWire Driver;C:\windows\System32\drivers\gwdrv.sys [2014-10-28 32784]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver;C:\windows\System32\drivers\hmd.sys [2014-6-25 14888]
R1 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2014-10-27 93400]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-3-20 70352]
R2 cmcore;Clean Master Core Service;C:\Program Files (x86)\cmcm\Clean Master\cmcore.exe [2014-10-3 315240]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2012-7-18 514048]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-5-21 2135232]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\windows\System32\drivers\bpenum.sys [2012-7-3 84480]
R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\windows\System32\drivers\bpmp.sys [2012-7-3 182272]
R3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;C:\windows\System32\drivers\bpusb.sys [2012-7-3 84992]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2014-4-1 56344]
R3 ksapi64;ksapi64;C:\windows\System32\drivers\ksapi64.sys [2014-10-3 56680]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2014-10-27 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-10-27 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\windows\System32\drivers\mwac.sys [2014-10-27 63704]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2014-4-1 35008]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2014-4-1 331880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 acpials;ALS Sensor Filter;C:\windows\System32\drivers\acpials.sys [2009-7-14 9728]
S3 Andbus;LGE Android Platform Composite USB Device;C:\windows\System32\drivers\lgandbus64.sys [2014-5-16 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\windows\System32\drivers\lganddiag64.sys [2014-5-16 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\windows\System32\drivers\lgandgps64.sys [2014-5-16 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\windows\System32\drivers\lgandmodem64.sys [2014-5-16 34304]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\windows\System32\drivers\lgandnetdiag64.sys [2014-5-16 29184]
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;C:\windows\System32\drivers\lgandnetgps64.sys [2014-5-16 28160]
S3 ANDNetModem;LGE AndroidNet USB Modem;C:\windows\System32\drivers\lgandnetmodem64.sys [2014-5-16 36352]
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;C:\windows\System32\drivers\lgandnetndis64.sys [2014-5-16 93184]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-3-25 2264280]
S3 fssfltr;fssfltr;C:\windows\System32\drivers\fssfltr.sys [2014-4-9 48488]
S3 HTCAND64;HTC Device Driver;C:\windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-26 158976]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2014-4-16 317440]
S3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-5-26 174680]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\windows\System32\drivers\NETw5s64.sys [2010-1-13 7675392]
S3 PSI;PSI;C:\windows\System32\drivers\psi_mf_amd64.sys [2013-12-6 18456]
S3 PSMounterEx;Macrium Reflect Image Explorer Driver;C:\windows\System32\drivers\psmounterex.sys [2013-8-1 76408]
S3 PSVolAcc;PSVolAcc;C:\windows\System32\drivers\PSVolAcc.sys [2013-6-28 13944]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2014-4-19 19456]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2014-4-19 56832]
.
=============== Created Last 30 ================
.
2014-10-29 08:48:19   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\HockeyCrashes
2014-10-29 08:44:26   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\Verizon
2014-10-29 08:42:11   --------   d-----w-   C:\Program Files (x86)\Verizon
2014-10-29 08:42:10   --------   d-----w-   C:\ProgramData\Verizon
2014-10-29 02:23:13   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\GlassWire
2014-10-29 02:22:30   32784   ----a-w-   C:\windows\System32\drivers\gwdrv.sys
2014-10-29 02:19:59   --------   d-----w-   C:\ProgramData\GlassWire
2014-10-29 02:19:53   --------   d-----w-   C:\Program Files (x86)\GlassWire
2014-10-28 00:18:15   --------   d-----w-   C:\windows\Intuit
2014-10-27 13:32:42   129752   ----a-w-   C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-10-27 13:32:25   93400   ----a-w-   C:\windows\System32\drivers\mbamchameleon.sys
2014-10-27 13:32:25   63704   ----a-w-   C:\windows\System32\drivers\mwac.sys
2014-10-27 13:32:25   25816   ----a-w-   C:\windows\System32\drivers\mbam.sys
2014-10-27 13:32:24   --------   d-----w-   C:\ProgramData\Malwarebytes
2014-10-27 13:32:24   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-27 12:47:01   192000   ----a-w-   C:\windows\System32\iisRtl.dll
2014-10-27 12:47:00   60928   ----a-w-   C:\windows\System32\ahadmin.dll
2014-10-27 12:47:00   55296   ----a-w-   C:\windows\System32\admwprox.dll
2014-10-27 12:47:00   50688   ----a-w-   C:\windows\SysWow64\admwprox.dll
2014-10-27 12:47:00   16896   ----a-w-   C:\windows\System32\iisreset.exe
2014-10-27 12:47:00   154624   ----a-w-   C:\windows\SysWow64\iisRtl.dll
2014-10-27 12:47:00   15360   ----a-w-   C:\windows\SysWow64\iisreset.exe
2014-10-27 12:47:00   14848   ----a-w-   C:\windows\System32\wamregps.dll
2014-10-27 12:46:59   8192   ----a-w-   C:\windows\SysWow64\iisrstap.dll
2014-10-27 12:46:59   26624   ----a-w-   C:\windows\SysWow64\ahadmin.dll
2014-10-27 12:46:59   11264   ----a-w-   C:\windows\System32\iisrstap.dll
2014-10-27 12:46:59   10752   ----a-w-   C:\windows\SysWow64\wamregps.dll
2014-10-27 11:41:12   --------   d-----w-   C:\Program Files (x86)\VS Revo Group
2014-10-27 10:44:38   --------   d-----w-   C:\Program Files (x86)\Windows Installer Clean Up
2014-10-27 10:39:58   --------   d-----w-   C:\Program Files (x86)\MSECACHE
2014-10-27 09:27:22   --------   d-----w-   C:\FRST
2014-10-27 08:42:42   --------   d-----w-   C:\windows\SysWow64\BestPractices
2014-10-27 08:42:30   --------   d-----w-   C:\windows\System32\BestPractices
2014-10-27 08:42:11   --------   d-----w-   C:\inetpub
2014-10-27 08:11:28   --------   d-----w-   C:\ProgramData\LHService
2014-10-27 08:05:12   --------   d-----w-   C:\ProgramData\LockHunter
2014-10-27 06:24:52   --------   d-----w-   C:\MATS
2014-10-27 05:22:35   159744   ----a-w-   C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-10-27 05:22:34   159744   ----a-w-   C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-10-27 05:22:34   159744   ----a-w-   C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-10-27 05:22:34   159744   ----a-w-   C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-10-27 05:22:34   159744   ----a-w-   C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-10-20 06:59:07   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\Mozilla
2014-10-19 00:22:22   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\HTC
2014-10-19 00:20:19   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\HTC MediaHub
2014-10-19 00:20:08   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\.android
2014-10-19 00:19:45   --------   d-----w-   C:\ProgramData\HTC
2014-10-19 00:02:40   --------   d-----w-   C:\Program Files (x86)\Spirent Communications
2014-10-19 00:02:40   --------   d-----w-   C:\Program Files (x86)\HTC
2014-10-18 23:59:17   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Local\Downloaded Installations
2014-10-18 23:56:16   --------   d-----w-   C:\Temp
2014-10-16 18:59:09   98216   ----a-w-   C:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-15 12:52:59   812736   ----a-w-   C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-10-15 12:51:52   681984   ----a-w-   C:\windows\System32\termsrv.dll
2014-10-09 16:29:05   --------   d-----w-   C:\Users\Kaylynn Dixon-Ruiz\AppData\Roaming\LockHunter
2014-10-09 16:28:54   --------   d-----w-   C:\Program Files\LockHunter
2014-10-09 16:08:25   --------   d-----w-   C:\Program Files (x86)\FileASSASSIN
2014-10-09 15:54:27   --------   d-----w-   C:\ProgramData\Malwarebytes Anti-Exploit
2014-10-09 15:54:26   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-10-09 12:36:41   --------   d-----w-   C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-03 11:12:37   --------   d-----w-   C:\ProgramData\cmcm
2014-10-03 11:12:27   81768   ----a-w-   C:\windows\System32\drivers\ksapi.sys
2014-10-03 11:12:27   56680   ----a-w-   C:\windows\System32\drivers\ksapi64.sys
2014-10-03 11:12:24   --------   d-----w-   C:\Program Files (x86)\cmcm
2014-10-02 20:23:20   94208   ----a-w-   C:\windows\SysWow64\QuickTimeVR.qtx
2014-10-02 20:23:20   69632   ----a-w-   C:\windows\SysWow64\QuickTime.qts
2014-10-01 18:31:33   519680   ----a-w-   C:\windows\SysWow64\qdvd.dll
2014-10-01 18:31:33   371712   ----a-w-   C:\windows\System32\qdvd.dll
.
==================== Find3M  ====================
.
2014-10-29 01:53:31   17920   ----a-w-   C:\windows\SysWow64\rpcnetp.dll
2014-10-29 01:52:28   17920   ----a-w-   C:\windows\SysWow64\rpcnetp.exe
2014-10-29 01:52:28   17920   ----a-w-   C:\windows\System32\rpcnetp.exe
2014-10-19 08:39:40   71344   ----a-w-   C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-10-19 08:39:40   701104   ----a-w-   C:\windows\SysWow64\FlashPlayerApp.exe
2014-10-10 02:05:59   276480   ----a-w-   C:\windows\System32\generaltel.dll
2014-10-10 02:05:42   507392   ----a-w-   C:\windows\System32\aepdu.dll
2014-10-10 02:00:38   424448   ----a-w-   C:\windows\System32\aeinv.dll
2014-09-29 00:58:48   3198976   ----a-w-   C:\windows\System32\win32k.sys
2014-09-25 22:32:04   2017280   ----a-w-   C:\windows\SysWow64\inetcpl.cpl
2014-09-25 22:31:02   2108416   ----a-w-   C:\windows\System32\inetcpl.cpl
2014-09-19 01:56:02   2724864   ----a-w-   C:\windows\System32\mshtml.tlb
2014-09-19 01:55:49   4096   ----a-w-   C:\windows\System32\ieetwcollectorres.dll
2014-09-19 01:40:43   66048   ----a-w-   C:\windows\System32\iesetup.dll
2014-09-19 01:40:03   547328   ----a-w-   C:\windows\System32\vbscript.dll
2014-09-19 01:39:58   48640   ----a-w-   C:\windows\System32\ieetwproxystub.dll
2014-09-19 01:38:27   83968   ----a-w-   C:\windows\System32\MshtmlDac.dll
2014-09-19 01:36:57   5829632   ----a-w-   C:\windows\System32\jscript9.dll
2014-09-19 01:26:00   139264   ----a-w-   C:\windows\System32\ieUnatt.exe
2014-09-19 01:25:49   111616   ----a-w-   C:\windows\System32\ieetwcollector.exe
2014-09-19 01:25:12   4201472   ----a-w-   C:\windows\SysWow64\jscript9.dll
2014-09-19 01:25:09   758272   ----a-w-   C:\windows\System32\jscript9diag.dll
2014-09-19 01:18:02   940032   ----a-w-   C:\windows\System32\MsSpellCheckingFacility.exe
2014-09-19 01:14:57   2724864   ----a-w-   C:\windows\SysWow64\mshtml.tlb
2014-09-19 01:06:47   72704   ----a-w-   C:\windows\System32\JavaScriptCollectionAgent.dll
2014-09-19 01:02:07   454656   ----a-w-   C:\windows\SysWow64\vbscript.dll
2014-09-19 01:01:47   61952   ----a-w-   C:\windows\SysWow64\iesetup.dll
2014-09-19 01:01:03   51200   ----a-w-   C:\windows\SysWow64\ieetwproxystub.dll
2014-09-19 00:59:40   61952   ----a-w-   C:\windows\SysWow64\MshtmlDac.dll
2014-09-19 00:50:16   112128   ----a-w-   C:\windows\SysWow64\ieUnatt.exe
2014-09-19 00:49:31   597504   ----a-w-   C:\windows\SysWow64\jscript9diag.dll
2014-09-19 00:40:12   1249280   ----a-w-   C:\windows\System32\mshtmlmedia.dll
2014-09-19 00:36:23   60416   ----a-w-   C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-09-19 00:33:18   2309632   ----a-w-   C:\windows\System32\wininet.dll
2014-09-19 00:18:55   1068032   ----a-w-   C:\windows\SysWow64\mshtmlmedia.dll
2014-09-18 23:59:11   1810944   ----a-w-   C:\windows\SysWow64\wininet.dll
2014-09-18 02:00:42   3241472   ----a-w-   C:\windows\System32\msi.dll
2014-09-18 01:32:52   2363904   ----a-w-   C:\windows\SysWow64\msi.dll
2014-09-13 01:58:18   77312   ----a-w-   C:\windows\System32\packager.dll
2014-09-13 01:40:05   67072   ----a-w-   C:\windows\SysWow64\packager.dll
2014-09-09 22:11:04   2048   ----a-w-   C:\windows\System32\tzres.dll
2014-09-09 21:47:10   2048   ----a-w-   C:\windows\SysWow64\tzres.dll
2014-09-05 02:11:09   6584320   ----a-w-   C:\windows\System32\mstscax.dll
2014-09-05 01:52:41   5703168   ----a-w-   C:\windows\SysWow64\mstscax.dll
2014-09-04 05:23:20   424448   ----a-w-   C:\windows\System32\rastls.dll
2014-09-04 05:04:15   372736   ----a-w-   C:\windows\SysWow64\rastls.dll
2014-08-29 02:07:13   3179520   ----a-w-   C:\windows\System32\rdpcorets.dll
2014-08-23 02:07:00   404480   ----a-w-   C:\windows\System32\gdi32.dll
2014-08-23 01:45:55   311808   ----a-w-   C:\windows\SysWow64\gdi32.dll
2014-08-19 03:11:28   693176   ----a-w-   C:\windows\System32\winload.efi
2014-08-19 03:10:10   616352   ----a-w-   C:\windows\System32\winresume.efi
2014-08-19 03:08:04   503808   ----a-w-   C:\windows\System32\srcore.dll
2014-08-19 03:08:04   50176   ----a-w-   C:\windows\System32\srclient.dll
2014-08-19 03:08:03   63488   ----a-w-   C:\windows\System32\setbcdlocale.dll
2014-08-19 03:07:51   58880   ----a-w-   C:\windows\System32\appidapi.dll
2014-08-19 03:07:51   32256   ----a-w-   C:\windows\System32\appidsvc.dll
2014-08-19 03:07:33   296960   ----a-w-   C:\windows\System32\rstrui.exe
2014-08-19 03:07:11   17920   ----a-w-   C:\windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11   146944   ----a-w-   C:\windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39   43008   ----a-w-   C:\windows\SysWow64\srclient.dll
2014-08-19 02:41:22   50688   ----a-w-   C:\windows\SysWow64\appidapi.dll
2014-08-19 02:06:56   61440   ----a-w-   C:\windows\System32\drivers\appid.sys
2014-08-18 18:42:54   43008   ----a-w-   C:\windows\SysWow64\agremove.exe
2014-08-12 23:00:10   4575232   ----a-w-   C:\windows\SysWow64\GPhotos.scr
.
============= FINISH:  1:54:19.08 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 4/1/2014 3:12:54 PM
System Uptime: 10/30/2014 8:31:37 PM (5 hours ago)
.
Motherboard: TOSHIBA |  | NWQAA
Processor: Intel(R) Core(TM) i3 CPU       M 370  @ 2.40GHz | CPU | 2399/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 454 GiB total, 287.998 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP181: 10/27/2014 12:24:28 AM - Restore Point before WinZip 18.5 was removed using Program Install and Uninstall troubleshooter
RP183: 10/27/2014 12:26:36 AM -  WinZip 18.5
RP184: 10/27/2014 1:13:23 AM - Removed PlayReady PC Runtime amd64
RP185: 10/27/2014 1:28:56 AM - Installed MSXML 6.0 Parser
RP186: 10/27/2014 1:29:38 AM - Installed MSXML 6.0 SDK
RP187: 10/27/2014 2:33:21 AM - Windows Modules Installer
RP188: 10/27/2014 2:41:10 AM - Windows Modules Installer
RP189: 10/27/2014 2:52:21 AM - Removed TOSHIBA Flash Cards Support Utility
RP190: 10/27/2014 3:49:25 AM - Configured Quickbooks Financial Center
RP191: 10/27/2014 4:43:15 AM - Installed Windows Installer Clean Up
RP192: 10/27/2014 4:54:48 AM - Configured Quickbooks Financial Center
RP193: 10/27/2014 5:48:47 AM - Revo Uninstaller's restore point - Google Talk Plugin
RP194: 10/27/2014 5:57:22 AM - Windows Update
RP195: 10/27/2014 7:04:15 AM - Windows Update
RP196: 10/27/2014 8:25:36 PM - Revo Uninstaller's restore point - Quickbooks Financial Center
RP197: 10/27/2014 8:47:09 PM - Revo Uninstaller's restore point - Quickbooks Financial Center
RP198: 10/27/2014 8:53:26 PM - Removed Quickbooks Financial Center
RP199: 10/29/2014 2:40:24 AM - Message+
RP200: 10/30/2014 3:00:17 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09)
Adobe Shockwave Player 12.1
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Belarc Advisor 8.4
Chuzzle Deluxe
Citrix Online Launcher
Clean Master
Comodo Dragon
Comodo IceDragon
COMODO Internet Security Premium
Compatibility Pack for the 2007 Office system
D3DX10
FileASSASSIN
GeekBuddy
GlassWire 1.0 (remove only)
Google Chrome
Google Drive
Google Earth
Google Talk Plugin
Google Update Helper
Google+ Auto Backup
GoToMeeting 7.0.2.1848
HTC Driver Installer
HTC Sync Manager
Intel(R) Management Engine Components
Intel(R) PRO/Wireless Driver
Intel(R) Rapid Storage Technology
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® PROSet/Wireless WiMAX Software
IPTInstaller
Java 8 Update 25
Java Auto Updater
Jewel Quest 3
JMicron Flash Media Controller Driver
Junk Mail filter update
Label@Once 1.0
LG SP USB Driver
LG United Mobile Driver
LockHunter 3.1, 32/64 bit
Macrium Reflect Free Edition
Malwarebytes Anti-Exploit version 1.04.1.1012
Malwarebytes Anti-Malware version 2.0.3.1025
Mesh Runtime
Message+
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Windows Debugging Symbols
Microsoft Works
Mozilla Firefox 33.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Nitro Reader 3
Penguins!
Picasa 3
PicBackMan
PicPick
Polar Bowler
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek Ethernet Controller Driver For Windows 7
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recuva
Revo Uninstaller 1.95
RSSOwl
Secunia PSI (3.0.0.9016)
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2883031) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2883032) 32-Bit Edition
Speccy
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
TOSHIBA Application Installer
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA Disc Creator
TOSHIBA Hardware Setup
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA PC Health Monitor
TOSHIBA Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA VIDEO PLAYER
TOSHIBA Web Camera Application
ToshibaRegistration
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UpdateService
Utility Common Driver
Virtual Families
Virtual Villagers - The Secret City
WildTangent Games
WildTangent ORB Game Console
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WOT for Internet Explorer
WPS Office (9.1.0.4746)
.
==== End Of File ===========================
3
Here are the logs from DDS
4
Post Here for Malware Removal ... / Re: [In Progress] Unexpected network traffic
« Last post by Hoov on Yesterday at 08:34:26 pm »
Right off the top, these entries bother me,

[System Process]   0   TCP   office-pc.paxio.net   49938   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49939   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49940   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49941   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49942   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49943   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49944   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49945   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49946   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49947   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49948   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49952   63-217-21-27.static.pccwglobal.net   http   TIME_WAIT                              
[System Process]   0   TCP   office-pc.paxio.net   49958   63-217-21-40.static.pccwglobal.net   http   TIME_WAIT

After tracking it all down, the other end of that connection appears to be Beyond The Network America, Inc which appears to be a spammer operating out of the Ukraine. So looks like there is some malware somewhere. For now I would add 63.217.21.40 to your Hosts file, at least until we dig out the tick.

Also I notice that you have had 2 BSODS recently, is this normal for this system? How long has this been a problem?

Please follow these steps:

1.- Download AdwCleaner by Xplode onto your Desktop.
  •   Please close all open programs and internet browsers.
  •   Double click on Adwcleaner.exe to run the tool.
  •   Click on the Scan button..
  •   Please be patient as this can take a while to complete.
  •   You will get a prompt asking to close all programs. Click OK.
  •   Click OK again to reboot your computer. A text file will open after the restart.
  •   Please post the content of that logfile in your reply.
  •   You can find the logfile at C:\AdwCleaner[Sn].txt.
2.- Download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Run the tool by double-clicking it.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt in your next message.
3.- Please download RogueKiller and Save to the desktop.
  • Close all windows and browsers
  • Double click on RogueKiller.exe to run the tool.
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please post it in your next reply.
5
In Malwarebytes' Anti-Malware did you click on the View Detailed log link as I showed in the instructions above? It should take you to the log page where you can copy the log down and paste it up. With 336 items, I definitely need to see that.

Those programs that are installed are part of the scam. UTH stands for Urgent Tech Help. It is one of the scams running around where you get a call and they tell you that your computer has contacted Microsoft telling them it is infected, and then the proceed to have the user install software. Sometimes it is legitimate software, sometimes it is garbage, and sometimes it is software that has been compromised and will spread more malware. But you and your Dad did it just right except for one thing. He should have used one of those fog horns in a can and blasted the caller from this place before he hung up on them. It would serve them right.

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Please download Rkill by Grinler and save it to your desktop.
    Link 2
    Link 3
    Link 4

    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.



    Start up Malwarebytes' Anti-Malware again and run a Threat Scan again. Fix anything it finds and post the log. Make sure to stay off the internet with the computer started in this fashion, your protection is almost totally turned off. You can come here to post logs, and go to sites I link to, but other than that stay off the net with this computer. If this is going to be a problem let me know. [/list]
    6
    Hello,
    I ran the Malwarebytes scan, it said there were 336 items, but the only thing the log says is:

    Malwarebytes Anti-Malware
    http://www.malwarebytes.org

    I can see the quarantined items.  Did I miss something?

    Also, the 5 new icons are still on the desktop.

    Thanks,
    Vickster3659
    7
    Hello Hoov,
    Thank you for your quick response! 

    1) I have not made any attempts to fix anything on this computer.  It belongs to my father, who mid-stream, called me to tell me that this company (UTH) called to say his computer was sending error messages, and they could help him.  Thank goodness he called me!  I convinced him that this was a scam and to shut off the computer.  He did this by turning off the power strip.  I then retrieved said computer so I can get him back to normal.  He did mention earlier in the day that there were certain websites that he couldn't get on, so I told him to run CCleaner (usually this helps when I am having problems).

    2&3&4) Understood!  I had originally went to Dell Community, as they have helped me a few years before--they recommended Spywarehammer, so....here I am!

    5) I will be counting on your help!  I must let you know that I will be unavailable after this evening, and through this weekend, but will be available again on Sunday evening. 

    6) I think there are only photos that will need to be backed up, I will do that before I download MBMA.  I don't know of any encryption software on this computer.  Also, this is a privately owned computer.

    The 4 no, 5 new Icons:  UTH Calling Card, AA_v3.4, AdwCleaner, Adblockplusie1.0, WindowsAdminstartiveEventRemoval (yes, that is how it is spelled, not administrative).

    Also, the icons for CCleaner and Norton Security Scan now have the Windows shield (similar to the Windows Defender shield) and Norton looks to be deactivated.

    I will be back to post tne MBAM log a bit later.

    Thank you!
    Vickster3659
    8
    Post Here for Malware Removal ... / Re: [In Progress] Unexpected network traffic
    « Last post by RoHe on Yesterday at 12:38:01 pm »
    Hoov,
    Sorry, I didn't get an email alert that you'd responded. TCPView log attached.

    Thanks.
    9
    Hello, welcome to SpywareHammer.

    I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

    First, tell me everything that you have done, if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

    Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

    Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

    Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

    Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

    Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

    One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

    Now onto trying to fix your computer.

    Can you tell me what the 4 icons are, if they survive the Malwarebytes' Anti-Malware scan below.

     
    MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
    • Make sure you are connected to the Internet.
    • Double-click to execute the installation. Accept the terms, and allow MBAM to install to the default location in your Program Files.
    • Please update the database by clicking on the Update Now button as shown below.


    • Following the update, click on the large green Scan Now button to begin the Threat Scan.

    Note: Optionally, you could have simply clicked Fix Now if it is displayed. That will automatically download updates and run a Threat Scan.
    If Malware or Potentially Unwanted Programs are found you will receive a Prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.
    • A window with an option to view the detailed log will appear. Click on View Detailed Log.

      • After viewing the results, please click on the Copy to Clipboard button > OK.

    • Return to our forum. Paste your log into your next reply.
    • Note: If you lose the Clipboard copy and need to retrieve the log again it can be found by opening Malwarebytes and clicking on History> Application Logs with the date of the scan. Simply double-click on that in order to see the options for Copying to Clipboard or to Export to a .txt file (Notepad). etc.. The .txt file can be saved and posted when you are ready.
    10
    Hello,
    A family member was scammed yesterday, there are atleast 4 new icons on the desktop.  Below you will see both logs created by DDS.  Thank you for your assistance!

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 9.0.8112.16584  BrowserJavaVersion: 10.71.2
    Run by Russell at 20:38:40 on 2014-10-29
    Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4084.2261 [GMT -4:00]
    .
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Program Files\Dell\DellDock\DockLogin.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\Dwm.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Windows\system32\AERTSr64.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    C:\Program Files\Dell\DellDock\DellDock.exe
    C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
    C:\Windows\RAVCpl64.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
    C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
    C:\Windows\System32\spool\drivers\x64\3\E_IATIHBA.EXE
    C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
    C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
    C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
    C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\splwow64.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.charter.net/
    uWindow Title = Internet Explorer provided by Dell
    uSearch Bar = hxxp://inboxtoolbar.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
    uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=4081120
    uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    uURLSearchHooks: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
    mWinlogon: Userinit = userinit.exe
    BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    BHO: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Inbox Toolbar: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
    BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
    TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: ALOT Toolbar: {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files (x86)\alot\bin\alot.dll
    TB: &Inbox Toolbar: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
    TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
    TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
    uRun: [Facebook Update] "C:\Users\Russell\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    uRun: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\x64\3\E_IATIHBA.EXE /EPT "EPLTarget\P0000000000000001" /M "Epson Stylus NX430"
    uRunOnce: [Shockwave Updater] C:\Windows\SysWOW64\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; BRI/1; AskTbORJ/5.15.29.53182; .NET4.0E)" -"http://www.shockwave.com/gamelanding/dailymahjong.jsp"
    mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"
    mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
    mRun: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
    StartupFolder: C:\Users\Russell\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KODAKE~1.LNK - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001071-0002-0071-ABCDEFFEDCBC} - <orphaned>
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
    TCP: NameServer = 192.168.1.1
    TCP: Interfaces\{46847830-312E-42F7-BB59-6A69807EAECB} : DHCPNameServer = 192.168.1.1
    TCP: Interfaces\{DB94AD14-28FE-434B-9DF3-11C0AABA65A5} : DHCPNameServer = 192.168.1.1
    Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
    x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
    x64-Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
    x64-Run: [RtHDVCpl] RAVCpl64.exe
    x64-Run: [Skytel] Skytel.exe
    x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
    x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
    x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
    x64-Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    x64-Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    x64-mPolicies-Explorer: NoActiveDesktop = dword:1
    x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    x64-mPolicies-System: EnableUIADesktopToggle = dword:0
    x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre/6u11-b90/jinstall-6u11-windows-i586-jc.cab?e=1232417855654&h=b4b13cc9ec52d72547189c5812a3399a/&filename=jinstall-6u11-windows-i586-jc.cab
    x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2008-11-20 55024]
    R2 AERTFilters;Andrea RT Filters Service;C:\Windows\System32\AERTSr64.exe [2008-11-20 86016]
    R2 APNMCP;Ask Update Service;C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-10-10 166296]
    R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-8-22 214016]
    R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2014-1-31 151648]
    R2 EpsonCustomerParticipation;EpsonCustomerParticipation;C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-6-9 555392]
    R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
    R2 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2013-4-7 232192]
    R2 NPF;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2013-6-16 35344]
    R2 RalinkRegistryWriter;RalinkRegistryWriter;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [2012-9-4 377088]
    R2 RalinkRegistryWriter64;RalinkRegistryWriter64;C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2012-9-4 455424]
    R3 dc3d;MS Hardware Device Detection Driver (USB);C:\Windows\System32\drivers\dc3d.sys [2010-12-14 51584]
    R3 Point64;Microsoft IntelliPoint Filter Driver;C:\Windows\System32\drivers\point64.sys [2010-12-14 45408]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-5-14 309744]
    S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-5-14 166384]
    S2 SessionLauncher;SessionLauncher;C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> C:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]
    S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-23 48488]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
    S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-5-14 1120752]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
    S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-8-18 24064]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2014-8-15 90776]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    FileExt: .vbs: VBSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    FileExt: .js: JSFile=C:\Windows\SysWow64\WScript.exe "%1" %*
    FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    .
    ==================== Find3M  ====================
    .
    2014-10-17 07:00:48   103265616   ----a-w-   C:\Windows\System32\mrt.exe
    2014-10-02 19:53:02   278152   ------w-   C:\Windows\System32\MpSigStub.exe
    2014-09-27 23:41:24   2782208   ----a-w-   C:\Windows\System32\win32k.sys
    2014-09-26 22:42:22   98216   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
    2014-09-26 22:36:21   272808   ----a-w-   C:\Windows\SysWow64\javaws.exe
    2014-09-26 22:36:17   175528   ----a-w-   C:\Windows\SysWow64\javaw.exe
    2014-09-26 22:35:34   175528   ----a-w-   C:\Windows\SysWow64\java.exe
    2014-09-24 15:56:08   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-09-24 15:56:08   701104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-09-20 00:09:43   17867776   ----a-w-   C:\Windows\System32\mshtml.dll
    2014-09-19 23:55:48   2339328   ----a-w-   C:\Windows\System32\jscript9.dll
    2014-09-19 23:54:22   10920960   ----a-w-   C:\Windows\System32\ieframe.dll
    2014-09-19 23:50:07   1385472   ----a-w-   C:\Windows\System32\urlmon.dll
    2014-09-19 23:49:43   1392128   ----a-w-   C:\Windows\System32\wininet.dll
    2014-09-19 23:48:28   1494016   ----a-w-   C:\Windows\System32\inetcpl.cpl
    2014-09-19 23:48:13   237056   ----a-w-   C:\Windows\System32\url.dll
    2014-09-19 23:48:00   86016   ----a-w-   C:\Windows\System32\jsproxy.dll
    2014-09-19 23:47:21   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
    2014-09-19 23:47:14   816640   ----a-w-   C:\Windows\System32\jscript.dll
    2014-09-19 23:47:14   599040   ----a-w-   C:\Windows\System32\vbscript.dll
    2014-09-19 23:47:08   2157056   ----a-w-   C:\Windows\System32\iertutil.dll
    2014-09-19 23:47:02   729088   ----a-w-   C:\Windows\System32\msfeeds.dll
    2014-09-19 23:46:43   453120   ----a-w-   C:\Windows\System32\dxtmsft.dll
    2014-09-19 23:46:41   282112   ----a-w-   C:\Windows\System32\dxtrans.dll
    2014-09-19 23:46:29   55296   ----a-w-   C:\Windows\System32\msfeedsbs.dll
    2014-09-19 23:46:21   11264   ----a-w-   C:\Windows\System32\msfeedssync.exe
    2014-09-19 23:46:09   96768   ----a-w-   C:\Windows\System32\mshtmled.dll
    2014-09-19 23:46:03   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
    2014-09-19 23:45:52   12800   ----a-w-   C:\Windows\System32\mshta.exe
    2014-09-19 23:45:34   248320   ----a-w-   C:\Windows\System32\ieui.dll
    2014-09-19 22:53:39   12364288   ----a-w-   C:\Windows\SysWow64\mshtml.dll
    2014-09-19 22:44:32   1810432   ----a-w-   C:\Windows\SysWow64\jscript9.dll
    2014-09-19 22:41:38   9739776   ----a-w-   C:\Windows\SysWow64\ieframe.dll
    2014-09-19 22:39:02   1138688   ----a-w-   C:\Windows\SysWow64\urlmon.dll
    2014-09-19 22:38:15   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
    2014-09-19 22:37:34   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
    2014-09-19 22:36:40   231936   ----a-w-   C:\Windows\SysWow64\url.dll
    2014-09-19 22:36:25   65536   ----a-w-   C:\Windows\SysWow64\jsproxy.dll
    2014-09-19 22:36:04   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
    2014-09-19 22:35:46   421376   ----a-w-   C:\Windows\SysWow64\vbscript.dll
    2014-09-19 22:35:31   717824   ----a-w-   C:\Windows\SysWow64\jscript.dll
    2014-09-19 22:35:22   607744   ----a-w-   C:\Windows\SysWow64\msfeeds.dll
    2014-09-19 22:35:19   1802752   ----a-w-   C:\Windows\SysWow64\iertutil.dll
    2014-09-19 22:35:00   41472   ----a-w-   C:\Windows\SysWow64\msfeedsbs.dll
    2014-09-19 22:34:49   353792   ----a-w-   C:\Windows\SysWow64\dxtmsft.dll
    2014-09-19 22:34:45   223232   ----a-w-   C:\Windows\SysWow64\dxtrans.dll
    2014-09-19 22:34:40   10752   ----a-w-   C:\Windows\SysWow64\msfeedssync.exe
    2014-09-19 22:34:33   73216   ----a-w-   C:\Windows\SysWow64\mshtmled.dll
    2014-09-19 22:34:25   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
    2014-09-19 22:34:22   11776   ----a-w-   C:\Windows\SysWow64\mshta.exe
    2014-09-19 22:33:50   176640   ----a-w-   C:\Windows\SysWow64\ieui.dll
    2014-09-17 06:57:43   76800   ----a-w-   C:\Windows\System32\packager.dll
    2014-09-16 16:56:02   66560   ----a-w-   C:\Windows\SysWow64\packager.dll
    2014-09-09 06:40:37   2048   ----a-w-   C:\Windows\System32\tzres.dll
    2014-09-09 06:24:46   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
    2014-09-04 23:38:10   198656   ----a-w-   C:\Windows\System32\drivers\fastfat.sys
    2014-08-23 01:05:12   304128   ----a-w-   C:\Windows\SysWow64\gdi32.dll
    2014-08-23 00:42:45   390144   ----a-w-   C:\Windows\System32\gdi32.dll
    2013-10-04 04:40:03   50053120   ----a-w-   C:\Program Files (x86)\GUTD442.tmp
    .
    ============= FINISH: 20:38:48.47 ===============



    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume3
    Install Date: 11/20/2008 4:35:58 AM
    System Uptime: 10/29/2014 7:26:41 PM (1 hours ago)
    .
    Motherboard: Dell Inc. |  | 0RY007
    Processor: Intel(R) Core(TM)2 Duo CPU     E7200  @ 2.53GHz | Socket 775 | 2534/266mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 451 GiB total, 329.298 GiB free.
    D: is FIXED (NTFS) - 15 GiB total, 8.26 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Microsoft 6to4 Adapter
    Device ID: ROOT\*6TO4MP\0010
    Manufacturer: Microsoft
    Name: Microsoft 6to4 Adapter #5
    PNP Device ID: ROOT\*6TO4MP\0010
    Service: tunnel
    .
    ==== System Restore Points ===================
    .
    RP2302: 10/10/2014 9:23:06 AM - Windows Update
    RP2303: 10/11/2014 3:21:20 PM - Scheduled Checkpoint
    RP2304: 10/12/2014 9:09:33 AM - Scheduled Checkpoint
    RP2305: 10/13/2014 9:22:16 AM - Scheduled Checkpoint
    RP2306: 10/14/2014 12:00:06 AM - Scheduled Checkpoint
    RP2307: 10/14/2014 8:52:10 AM - Windows Update
    RP2308: 10/15/2014 9:34:31 AM - Scheduled Checkpoint
    RP2309: 10/16/2014 12:25:10 AM - Scheduled Checkpoint
    RP2310: 10/17/2014 12:41:06 AM - Scheduled Checkpoint
    RP2311: 10/17/2014 3:00:13 AM - Windows Update
    RP2312: 10/18/2014 9:01:52 AM - Scheduled Checkpoint
    RP2313: 10/19/2014 9:18:59 AM - Scheduled Checkpoint
    RP2314: 10/20/2014 9:52:58 AM - Scheduled Checkpoint
    RP2315: 10/21/2014 8:40:02 AM - Windows Update
    RP2316: 10/22/2014 10:10:42 AM - Scheduled Checkpoint
    RP2317: 10/23/2014 11:46:17 AM - Scheduled Checkpoint
    RP2318: 10/24/2014 10:23:02 AM - Scheduled Checkpoint
    RP2319: 10/25/2014 1:08:39 AM - Scheduled Checkpoint
    RP2320: 10/26/2014 9:16:11 AM - Scheduled Checkpoint
    RP2321: 10/27/2014 9:32:29 AM - Scheduled Checkpoint
    RP2322: 10/28/2014 11:06:17 AM - Windows Update
    RP2323: 10/28/2014 11:51:50 AM - Installed Java 7 Update 71
    RP2324: 10/28/2014 7:10:44 PM - Installed LogMeIn Rescue Calling Card
    RP2325: 10/28/2014 7:23:01 PM - uth 28.10.2014
    RP2326: 10/28/2014 7:41:56 PM - Adblock Plus for IE
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adblock Plus for IE
    Adblock Plus for IE (32-bit and 64-bit)
    Adobe AIR
    Adobe Flash Player 15 ActiveX
    Adobe Reader 9.5.5
    Adobe Shockwave Player 11.5
    ALOT Toolbar
    Apple Application Support
    Apple Software Update
    ArcSoft Print Creations
    ArcSoft Print Creations - Album Page
    ArcSoft Print Creations - Funhouse
    ArcSoft Print Creations - Greeting Card
    ArcSoft Print Creations - Photo Book
    ArcSoft Print Creations - Photo Calendar
    ArcSoft Print Creations - Scrapbook
    ArcSoft Print Creations - Slimline Card
    Ask Toolbar
    Ask Toolbar Updater
    Bing Rewards Client Installer
    Carbonite Online Backup Setup
    CCleaner
    CCScore
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    Compatibility Pack for the 2007 Office system
    D3DX10
    Dell-eBay
    Dell Best of Web
    Dell Dock
    Dell Getting Started Guide
    Dell Video Chat (remove only)
    DirectXInstallService
    EMCGadgets64
    Epson Customer Participation
    Epson Event Manager
    EPSON NX430 Series Printer Uninstall
    EPSON Scan
    EpsonNet Print
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESSini
    ESSPCD
    ESSPDock
    ESSTOOLS
    essvatgt
    Facebook Video Calling 3.1.0.521
    Feedback Tool
    FUJIFILM MyFinePix Studio 4.2
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Product Detection
    Inbox Toolbar
    Java 7 Update 71
    Java Auto Updater
    Java(TM) 6 Update 7
    Junk Mail filter update
    Kodak EasyShare software
    McAfee Security Scan Plus
    Mesh Runtime
    Messenger Companion
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4.5.1
    Microsoft Application Error Reporting
    Microsoft IntelliPoint 8.0
    Microsoft IntelliType Pro 8.0
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft UI Engine
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
    Microsoft Works
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    netbrdg
    NETGEAR Genie
    NETGEAR WNDA4100 Genie
    Norton Security Scan
    OfotoXMI
    QuickTime
    Realtek High Definition Audio Driver
    Roxio Activation Module
    Roxio CinePlayer Decoder Pack
    Roxio Creator Audio
    Roxio Creator Copy
    Roxio Creator Data
    Roxio Creator Premier
    Roxio Creator Premier 10
    Roxio Creator Tools
    Roxio Express Labeler
    Roxio Update Manager
    Search App by Ask
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
    Segoe UI
    SFR
    SHASTA
    skin0001
    SKINXSDK
    Skype™ 6.3
    Software Updater
    Spelling Dictionaries Support For Adobe Reader 9
    staticcr
    tooltips
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    UTH Calling Card
    Visual C++ 8.0 Runtime Setup Package (x64)
    Visual Studio 2008 x64 Redistributables
    Visual Studio 2010 x64 Redistributables
    VPRINTOL
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WIRELESS
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10/29/2014 8:58:28 AM, Error: EventLog [6008]  - The previous system shutdown at 7:42:17 PM on 10/28/2014 was unexpected.
    10/29/2014 7:28:43 PM, Error: Service Control Manager [7000]  - The SessionLauncher service failed to start due to the following error:  The system cannot find the path specified.
    .
    ==== End Of File ===========================
    Pages: [1] 2 3 ... 10