hhdanemom

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-10-2013 Ran by Harlequin Haven at 2013-10-23 20:06:31 Run:1 Running from C:\Users\Harlequin Haven\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Harlequin Haven\Desktop\software\cnet2_radiantsetup1044439b_exe.exe HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-30] (Google Inc.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {FCE4C95B-B382-4B50-AFFA-B828DCFC277C} URL = http://download.eset...lineScanner.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java™ Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_43 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) Task: {3A2B07F8-43A3-4683-ACDE-6CD90675DCC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30] (Google Inc.) Task: {7F840F1C-7D06-47DC-903B-D945AE472DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30] (Google Inc.) Task: {A6B2A3F0-F7B2-429E-B6F1-01BCFDC0EAF1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {D6883784-B867-473F-8C2D-61F33A6D77D4} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11] (Google) Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AlternateDataStreams: C:\ProgramData\Temp:5C321E34 ***************** C:\Users\Harlequin Haven\Desktop\software\cnet2_radiantsetup1044439b_exe.exe => Moved successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key deleted successfully. HKCR\CLSID\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E} => Key deleted successfully. HKCR\CLSID\{70D46D94-BF1E-45ED-B567-48701376298E} => Key not found. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key deleted successfully. HKCR\CLSID\{FCE4C95B-B382-4B50-AFFA-B828DCFC277C} => Key not found. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully. HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Value deleted successfully. HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{166B1BCA-3F9C-11CF-8075-444553540000} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{166B1BCA-3F9C-11CF-8075-444553540000} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5} => Key deleted successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => Key not found. HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7} => Key deleted successfully. HKCR\Wow6432Node\CLSID\{FFB3A759-98B1-446F-BDA9-909C6EB18CC7} => Key deleted successfully. C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll not found. C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll not found. HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_43 => Key deleted successfully. C:\Windows\SysWOW64\npdeployJava1.dll => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A2B07F8-43A3-4683-ACDE-6CD90675DCC5} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A2B07F8-43A3-4683-ACDE-6CD90675DCC5} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F840F1C-7D06-47DC-903B-D945AE472DD1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F840F1C-7D06-47DC-903B-D945AE472DD1} => Key deleted successfully. C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6B2A3F0-F7B2-429E-B6F1-01BCFDC0EAF1} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B2A3F0-F7B2-429E-B6F1-01BCFDC0EAF1} => Key deleted successfully. C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6883784-B867-473F-8C2D-61F33A6D77D4} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6883784-B867-473F-8C2D-61F33A6D77D4} => Key deleted successfully. C:\Windows\System32\Tasks\Google Software Updater => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Google Software Updater => Key deleted successfully. C:\Windows\Tasks\Google Software Updater.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully. C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully. C:\ProgramData\Temp => ":5C321E34" ADS removed successfully. ==== End of Fixlog ====

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2013 Ran by Harlequin Haven at 2013-10-23 17:11:25 Running from C:\Users\Harlequin Haven\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe Acrobat 9 Pro (x32 Version: 9.5.5) Adobe Acrobat 9.5.5 - CPSID_83708 (x32) Adobe AIR (x32 Version: 3.8.0.1430) Adobe Anchor Service CS4 (x32 Version: 2.0) Adobe Anchor Service x64 CS4 (Version: 2.0) Adobe Bridge CS4 (x32 Version: 3) Adobe CMaps CS4 (x32 Version: 2.0) Adobe CMaps x64 CS4 (Version: 2.0) Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0) Adobe Color EU Extra Settings CS4 (x32 Version: 2.0) Adobe Color JA Extra Settings CS4 (x32 Version: 2.0) Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0) Adobe Color Video Profiles CS CS4 (x32 Version: 2.0) Adobe CSI CS4 (x32 Version: 1) Adobe CSI CS4 x64 (Version: 1) Adobe Default Language CS4 (x32 Version: 2.0) Adobe Drive CS4 x64 (Version: 1) Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0) Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Fonts All (x32 Version: 2.0) Adobe Fonts All x64 (Version: 2.0) Adobe Linguistics CS4 (x32 Version: 4.0.0) Adobe Linguistics CS4 x64 (Version: 4.0.0) Adobe Media Player (x32 Version: 1.1) Adobe Output Module (x32 Version: 2.0) Adobe PDF Library Files CS4 (x32 Version: 9.0) Adobe PDF Library Files x64 CS4 (Version: 9.0) Adobe Photoshop CS4 (64 Bit) (Version: 11.0) Adobe Photoshop CS4 (x32 Version: 11.0) Adobe Photoshop CS4 Support (x32 Version: 11.0) Adobe Search for Help (x32 Version: 1.0) Adobe Service Manager Extension (x32 Version: 1.0) Adobe Setup (x32 Version: 2.0) Adobe Type Support CS4 (x32 Version: 9.0) Adobe Type Support x64 CS4 (Version: 9.0) Adobe Update Manager CS4 (x32 Version: 6.0.0) Adobe WinSoft Linguistics Plugin (x32 Version: 1.1) Adobe WinSoft Linguistics Plugin x64 (Version: 1.1) Adobe XMP Panels CS4 (x32 Version: 2.0) AdobeColorCommonSetCMYK (x32 Version: 2.0) AdobeColorCommonSetRGB (x32 Version: 2.0) Advanced Audio FX Engine (x32 Version: 1.12.05) Apple Application Support (x32 Version: 2.3) Apple Software Update (x32 Version: 2.1.3.127) Catalyst Control Center InstallProxy (x32 Version: 2010.0202.2335.42270) CCleaner (Version: 4.06) CinemaNow Media Manager (x32 Version: 1.9.1.105) Compatibility Pack for the 2007 Office system (x32 Version: 12.0.6612.1000) Connect (x32 Version: 1.0.0.1) Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000) Corel PaintShop Photo Pro X3 (x32 Version: 1.6.1.263) Creative Element Power Tools (x32 Version: 3.0.6) CyberLink DVD Suite Deluxe (x32 Version: 7.0.2712) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32) Dell Webcam Central (x32 Version: 1.40.05) DHTML Editing Component (x32 Version: 6.02.0001) DriveImage XML (Private Edition) (x32 Version: 2.14) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.0.3715) ESET Online Scanner v3 (x32) Google Apps (x32 Version: 1.2.279.2381) Google Chrome (x32 Version: 65.61.49249) Google Desktop (x32 Version: 5.9.1005.12335) Google Earth (x32 Version: 7.1.1.1888) Google Toolbar for Internet Explorer (x32 Version: 1.0.0) Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54) Google Update Helper (x32 Version: 1.3.21.165) Google Updater (x32 Version: 2.4.2432.1652) GroupMail :: Personal Edition (x32 Version: 5.3.0.136) Hardware Diagnostic Tools (Version: 6.0.5418.39) Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000) HP Advisor (x32 Version: 3.4.12850.3526) HP Customer Experience Enhancements (x32 Version: 6.0.1.7) HP FWUpdateEDO2 (x32 Version: 1.2.0.0) HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0) HP MediaSmart DVD (x32 Version: 4.0.3902) HP MediaSmart Music (x32 Version: 4.0.3910) HP MediaSmart Photo (x32 Version: 4.0.3911) HP MediaSmart SmartMenu (Version: 3.1.1.12) HP MediaSmart Video (x32 Version: 4.0.3911) HP Odometer (x32 Version: 2.10.0000) HP Officejet 6700 Basic Device Software (Version: 25.0.619.0) HP Officejet 6700 Help (x32 Version: 140.0.2.2) HP Setup (x32 Version: 1.2.4048.3310) HP Support Information (x32 Version: 10.1.0002) HP Update (x32 Version: 5.003.001.001) HPDiagnosticAlert (x32 Version: 1.00.0000) I.R.I.S. OCR (x32 Version: 12.3.4.0) ICA (x32 Version: 1.6.1.263) IPM_PSP_CL (x32 Version: 1.00.0000) IPM_PSP_COM (x32 Version: 1.00.0000) Ipswitch WS_FTP 12 (x32 Version: 12.2) jv16 PowerTools 2012 (x32 Version: ) jv16 PowerTools 2014 (x32 Version: ) kuler (x32 Version: 2.0) LabelPrint (x32 Version: 2.5.2610) LightScribe System Software (x32 Version: 1.18.11.1) MailStore Home 8.1.0.9075 (x32 Version: 8.1.0.9075) Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300) Metron (x32 Version: 6.11) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Expression Design 4 (x32 Version: 7.0.20516.0) Microsoft Expression Encoder 4 (x32 Version: 4.0.1639.0) Microsoft Expression Encoder 4 Screen Capture Codec (x32 Version: 4.0.1639.0) Microsoft Expression Web 4 (x32 Version: 4.0.1303.0) Microsoft Expression Web 4 Service Pack 2 (x32) Microsoft Mouse and Keyboard Center (Version: 2.1.177.0) Microsoft Office 2010 Service Pack 1 (SP1) (x32) Microsoft Office Access database engine 2007 (English) (x32 Version: 12.0.6612.1000) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000) Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000) Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.20913.0) Microsoft Streets & Trips 2010 (x32 Version: 17.0.19.2900) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable Package (x32 Version: 1.0.0) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Microsoft_VC90_CRT_x86 (x32 Version: 1.0.0) Monitor Webcam Driver (1.01.02.0804) Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0) MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0) MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0) MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0) MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0) muvee Reveal Seagate Edition (x32 Version: 7.0.41.11017) MyDefrag v4.2.9 (Version: 4.0.0.0) Notepad++ (x32 Version: 6.5) PDF Settings CS4 (x32 Version: 9.0) PhotoNow! (x32 Version: 1.1.6904) Photoshop Camera Raw (x32 Version: 5.0) Photoshop Camera Raw_x64 (Version: 5.0) Picasa 3 (x32 Version: 3.9) PlayReady PC Runtime amd64 (Version: 1.3.0) Power2Go (x32 Version: 6.1.3810) PowerDirector (x32 Version: 8.0.2704) PrimoPDF -- brought to you by Nitro PDF Software (x32 Version: 5) PSPPContent (x32 Version: 1.00.0000) PSPPRO_DCRAW (x32 Version: 13.0.0) RadiAnt DICOM Viewer (64-bit) (x32 Version: 1.0.4.4439) RAIDXpert (x32 Version: 3.2.1540.10) Ralink RT2860 Wireless LAN Card (x32) Realtek High Definition Audio Driver (x32 Version: 6.0.1.6196) Realtek USB 2.0 Card Reader (x32 Version: 6.1.7601.30130) Recovery Manager (x32 Version: 5.5.2719) Roxio CinemaNow 2.0 (x32 Version: 1.0.262) Setup (x32 Version: 1.6.1.263) Spinco Download Manager (x32 Version: 1.0.0) SpywareBlaster 5.0 (x32 Version: 5.0.0) Suite Shared Configuration CS4 (x32 Version: 1.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2494150) (x32) Update for Microsoft Office 2010 (KB2553065) (x32) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2566458) (x32) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32) Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32) Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32) Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32) Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32) Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32) Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32) Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1) WD Drive Utilities (x32 Version: 1.0.3.3) WD Quick View (x32 Version: 2.2.0.8) WD SmartWare (Version: 2.2.0.8) WD SmartWare Installer (x32 Version: 2.2.0.8) Xobni (x32 Version: 2.0.4.13745) Xobni Core (x32 Version: 1.0.0) ==================== Restore Points ========================= 23-10-2013 12:22:05 Installed Microsoft Fix it 50535 23-10-2013 12:36:19 Installed Microsoft Fix it 50535 23-10-2013 14:04:34 Windows Update 23-10-2013 14:05:18 avast! antivirus system restore point 23-10-2013 14:11:01 avast! antivirus system restore point 23-10-2013 14:30:57 avast! antivirus system restore point ==================== Hosts content: ========================== 2009-07-13 22:34 - 2013-10-22 21:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0226E1C3-BEC7-47DE-AE93-0253E941132C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd) Task: {0B2045D6-A8FF-415D-959C-06CFA885FD1E} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe Task: {1BABDE22-854C-4493-BD69-634F0DE96DE0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company) Task: {28D9DFCC-9BDB-4530-81CE-DB72E361687D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-02-24] () Task: {36FA5ADA-2011-46CE-BDD7-FC9F93B715AB} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe Task: {3A2B07F8-43A3-4683-ACDE-6CD90675DCC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30] (Google Inc.) Task: {3C8BB952-23DA-47E2-8465-7D4A300FA199} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated) Task: {3CE70D8F-AB34-43A1-8CCD-C7C83DC657D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company) Task: {659BEB22-838E-4294-AE53-5364E2DB2719} - System32\Tasks\HPCeeScheduleForHarlequin Haven => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {726C6D0F-22DF-491D-A870-45CBD241C7F3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {73B3B03E-C7EE-439E-8BD4-ED0711D30659} - System32\Tasks\MyDefrag v4.2.9 Daily => C:\Program Files\MyDefrag v4.2.9\Scripts\OptimizeDaily.MyD [2009-12-25] () Task: {7A565075-1008-4367-885F-4638B82E7B77} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1023100906-4222923350-201167260-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {7A9DE0DC-8FFD-434A-BB5D-0988AE564581} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company) Task: {7B9CE53A-3390-4FBA-8625-08DE895217DA} - System32\Tasks\SpywareBlaster AutoUpdate => C:\Program Files (x86)\SpywareBlaster\sbautoupdate.exe [2013-03-01] () Task: {7BD60636-D21F-4911-B421-31B77929A9FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2013-01-23] (Microsoft) Task: {7C8E7EAA-2F5C-4687-A8DC-CDD126E83DD7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe Task: {7F840F1C-7D06-47DC-903B-D945AE472DD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-30] (Google Inc.) Task: {991681BB-1292-4E36-9D8D-77DE4AA979C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1999-12-31] (Microsoft Corporation) Task: {9F4380F6-06A3-4369-83B7-A9520C24FF1C} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe Task: {A2F47E53-DA6B-44AB-9F32-EC90617BAC7A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company) Task: {A6B2A3F0-F7B2-429E-B6F1-01BCFDC0EAF1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {B479AC4D-F48E-45A4-9043-4C15706B24E2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1023100906-4222923350-201167260-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {C8FFD5BA-8D6F-4D23-8679-053F38B7ACAF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1999-12-31] (Microsoft Corporation) Task: {D13C83CC-AAD3-4084-8732-53C894A97537} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard) Task: {D6883784-B867-473F-8C2D-61F33A6D77D4} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-11] (Google) Task: {EB7955F9-E930-4872-A271-862975EBF78E} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01] (PC-Doctor, Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForHarlequin Haven.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe ==================== Loaded Modules (whitelisted) ============= 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2010-09-02 18:18 - 2010-06-30 13:39 - 03071608 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll 2009-12-16 02:44 - 2009-12-16 02:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll 2010-09-02 18:18 - 2010-06-30 13:34 - 00948496 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll 2010-09-02 18:18 - 2010-06-30 13:34 - 00153360 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll 2010-09-02 18:18 - 2010-06-30 13:39 - 03073144 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\res0409.dll 2009-09-13 20:06 - 2011-06-17 12:52 - 00204800 _____ () C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll 2011-07-18 17:07 - 2011-07-18 17:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll 2011-09-21 16:46 - 2011-09-21 16:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll 2008-11-11 13:48 - 2008-11-11 13:48 - 00074240 _____ () C:\Program Files (x86)\Notepad++\plugins\NppNetNote.dll 2007-08-04 21:10 - 2007-08-04 21:10 - 00250368 _____ () C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll 2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2010-08-30 21:41 - 2010-01-28 20:34 - 00417792 _____ () C:\Program Files (x86)\SpywareBlaster\SQLite3SB.dll 2013-10-17 17:03 - 2013-10-08 20:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll 2013-10-17 17:03 - 2013-10-08 20:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll 2013-10-17 17:03 - 2013-10-08 20:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll 2013-10-17 17:03 - 2013-10-08 20:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll 2013-10-17 17:03 - 2013-10-08 20:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:5C321E34 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/23/2013 00:28:32 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 00:28:31 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 00:22:10 PM) (Source: Application Error) (User: ) Description: Faulting application name: WDBackupEngine.exe, version: 2.0.0.15, time stamp: 0x520b9c0c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116 Exception code: 0xe0434352 Fault offset: 0x0000c41f Faulting process id: 0xca8 Faulting application start time: 0xWDBackupEngine.exe0 Faulting application path: WDBackupEngine.exe1 Faulting module path: WDBackupEngine.exe2 Report Id: WDBackupEngine.exe3 Error: (10/23/2013 00:22:07 PM) (Source: .NET Runtime) (User: ) Description: Application: WDBackupEngine.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.OutOfMemoryException Stack: at System.Threading.ExecutionContext.CreateCopy() at System.Threading._TimerCallback.PerformTimerCallback(System.Object) Error: (10/23/2013 10:41:29 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 10:41:29 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 10:40:50 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 10:40:49 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (10/23/2013 10:31:21 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary uvjsthjp. System Error: The system cannot find the file specified. . Error: (10/23/2013 10:25:15 AM) (Source: Application Error) (User: ) Description: Faulting application name: AvastUI.exe, version: 9.0.2006.159, time stamp: 0x525c2451 Faulting module name: AvastUI.exe, version: 9.0.2006.159, time stamp: 0x525c2451 Exception code: 0xc0000005 Fault offset: 0x000b7c6b Faulting process id: 0xc78 Faulting application start time: 0xAvastUI.exe0 Faulting application path: AvastUI.exe1 Faulting module path: AvastUI.exe2 Report Id: AvastUI.exe3 System errors: ============= Error: (10/23/2013 00:22:26 PM) (Source: Service Control Manager) (User: ) Description: The WD Backup service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (10/23/2013 11:25:35 AM) (Source: DCOM) (User: ) Description: 1068WDBackup{59484148-65C9-4467-A092-3F8380023772} Error: (10/23/2013 11:25:35 AM) (Source: DCOM) (User: ) Description: 1068WDBackup{81213AB4-5937-4340-88CD-66B4BC80DF73} Error: (10/23/2013 11:25:00 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:25:00 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:24:42 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:22:30 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:22:20 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:22:14 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (10/23/2013 11:21:52 AM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (10/23/2013 00:28:32 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 00:28:31 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 00:22:10 PM) (Source: Application Error)(User: ) Description: WDBackupEngine.exe2.0.0.15520b9c0cKERNELBASE.dll6.1.7601.1822951fb1116e04343520000c41fca801ced004ea03a6e5C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Windows\syswow64\KERNELBASE.dll442b4df4-3bff-11e3-aafe-78e7d182385d Error: (10/23/2013 00:22:07 PM) (Source: .NET Runtime)(User: ) Description: Application: WDBackupEngine.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.OutOfMemoryException Stack: at System.Threading.ExecutionContext.CreateCopy() at System.Threading._TimerCallback.PerformTimerCallback(System.Object) Error: (10/23/2013 10:41:29 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 10:41:29 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 10:40:50 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 10:40:49 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe Error: (10/23/2013 10:31:21 AM) (Source: Microsoft-Windows-CAPI2)(User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary uvjsthjp. System Error: The system cannot find the file specified. Error: (10/23/2013 10:25:15 AM) (Source: Application Error)(User: ) Description: AvastUI.exe9.0.2006.159525c2451AvastUI.exe9.0.2006.159525c2451c0000005000b7c6bc7801cecffb3508d0dbC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeef06bd93-3bee-11e3-8929-78e7d182385d CodeIntegrity Errors: =================================== Date: 2013-10-22 21:09:00.398 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-22 21:08:59.945 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 43% Total physical RAM: 5879.89 MB Available physical RAM: 3295.75 MB Total Pagefile: 11757.97 MB Available Pagefile: 9099.2 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:919.55 GB) (Free:735.84 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:11.67 GB) (Free:1.42 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1270.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 7E1BE820) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=920 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107) Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS) ==================== End Of Log ============================

Malwarebytes Anti-Rootkit BETA 1.07.0.1007 www.malwarebytes.org Database version: v2013.10.02.12 Windows 7 Service Pack 1 x64 FAT32 Internet Explorer 10.0.9200.16721 Harlequin Haven :: HARLEQUINHAVEN [administrator] 10/23/2013 8:47:03 AM mbar-log-2013-10-23 (08-47-03).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 260250 Time elapsed: 27 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x86 Account is Administrative Internet Explorer version: 10.0.9200.16721 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.200000 GHz Memory total: 3353337856, free: 1980747776 ======================================= --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.07.0.1007 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16721 File system is: FAT32 Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED CPU speed: 2.900000 GHz Memory total: 6165516288, free: 3136942080 No address found ======================================= Initializing... ------------ Kernel report ------------ 10/23/2013 08:44:37 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_AuthenticAMD.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\AtiPcie64.sys \SystemRoot\system32\DRIVERS\ahcix64s.sys \SystemRoot\system32\DRIVERS\storport.sys \SystemRoot\system32\drivers\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\drivers\ws2ifsl.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\amdppm.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\netr28x.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\usbohci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\drivers\1394ohci.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_diskdump.sys \SystemRoot\System32\Drivers\dump_ahcix64s.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\usbprint.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\system32\DRIVERS\dc3d.sys \SystemRoot\system32\DRIVERS\HIDPARSE.SYS \SystemRoot\system32\DRIVERS\USBSTOR.SYS \SystemRoot\system32\drivers\usbscan.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\system32\DRIVERS\wdcsam64.sys \SystemRoot\system32\DRIVERS\point64.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\Drivers\RtsUStor.sys \SystemRoot\system32\DRIVERS\OA002Vid.sys \SystemRoot\system32\DRIVERS\OA002Ufd.sys \SystemRoot\system32\drivers\usbaudio.sys \??\C:\Windows\system32\Drivers\OA002Afx.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\System32\ATMFD.DLL \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\adfs.SYS \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\drivers\WudfPf.sys \SystemRoot\system32\DRIVERS\WUDFRd.sys \??\C:\Windows\system32\Drivers\PROCEXP113.SYS \SystemRoot\system32\DRIVERS\hidusb.sys \SystemRoot\system32\DRIVERS\HIDCLASS.SYS \SystemRoot\system32\DRIVERS\kbdhid.sys \SystemRoot\system32\DRIVERS\mouhid.sys \SystemRoot\system32\DRIVERS\asyncmac.sys \SystemRoot\System32\Drivers\fastfat.SYS \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\wininet.dll \Windows\System32\usp10.dll \Windows\System32\shlwapi.dll \Windows\System32\rpcrt4.dll \Windows\System32\imagehlp.dll \Windows\System32\nsi.dll \Windows\System32\psapi.dll \Windows\System32\shell32.dll \Windows\System32\comdlg32.dll \Windows\System32\gdi32.dll \Windows\System32\difxapi.dll \Windows\System32\advapi32.dll \Windows\System32\sechost.dll \Windows\System32\Wldap32.dll \Windows\System32\clbcatq.dll \Windows\System32\lpk.dll \Windows\System32\setupapi.dll \Windows\System32\iertutil.dll \Windows\System32\user32.dll \Windows\System32\normaliz.dll \Windows\System32\msvcrt.dll \Windows\System32\kernel32.dll \Windows\System32\urlmon.dll \Windows\System32\msctf.dll \Windows\System32\ole32.dll \Windows\System32\imm32.dll \Windows\System32\oleaut32.dll \Windows\System32\ws2_32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\wintrust.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\devobj.dll \Windows\System32\comctl32.dll \Windows\System32\cfgmgr32.dll \Windows\System32\msasn1.dll \Windows\SysWOW64\normaliz.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk3\DR7 Upper Device Object: 0xfffffa8005216420 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\000000b7\ Lower Device Object: 0xfffffa80056df120 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk2\DR2 Upper Device Object: 0xfffffa8007d6a060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\00000086\ Lower Device Object: 0xfffffa8007d65b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk1\DR1 Upper Device Object: 0xfffffa8007d2d060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000007a\ Lower Device Object: 0xfffffa8007d22b60 Lower Device Driver Name: \Driver\USBSTOR\ <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8005b4a060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\0000005b\ Lower Device Object: 0xfffffa80059e89c0 Lower Device Driver Name: \Driver\ahcix64s\ <<<2>>> Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8005b4a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8005b4ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8005b4a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa80059e89c0, DeviceName: \Device\0000005b\, DriverName: \Driver\ahcix64s\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers... <<<2>>> <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7E1BE820 Partition information: Partition 0 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 2048 Numsec = 204800 Partition file system is NTFS Partition is bootable Partition 1 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 206848 Numsec = 1928431616 Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 1928638464 Numsec = 24483840 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 1000204886016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)... Done! Physical Sector Size: 512 Drive: 1, DevicePointer: 0xfffffa8007d2d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007d2d910, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007d2d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007d22b60, DeviceName: \Device\0000007a\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 1 Scanning MBR on drive 1... Inspecting partition table: MBR Signature: 55AA Disk Signature: 5F107 Partition information: Partition 0 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 2048 Numsec = 3906961408 Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 2000365289472 bytes Sector size: 512 bytes Done! Physical Sector Size: 0 Drive: 2, DevicePointer: 0xfffffa8007d6a060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8007d6ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8007d6a060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8007d65b60, DeviceName: \Device\00000086\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Physical Sector Size: 512 Drive: 3, DevicePointer: 0xfffffa8005216420, DeviceName: \Device\Harddisk3\DR7\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8006276540, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8005216420, DeviceName: \Device\Harddisk3\DR7\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa80056df120, DeviceName: \Device\000000b7\, DriverName: \Driver\USBSTOR\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk3\DR7\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 Drive 3 Scanning MBR on drive 3... Inspecting partition table: MBR Signature: 55AA Disk Signature: 0 Partition information: Partition 0 type is Other (0xb) Partition is ACTIVE. Partition starts at LBA: 63 Numsec = 15759702 Partition file system is FAT32 Partition is not bootable Partition 1 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 2 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 8086618112 bytes Sector size: 512 bytes Done! Scan finished ======================================= Removal queue found; removal started Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_1_r.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_3_0_63_i.mbam... Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_r.mbam... Removal finished ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.7 (10.15.2013:3) OS: Windows 7 Home Premium x64 Ran by Harlequin Haven on Wed 10/23/2013 at 9:26:52.06 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars" Successfully deleted: [Folder] "C:\Users\Harlequin Haven\appdata\local\blekkotb_031" Successfully deleted: [Folder] "C:\Users\Harlequin Haven\appdata\local\opencandy" ~~~ FireFox Successfully deleted: [File] C:\Users\Harlequin Haven\AppData\Roaming\mozilla\firefox\profiles\cfzxxe6w.default\user.js Successfully deleted the following from C:\Users\Harlequin Haven\AppData\Roaming\mozilla\firefox\profiles\cfzxxe6w.default\prefs.js user_pref("browser.search.order.1", "Blekko"); Emptied folder: C:\Users\Harlequin Haven\AppData\Roaming\mozilla\firefox\profiles\cfzxxe6w.default\minidumps [1 files] ~~~ Chrome Successfully deleted: [Folder] C:\Users\Harlequin Haven\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Wed 10/23/2013 at 9:33:48.48 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ adw cleaner - found no threats and did not make a file C:\Users\Harlequin Haven\Desktop\software\cnet2_radiantsetup1044439b_exe.exe a variant of Win32/InstallCore.D application C:\Users\Harlequin Haven\Documents\Downloaded Program Updates\zlsSetup_70_462_000_en.exe a variant of Win32/AdInstaller application C:\Users\Harlequin Haven\Documents\Downloaded Program Updates\zlsSetup_70_470_000_en.exe a variant of Win32/AdInstaller application Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2013 Ran by Harlequin Haven (administrator) on HARLEQUINHAVEN on 23-10-2013 17:10:10 Running from C:\Users\Harlequin Haven\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Creative Element) C:\Program Files (x86)\Creative Element Power Tools\Startup.exe (AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe (CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (SupportSoft, Inc.) C:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exe (SupportSoft, Inc.) C:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe (Ipswitch) C:\Program Files (x86)\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe () C:\Windows\SysWOW64\WinMsgBalloonServer.exe () C:\Windows\SysWOW64\WinMsgBalloonClient.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe () C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe () C:\Program Files (x86)\SpywareBlaster\spywareblaster.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [smartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] () HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-08-30] (Google Inc.) HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.) HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard) HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1715768 2010-09-28] (Hewlett-Packard) Startup: C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Creative Element Power Tools Startup.lnk ShortcutTarget: Creative Element Power Tools Startup.lnk -> C:\Program Files (x86)\Creative Element Power Tools\Startup.exe (Creative Element) Startup: C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700.lnk ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700.lnk -> C:\Program Files\HP\HP Officejet 6700\bin\HPStatusBL.dll (Hewlett-Packard Co.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {FCE4C95B-B382-4B50-AFFA-B828DCFC277C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {FCE4C95B-B382-4B50-AFFA-B828DCFC277C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=9wlanbUVL0ztdrBXpcwJMZtkt5c?q={searchTerms} SearchScopes: HKCU - {FCE4C95B-B382-4B50-AFFA-B828DCFC277C} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: HKLM-x32 {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 FireFox: ======== FF ProfilePath: C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_43 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pack.google.com/Google Updater;version=14 - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\googledesktop.xml FF Extension: No Name - C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: No Name - C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension Chrome: ======= CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) CHR Plugin: (Google Updater) - C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google) CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Extension: (YouTube) - C:\Users\HARLEQ~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Adblock Plus) - C:\Users\HARLEQ~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0 CHR Extension: (Google Search) - C:\Users\HARLEQ~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Gmail) - C:\Users\HARLEQ~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 ==================== Services (Whitelisted) ================= S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2009-07-13] (Microsoft Corporation) S3 GoogleDesktopManager-051210-111108; C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-06-12] (Google) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 msiserver; C:\Windows\SysWow64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) R2 sprtsvc_ncnetworksdm; C:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exe [206120 2010-06-17] (SupportSoft, Inc.) R2 tgsrvc_ncnetworksdm; C:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exe [185640 2010-06-17] (SupportSoft, Inc.) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.) R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) R2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [63096 2013-06-18] (Xobni Corporation) ==================== Drivers (Whitelisted) ==================== S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-04-21] () U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-23 17:10 - 2013-10-23 17:10 - 00000000 ____D C:\FRST 2013-10-23 17:08 - 2013-10-23 17:09 - 01955374 _____ (Farbar) C:\Users\Harlequin Haven\Desktop\FRST64.exe 2013-10-23 17:06 - 2013-10-23 17:06 - 00000389 _____ C:\Users\Harlequin Haven\Desktop\threats found.txt 2013-10-23 12:41 - 2013-10-23 12:41 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-23 11:01 - 2013-10-23 11:33 - 00000000 ____D C:\AdwCleaner 2013-10-23 10:39 - 2013-10-23 10:39 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\abzutsfs.sys 2013-10-23 10:08 - 2013-10-23 10:08 - 01060070 _____ C:\Users\Harlequin Haven\Desktop\AdwCleaner.exe 2013-10-23 09:33 - 2013-10-23 09:33 - 00003618 _____ C:\Users\Harlequin Haven\Desktop\JRT.txt 2013-10-23 09:26 - 2013-10-23 09:26 - 00000000 ____D C:\Windows\ERUNT 2013-10-23 08:38 - 2013-10-23 08:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-22 21:32 - 2013-10-22 21:32 - 00027584 _____ C:\ComboFix.txt 2013-10-22 21:15 - 2013-10-22 21:15 - 00013610 _____ C:\Windows\PFRO.log 2013-10-22 20:59 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe 2013-10-22 20:59 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe 2013-10-22 20:59 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-10-22 20:59 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-10-22 20:59 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-10-22 20:59 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe 2013-10-22 20:59 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe 2013-10-22 20:59 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe 2013-10-22 20:49 - 2013-10-23 08:37 - 00000650 _____ C:\FixitRegBackup.reg 2013-10-22 20:41 - 2013-10-22 21:33 - 00000000 ____D C:\Qoobox 2013-10-22 20:40 - 2013-10-22 21:29 - 00000000 ____D C:\Windows\erdnt 2013-10-22 20:37 - 2013-10-22 20:38 - 05136138 ____R (Swearware) C:\Users\Harlequin Haven\Desktop\ComboFix.exe 2013-10-20 18:51 - 2013-10-23 11:30 - 00000840 _____ C:\Windows\setupact.log 2013-10-20 18:51 - 2013-10-20 18:51 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 18:23 - 2013-10-20 18:24 - 06858592 _____ (Xobni) C:\Users\Harlequin Haven\Desktop\XobniSetup.exe 2013-10-20 18:21 - 2013-10-20 18:21 - 00000146 _____ C:\Users\Harlequin Haven\Desktop\fixing outlook.txt 2013-10-20 18:03 - 2013-10-20 18:05 - 00000000 ____D C:\Users\Harlequin Haven\Desktop\malwarebytes_suppl_log_files 2013-10-20 18:02 - 2013-10-20 18:02 - 00001231 _____ C:\Users\Harlequin Haven\Desktop\Microsoft Outlook.lnk 2013-10-20 18:02 - 2013-10-20 18:02 - 00000151 _____ C:\Users\Harlequin Haven\Desktop\Paying customer -- Contact Support via email.txt 2013-10-20 16:59 - 2013-10-20 16:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-20 16:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-10-20 16:52 - 2013-10-20 16:52 - 00009574 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_165248.reg 2013-10-20 16:09 - 2013-10-20 16:34 - 00000335 _____ C:\local.conf 2013-10-20 16:06 - 2013-10-20 16:06 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2013-10-20 16:05 - 2013-10-20 16:05 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\37EE5C39.sys 2013-10-20 15:13 - 2013-10-20 15:13 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\TuneUp Software 2013-10-20 15:11 - 2013-10-22 21:15 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-20 15:03 - 2013-10-20 15:03 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Local\MFAData 2013-10-20 14:35 - 2013-10-20 14:35 - 00007688 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_143448.reg 2013-10-20 13:48 - 2013-10-20 13:48 - 00085832 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_134817.reg 2013-10-20 13:26 - 2013-10-20 13:26 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-20 13:26 - 2013-10-20 13:26 - 00000000 ____D C:\Program Files\CCleaner 2013-10-20 13:20 - 2013-10-23 11:28 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-10-20 12:26 - 2013-10-20 12:26 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\AVAST Software 2013-10-20 12:25 - 2013-10-23 10:12 - 00000034 _____ C:\Windows\AvastEmUpdate.ini 2013-10-20 12:24 - 2013-10-20 12:24 - 00003206 _____ C:\Windows\System32\Tasks\{17174424-5CF8-4DEF-82DD-1361635490F6} 2013-10-20 12:22 - 2013-10-20 14:36 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-20 12:15 - 2013-10-20 18:05 - 00000000 ____D C:\Users\Harlequin Haven\Desktop\software 2013-10-20 12:14 - 2013-10-20 13:23 - 00000826 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak 2013-10-20 12:00 - 2013-10-20 13:06 - 00000940 _____ C:\Users\Harlequin Haven\Desktop\pc_tuneup_2013-10-20.txt 2013-10-20 11:59 - 2013-10-20 11:59 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2013-10-18 21:03 - 2013-10-23 15:03 - 00000372 _____ C:\Windows\Tasks\HPCeeScheduleForHarlequin Haven.job 2013-10-18 21:03 - 2013-10-18 21:03 - 00003246 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHarlequin Haven 2013-10-18 08:45 - 2013-10-20 13:08 - 00000000 ____D C:\Program Files (x86)\jv16 PowerTools 2014 2013-10-18 08:45 - 2013-10-18 08:45 - 00000024 ___SH C:\Users\Harlequin Haven\AppData\Roaming\System5908ConfigCollection.dat 2013-10-18 08:45 - 2013-10-18 08:45 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014 2013-10-17 22:20 - 2013-10-17 22:20 - 00000000 ____D C:\Users\Harlequin Haven\Downloads\mbam-chameleon-1.62.1.1000 2013-10-17 22:19 - 2013-10-17 22:19 - 01440846 _____ C:\Users\Harlequin Haven\Downloads\mbam-chameleon-1.62.1.1000.zip 2013-10-17 21:43 - 2013-10-23 09:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-17 21:38 - 2013-10-17 21:39 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Harlequin Haven\Downloads\mbar-1.07.0.1007 (1).exe 2013-10-17 21:27 - 2013-10-17 21:29 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Harlequin Haven\Downloads\mbar-1.07.0.1007.exe 2013-10-17 17:27 - 2013-10-17 17:27 - 00000000 ____D C:\Program Files\Western Digital 2013-10-10 03:49 - 2013-09-22 19:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-10 03:49 - 2013-09-20 23:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-10 03:49 - 2013-09-20 23:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-10 03:48 - 2013-09-22 19:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-10 03:48 - 2013-09-22 19:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-10 03:48 - 2013-09-22 19:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-10-10 03:48 - 2013-09-22 18:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-10 03:48 - 2013-09-22 18:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-10 03:48 - 2013-09-22 18:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-10-10 03:48 - 2013-09-22 18:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-10 03:48 - 2013-09-22 18:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-10-10 03:48 - 2013-09-20 22:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-10 03:48 - 2013-09-20 22:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-09 13:14 - 2013-09-13 21:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-10-09 13:14 - 2013-09-07 22:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2013-10-09 13:14 - 2013-09-07 22:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2013-10-09 13:14 - 2013-09-07 22:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll 2013-10-09 13:14 - 2013-07-12 06:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2013-10-09 13:14 - 2013-07-12 06:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2013-10-09 13:14 - 2013-07-12 06:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 13:14 - 2013-07-04 08:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-10-09 13:14 - 2013-07-04 08:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 13:14 - 2013-07-04 08:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-10-09 13:14 - 2013-07-04 07:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 13:14 - 2013-07-04 07:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-10-09 13:14 - 2013-07-04 07:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 13:14 - 2013-07-04 06:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2013-10-09 13:14 - 2013-07-03 00:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-09 13:14 - 2013-07-03 00:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2013-10-09 13:14 - 2013-07-03 00:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 13:14 - 2013-06-25 18:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 13:14 - 2013-06-06 01:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2013-10-09 13:14 - 2013-06-06 01:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2013-10-09 13:14 - 2013-06-06 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2013-10-09 13:14 - 2013-06-06 01:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 13:14 - 2013-06-06 00:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2013-10-09 13:14 - 2013-06-06 00:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2013-10-09 13:14 - 2013-06-06 00:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2013-10-09 13:14 - 2013-06-05 23:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 13:14 - 2013-06-05 23:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 13:14 - 2013-06-05 23:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 13:13 - 2013-08-28 22:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2013-10-09 13:13 - 2013-08-28 22:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2013-10-09 13:13 - 2013-08-28 22:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2013-10-09 13:13 - 2013-08-28 22:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2013-10-09 13:13 - 2013-08-28 22:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2013-10-09 13:13 - 2013-08-28 21:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 13:13 - 2013-08-28 21:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 13:13 - 2013-08-28 21:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2013-10-09 13:13 - 2013-08-28 21:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2013-10-09 13:13 - 2013-08-28 21:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2013-10-09 13:13 - 2013-08-28 21:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2013-10-09 13:13 - 2013-08-28 20:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2013-10-09 13:13 - 2013-08-28 20:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 13:13 - 2013-08-28 20:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2013-10-09 13:13 - 2013-08-28 20:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2013-10-09 13:13 - 2013-08-27 21:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 13:13 - 2013-08-27 21:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2013-10-09 13:13 - 2013-08-01 08:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 13:13 - 2013-07-20 06:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 13:13 - 2013-07-20 06:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 13:07 - 2013-09-04 08:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-09 13:07 - 2013-09-04 08:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-07 19:23 - 2013-10-07 19:23 - 05549056 _____ C:\Users\Harlequin Haven\Documents\Samson's Vet Record for the year Photos.msg ==================== One Month Modified Files and Folders ======= 2013-10-23 17:10 - 2013-10-23 17:10 - 00000000 ____D C:\FRST 2013-10-23 17:09 - 2013-10-23 17:08 - 01955374 _____ (Farbar) C:\Users\Harlequin Haven\Desktop\FRST64.exe 2013-10-23 17:06 - 2013-10-23 17:06 - 00000389 _____ C:\Users\Harlequin Haven\Desktop\threats found.txt 2013-10-23 16:49 - 2010-08-30 22:31 - 01227566 _____ C:\Windows\WindowsUpdate.log 2013-10-23 16:36 - 2010-08-30 21:40 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-23 16:18 - 2012-04-01 16:26 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-23 15:03 - 2013-10-18 21:03 - 00000372 _____ C:\Windows\Tasks\HPCeeScheduleForHarlequin Haven.job 2013-10-23 12:41 - 2013-10-23 12:41 - 00000000 ____D C:\Program Files (x86)\ESET 2013-10-23 12:22 - 2013-08-15 03:49 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat 2013-10-23 11:41 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-23 11:41 - 2009-07-14 00:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-23 11:33 - 2013-10-23 11:01 - 00000000 ____D C:\AdwCleaner 2013-10-23 11:32 - 2010-08-30 21:41 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster 2013-10-23 11:30 - 2013-10-20 18:51 - 00000840 _____ C:\Windows\setupact.log 2013-10-23 11:30 - 2010-08-30 21:40 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-23 11:30 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-10-23 11:28 - 2013-10-20 13:20 - 00000000 _____ C:\Windows\SysWOW64\config.nt 2013-10-23 11:00 - 2012-04-17 10:46 - 00000000 ____D C:\Users\Harlequin Haven\Documents\Outlook Files 2013-10-23 10:50 - 2009-07-14 01:08 - 00032612 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-23 10:39 - 2013-10-23 10:39 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\abzutsfs.sys 2013-10-23 10:12 - 2013-10-20 12:25 - 00000034 _____ C:\Windows\AvastEmUpdate.ini 2013-10-23 10:08 - 2013-10-23 10:08 - 01060070 _____ C:\Users\Harlequin Haven\Desktop\AdwCleaner.exe 2013-10-23 09:58 - 2012-01-15 03:29 - 00003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{890221EF-523D-4963-9CD4-95741D4DC679} 2013-10-23 09:46 - 2009-07-14 01:13 - 00783290 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-23 09:33 - 2013-10-23 09:33 - 00003618 _____ C:\Users\Harlequin Haven\Desktop\JRT.txt 2013-10-23 09:26 - 2013-10-23 09:26 - 00000000 ____D C:\Windows\ERUNT 2013-10-23 09:11 - 2013-10-17 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-10-23 08:38 - 2013-10-23 08:38 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-10-23 08:37 - 2013-10-22 20:49 - 00000650 _____ C:\FixitRegBackup.reg 2013-10-23 07:53 - 2010-08-30 21:38 - 00000000 ____D C:\Program Files\MyDefrag v4.2.9 2013-10-22 21:33 - 2013-10-22 20:41 - 00000000 ____D C:\Qoobox 2013-10-22 21:33 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Default 2013-10-22 21:32 - 2013-10-22 21:32 - 00027584 _____ C:\ComboFix.txt 2013-10-22 21:29 - 2013-10-22 20:40 - 00000000 ____D C:\Windows\erdnt 2013-10-22 21:17 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini 2013-10-22 21:15 - 2013-10-22 21:15 - 00013610 _____ C:\Windows\PFRO.log 2013-10-22 21:15 - 2013-10-20 15:11 - 00000000 ____D C:\ProgramData\AVG2014 2013-10-22 21:15 - 2011-07-14 18:49 - 00000000 ____D C:\ProgramData\MFAData 2013-10-22 20:57 - 2011-07-14 19:36 - 00000000 ____D C:\Program Files (x86)\AVG 2013-10-22 20:38 - 2013-10-22 20:37 - 05136138 ____R (Swearware) C:\Users\Harlequin Haven\Desktop\ComboFix.exe 2013-10-22 16:46 - 2010-09-02 18:19 - 00000000 ____D C:\Users\Harlequin Haven\Documents\important junk 2013-10-22 08:12 - 2013-04-21 10:31 - 00000000 ____D C:\ProgramData\firebird 2013-10-22 08:12 - 2010-09-02 16:32 - 00000000 ____D C:\Users\Harlequin Haven\Documents\MailStore Home 2013-10-21 23:57 - 2013-01-06 19:02 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2013_applications 2013-10-20 20:27 - 2013-06-25 13:59 - 00000000 ____D C:\Users\Harlequin Haven\Documents\1_recipes 2013-10-20 18:56 - 2011-06-17 17:09 - 00000590 _____ C:\Users\Harlequin Haven\AppData\Local\xobni_installer_updater.log 2013-10-20 18:51 - 2013-10-20 18:51 - 00000000 _____ C:\Windows\setuperr.log 2013-10-20 18:44 - 2011-06-17 17:09 - 00000000 ____D C:\Program Files (x86)\Xobni 2013-10-20 18:24 - 2013-10-20 18:23 - 06858592 _____ (Xobni) C:\Users\Harlequin Haven\Desktop\XobniSetup.exe 2013-10-20 18:21 - 2013-10-20 18:21 - 00000146 _____ C:\Users\Harlequin Haven\Desktop\fixing outlook.txt 2013-10-20 18:05 - 2013-10-20 18:03 - 00000000 ____D C:\Users\Harlequin Haven\Desktop\malwarebytes_suppl_log_files 2013-10-20 18:05 - 2013-10-20 12:15 - 00000000 ____D C:\Users\Harlequin Haven\Desktop\software 2013-10-20 18:02 - 2013-10-20 18:02 - 00001231 _____ C:\Users\Harlequin Haven\Desktop\Microsoft Outlook.lnk 2013-10-20 18:02 - 2013-10-20 18:02 - 00000151 _____ C:\Users\Harlequin Haven\Desktop\Paying customer -- Contact Support via email.txt 2013-10-20 17:57 - 2010-09-10 06:13 - 00000000 ____D C:\ProgramData\Recovery 2013-10-20 16:59 - 2013-10-20 16:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-10-20 16:52 - 2013-10-20 16:52 - 00009574 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_165248.reg 2013-10-20 16:43 - 2010-07-24 17:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-20 16:34 - 2013-10-20 16:09 - 00000335 _____ C:\local.conf 2013-10-20 16:06 - 2013-10-20 16:06 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2013-10-20 16:05 - 2013-10-20 16:05 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\37EE5C39.sys 2013-10-20 15:13 - 2013-10-20 15:13 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\TuneUp Software 2013-10-20 15:03 - 2013-10-20 15:03 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Local\MFAData 2013-10-20 14:36 - 2013-10-20 12:22 - 00000000 ____D C:\ProgramData\AVAST Software 2013-10-20 14:35 - 2013-10-20 14:35 - 00007688 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_143448.reg 2013-10-20 13:48 - 2013-10-20 13:48 - 00085832 _____ C:\Users\Harlequin Haven\Documents\cc_20131020_134817.reg 2013-10-20 13:47 - 2010-09-01 17:29 - 00000000 ____D C:\ProgramData\PCPitstop 2013-10-20 13:38 - 2010-09-02 15:17 - 00000000 ___DC C:\Users\Harlequin Haven\AppData\Local\MigWiz 2013-10-20 13:38 - 2009-07-24 15:22 - 00000000 ____D C:\Windows\Panther 2013-10-20 13:26 - 2013-10-20 13:26 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-10-20 13:26 - 2013-10-20 13:26 - 00000000 ____D C:\Program Files\CCleaner 2013-10-20 13:23 - 2013-10-20 12:14 - 00000826 _____ C:\Windows\system32\Drivers\etc\hosts_PTbackup2.bak 2013-10-20 13:08 - 2013-10-18 08:45 - 00000000 ____D C:\Program Files (x86)\jv16 PowerTools 2014 2013-10-20 13:06 - 2013-10-20 12:00 - 00000940 _____ C:\Users\Harlequin Haven\Desktop\pc_tuneup_2013-10-20.txt 2013-10-20 12:27 - 2011-02-01 14:09 - 00001945 _____ C:\Windows\epplauncher.mif 2013-10-20 12:26 - 2013-10-20 12:26 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\AVAST Software 2013-10-20 12:24 - 2013-10-20 12:24 - 00003206 _____ C:\Windows\System32\Tasks\{17174424-5CF8-4DEF-82DD-1361635490F6} 2013-10-20 12:14 - 2009-07-13 22:34 - 00575472 _____ C:\Windows\system32\Drivers\etc\hosts_PTBackup.bak 2013-10-20 11:59 - 2013-10-20 11:59 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2013-10-20 11:59 - 2010-09-01 17:26 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\Notepad++ 2013-10-20 11:59 - 2010-09-01 17:26 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-10-19 07:24 - 2012-11-08 15:47 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2013_newsetter 2013-10-19 07:17 - 2010-09-02 18:55 - 00000000 ____D C:\Users\Harlequin Haven\Documents\turnout info 2013-10-18 21:03 - 2013-10-18 21:03 - 00003246 _____ C:\Windows\System32\Tasks\HPCeeScheduleForHarlequin Haven 2013-10-18 21:02 - 2010-09-01 14:25 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\HP Support Assistant 2013-10-18 21:02 - 2010-08-31 20:37 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\HpUpdate 2013-10-18 19:58 - 2012-01-21 15:32 - 00035328 _____ C:\Users\Harlequin Haven\Documents\black_mcsweeney.xls 2013-10-18 08:45 - 2013-10-18 08:45 - 00000024 ___SH C:\Users\Harlequin Haven\AppData\Roaming\System5908ConfigCollection.dat 2013-10-18 08:45 - 2013-10-18 08:45 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2014 2013-10-17 22:20 - 2013-10-17 22:20 - 00000000 ____D C:\Users\Harlequin Haven\Downloads\mbam-chameleon-1.62.1.1000 2013-10-17 22:19 - 2013-10-17 22:19 - 01440846 _____ C:\Users\Harlequin Haven\Downloads\mbam-chameleon-1.62.1.1000.zip 2013-10-17 21:55 - 2013-06-07 19:04 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2013_donation_letters 2013-10-17 21:39 - 2013-10-17 21:38 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Harlequin Haven\Downloads\mbar-1.07.0.1007 (1).exe 2013-10-17 21:29 - 2013-10-17 21:27 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Harlequin Haven\Downloads\mbar-1.07.0.1007.exe 2013-10-17 17:28 - 2013-05-19 10:55 - 00000000 ____D C:\ProgramData\Package Cache 2013-10-17 17:27 - 2013-10-17 17:27 - 00000000 ____D C:\Program Files\Western Digital 2013-10-17 17:27 - 2013-05-19 10:56 - 00000000 ____D C:\Program Files\Common Files\Western Digital 2013-10-17 17:27 - 2013-05-19 10:29 - 00000000 ____D C:\Program Files (x86)\Western Digital 2013-10-17 07:13 - 2010-12-26 09:42 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2011_applications 2013-10-17 06:24 - 2011-06-17 14:43 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Local\Corel 2013-10-16 18:16 - 2010-09-02 18:19 - 00000000 ____D C:\Users\Harlequin Haven\Documents\HHGDR Files 2013-10-16 10:07 - 2010-09-02 18:11 - 00000000 ____D C:\Users\Harlequin Haven\Documents\Dog Stories 2013-10-13 11:13 - 2013-09-20 11:33 - 00049152 _____ C:\Users\Harlequin Haven\Documents\2013_auction.xls 2013-10-12 22:31 - 2010-08-30 21:40 - 00003912 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-12 22:31 - 2010-08-30 21:40 - 00003660 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-12 16:38 - 2011-06-17 14:59 - 00002828 ___SH C:\ProgramData\KGyGaAvL.sys 2013-10-12 16:38 - 2011-06-17 14:43 - 00000000 ____D C:\Users\Harlequin Haven\Documents\My PSP Files 2013-10-10 18:08 - 2010-09-02 18:54 - 00000000 ____D C:\Users\Harlequin Haven\Documents\Phonelist 2013-10-10 09:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache 2013-10-10 04:23 - 2009-07-14 00:45 - 03042784 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-10 04:22 - 2012-08-14 17:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-10 04:22 - 2012-08-14 17:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 03:56 - 2011-06-17 15:30 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-10 03:37 - 2010-09-06 15:58 - 00777014 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-10 03:24 - 2013-08-15 03:05 - 00000000 ____D C:\Windows\system32\MRT 2013-10-10 03:14 - 2010-09-01 20:17 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-10-09 06:19 - 2012-04-01 16:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-09 06:19 - 2012-04-01 16:26 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-10-09 06:19 - 2011-05-17 12:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-08 16:21 - 2013-04-21 13:34 - 00000000 ____D C:\Users\Harlequin Haven\AppData\Local\Xobni 2013-10-08 10:02 - 2010-09-02 18:11 - 00000000 ____D C:\Users\Harlequin Haven\Documents\blood work 2013-10-08 09:55 - 2010-09-02 18:20 - 00000000 ____D C:\Users\Harlequin Haven\Documents\Mozart_art 2013-10-07 19:23 - 2013-10-07 19:23 - 05549056 _____ C:\Users\Harlequin Haven\Documents\Samson's Vet Record for the year Photos.msg 2013-10-03 19:35 - 2012-01-11 17:16 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2012_applications 2013-09-30 11:05 - 2010-08-30 22:33 - 00000544 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job 2013-09-26 14:49 - 2013-01-29 14:17 - 00024064 _____ C:\Users\Harlequin Haven\Documents\2013_medical_taxes.xls 2013-09-23 18:33 - 2010-08-30 22:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-23 09:36 - 2012-03-08 19:28 - 00000000 ____D C:\Users\Harlequin Haven\Documents\2012 donor_letters ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-21 00:25 ==================== End Of Log ============================

Microsoft Security Essentials is not showing as a program on my computer and I have tried everything I could find to uninstall it and yet it appears to still be here. How do I get it off?

ComboFix 13-10-21.01 - Harlequin Haven 10/22/2013 21:01:35.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5880.4431 [GMT -4:00] Running from: c:\users\Harlequin Haven\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml c:\programdata\99D2FE82C3.sys c:\users\Harlequin Haven\AppData\Roaming\1D959CA221C7573.sys c:\windows\SysWow64\aosmtp.dll . . ((((((((((((((((((((((((( Files Created from 2013-09-23 to 2013-10-23 ))))))))))))))))))))))))))))))) . . 2013-10-23 01:12 . 2013-10-23 01:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-10-23 00:49 . 2013-10-23 00:49 650 ----a-w- C:\FixitRegBackup.reg 2013-10-20 20:59 . 2013-10-20 20:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2013-10-20 20:59 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-10-20 20:06 . 2013-10-20 20:06 116440 ----a-w- c:\windows\system32\drivers\48230029.sys 2013-10-20 20:05 . 2013-10-20 20:05 91352 ----a-w- c:\windows\system32\drivers\37EE5C39.sys 2013-10-20 19:13 . 2013-10-20 19:13 -------- d-----w- c:\users\Harlequin Haven\AppData\Roaming\TuneUp Software 2013-10-20 19:11 . 2013-10-23 01:15 -------- d-----w- c:\programdata\AVG2014 2013-10-20 19:03 . 2013-10-20 19:03 -------- d-----w- c:\users\Harlequin Haven\AppData\Local\MFAData 2013-10-20 18:37 . 2013-10-20 19:36 -------- d-----w- c:\program files\AVAST Software 2013-10-20 17:26 . 2013-10-20 17:26 -------- d-----w- c:\program files\CCleaner 2013-10-20 16:26 . 2013-10-20 16:26 -------- d-----w- c:\users\Harlequin Haven\AppData\Roaming\AVAST Software 2013-10-20 16:22 . 2013-10-20 18:36 -------- d-----w- c:\programdata\AVAST Software 2013-10-18 12:45 . 2013-10-20 17:08 -------- d-----w- c:\program files (x86)\jv16 PowerTools 2014 2013-10-18 01:43 . 2013-10-20 20:36 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-10-17 21:27 . 2013-10-17 21:27 -------- d-----w- c:\program files\Western Digital 2013-10-10 07:49 . 2013-09-21 03:38 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-10-10 07:49 . 2013-09-21 03:30 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb 2013-10-09 17:14 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll 2013-10-09 17:13 . 2013-08-28 01:21 3155968 ----a-w- c:\windows\system32\win32k.sys 2013-10-09 17:07 . 2013-09-04 12:12 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-10-09 17:07 . 2013-09-04 12:11 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-10-09 17:07 . 2013-09-04 12:11 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-10-09 17:07 . 2013-09-04 12:11 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-10-09 17:07 . 2013-09-04 12:11 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-10-09 17:07 . 2013-09-04 12:11 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-10-09 17:07 . 2013-09-04 12:11 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-09-23 22:33 . 2013-09-11 02:28 271256 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-12 20:38 . 2011-06-17 18:59 2828 --sha-w- c:\programdata\KGyGaAvL.sys 2013-10-10 07:14 . 2010-09-02 00:17 80541720 ----a-w- c:\windows\system32\MRT.exe 2013-10-09 10:19 . 2012-04-01 20:26 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-09 10:19 . 2011-05-17 16:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-08-29 01:48 . 2013-10-09 17:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-08-05 02:25 . 2013-09-12 10:55 155584 ----a-w- c:\windows\system32\drivers\ataport.sys 2013-08-02 02:14 . 2013-09-12 10:55 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-08-02 02:13 . 2013-09-12 10:55 424448 ----a-w- c:\windows\system32\KernelBase.dll 2013-08-02 02:13 . 2013-09-12 10:55 1161216 ----a-w- c:\windows\system32\kernel32.dll 2013-08-02 02:12 . 2013-09-12 10:55 43520 ----a-w- c:\windows\system32\csrsrv.dll 2013-08-02 02:12 . 2013-09-12 10:55 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 6656 ----a-w- c:\windows\system32\apisetschema.dll 2013-08-02 02:12 . 2013-09-12 10:55 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:55 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-08-02 02:12 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-08-02 01:50 . 2013-09-12 10:55 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll 2013-08-02 01:48 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:55 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2013-08-02 01:48 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll 2013-08-02 01:09 . 2013-09-12 10:55 338432 ----a-w- c:\windows\system32\conhost.exe 2013-08-02 00:59 . 2013-09-12 10:55 112640 ----a-w- c:\windows\system32\smss.exe 2013-08-02 00:43 . 2013-09-12 10:54 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2013-08-02 00:43 . 2013-09-12 10:54 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2013-08-02 00:43 . 2013-09-12 10:54 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2013-08-02 00:43 . 2013-09-12 10:54 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2013-07-26 02:24 . 2013-09-12 10:54 14172672 ----a-w- c:\windows\system32\shell32.dll 2013-07-26 02:24 . 2013-09-12 10:54 197120 ----a-w- c:\windows\system32\shdocvw.dll 2013-07-25 09:25 . 2013-08-14 10:57 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-25 08:57 . 2013-08-14 10:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2012-11-14 11:05 . 2012-11-14 11:04 34693120 ----a-w- c:\program files (x86)\GUTECD1.tmp . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-08-31 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2013-08-14 5537136] . c:\users\Harlequin Haven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Creative Element Power Tools Startup.lnk - c:\program files (x86)\Creative Element Power Tools\Startup.exe [2010-9-2 265384] Monitor Ink Alerts - HP Officejet 6700.lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet 6700\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN22G1G26P05RQ;CONNECTION=USB;MONITOR=1; [2009-7-13 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x] R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S0 ahcix64s;ahcix64s;c:\windows\system32\DRIVERS\ahcix64s.sys;c:\windows\SYSNATIVE\DRIVERS\ahcix64s.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 AMD_RAIDXpert;AMD RAIDXpert;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe;c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [x] S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 sprtsvc_ncnetworksdm;SupportSoft Sprocket Service (ncnetworksdm);c:\program files (x86)\NCNETWORKSDM\bin\sprtsvc.exe;c:\program files (x86)\NCNETWORKSDM\bin\sprtsvc.exe [x] S2 tgsrvc_ncnetworksdm;SupportSoft Repair Service (ncnetworksdm);c:\program files (x86)\NCNETWORKSDM\bin\tgsrvc.exe;c:\program files (x86)\NCNETWORKSDM\bin\tgsrvc.exe [x] S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x] S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x] S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 OA002Afx;Provides a software interface to control audio effects of OA002 camera.;c:\windows\system32\Drivers\OA002Afx.sys;c:\windows\SYSNATIVE\Drivers\OA002Afx.sys [x] S3 OA002Ufd;Creative Camera OA002 Upper Filter Driver;c:\windows\system32\DRIVERS\OA002Ufd.sys;c:\windows\SYSNATIVE\DRIVERS\OA002Ufd.sys [x] S3 OA002Vid;Creative Camera OA002 Function Driver;c:\windows\system32\DRIVERS\OA002Vid.sys;c:\windows\SYSNATIVE\DRIVERS\OA002Vid.sys [x] S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-10-17 20:37 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-10-23 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 10:19] . 2011-09-08 c:\windows\Tasks\Google Software Updater.job - c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-08-31 09:13] . 2013-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-31 01:40] . 2013-10-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-31 01:40] . 2013-10-23 c:\windows\Tasks\HPCeeScheduleForHarlequin Haven.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 03:15] . 2013-09-30 c:\windows\Tasks\PCDRScheduledMaintenance.job - c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 FF - ProfilePath - c:\users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - user.js: extensions.autoDisableScopes - 14 FF - user.js: security.csp.enable - false . . ------- File Associations ------- . .txt=Notepad++_file . - - - - ORPHANS REMOVED - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file) ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}] @Denied: (A 2 3) (Everyone) . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\InProcServer32] @="%SystemRoot%\\Explorer.exe" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\ProgID] @="DAO.Client" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{C8618CE4-B0B4-4D1D-8336-866A8B88B639}\TypeLib] @="{F86A7697-B88F-1300-8336-6A6969707277}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe c:\program files (x86)\SpywareBlaster\sbautoupdate.exe c:\program files (x86)\SpywareBlaster\sbautoupdate.exe c:\program files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe . ************************************************************************** . Completion time: 2013-10-22 21:32:29 - machine was rebooted ComboFix-quarantined-files.txt 2013-10-23 01:32 . Pre-Run: 784,745,828,352 bytes free Post-Run: 785,517,744,128 bytes free . - - End Of File - - 2769E7AABE846D78EE3F5752BC6E4E9C

I posted in the below Help forum because I couldn't check the "enable malicious website blocking" part of protection. I was told possibly infected and to move query over here to ask for help. I'm pasting in the requested logs below. Old thread: https://forums.malwarebytes.org/index.php?showtopic=135199#entry744568 -- Hi I have been using Pro for sometime but on Thurs I noticed that my blue icon is now grey and I cannot check off to enable website blocking. Everything else seems to work, but I am concerned. I have run Chameleon and Anti-Rootkit and they seem to have come up clean. I have uninstalled and reinstalled, and many reboots, but still cannot check that box!. On Thursday nite I submitted my problem to the "Paying customer -- Contact Support via email" but have received no reply (It's now Sunday evening). I am not able to do what I need to do on this computer because I'm afraid there is a malware problem since when I search on this problem those are the results that most often come up. I was using MSE along with Pro, but today changed to AVG. thanks for any good advice I can get! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720Run by Harlequin Haven at 17:17:33 on 2013-10-20Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5880.2394 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2014\avgrsa.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exeC:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files\Microsoft Mouse and Keyboard Center\itype.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exeC:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exeC:\Program Files (x86)\AVG\AVG2014\avgfws.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Program Files (x86)\AVG\AVG2014\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exec:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exec:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exeC:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exeC:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exeC:\Program Files (x86)\Xobni\XobniService.exeC:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Program Files (x86)\AVG\AVG2014\avgnsa.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\AVG\AVG2014\avgemca.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Windows\SysWOW64\WinMsgBalloonServer.exeC:\Windows\SysWOW64\WinMsgBalloonClient.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Creative Element Power Tools\Startup.exeC:\Windows\system32\RunDll32.exeC:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exeC:\Program Files (x86)\AVG\AVG2014\avgui.exeC:\Program Files (x86)\Notepad++\notepad++.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\deepinvent\MailStore Home\MailStoreHome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\sysWow64\SearchProtocolHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Streets & Trips 2010\StreetsOlkShim.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreservedURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exemRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLYmRunOnce: [ (A0)] cmd /c "C:\Users\Harlequin Haven\Desktop\software\mbar\mbar.exe" /rdv /smRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\HARLEQ~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Creative Element Power Tools Startup.lnk - C:\Program Files (x86)\Creative Element Power Tools\Startup.exeStartupFolder: C:\Users\HARLEQ~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700.lnk - C:\Windows\System32\RunDll32.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.254.254TCP: Interfaces\{4DFAA3EC-847A-4646-880E-104273B15845} : DHCPNameServer = 192.168.254.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exex64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLHosts: 127.0.0.1 wdcs.trendmicro.comHosts: 127.0.0.1 ads.bleepingcomputer.comHosts: 127.0.0.1 ox-d.majorgeeks.comHosts: 127.0.0.1 metrics.mcafee.comHosts: 127.0.0.1 metrics.bitdefender.com.Note: multiple HOSTS entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dllFF - component: C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dllFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-10-20 13:29; wrc@avast.com; C:\PROGRA~1\AVAST Software\Avast\WebRep\FF.---- FIREFOX POLICIES ----FF - user.js: extensions.autoDisableScopes - 14FF - user.js: security.csp.enable - false..============= SERVICES / DRIVERS ===============.R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2009-5-18 231224]R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\48230029.sys [2013-10-20 116440]R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-12 203264]R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-12-15 122880]R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-25 1358944]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-20 701512]R2 sprtsvc_ncnetworksdm;SupportSoft Sprocket Service (ncnetworksdm);C:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exe [2010-6-17 206120]R2 tgsrvc_ncnetworksdm;SupportSoft Repair Service (ncnetworksdm);C:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exe [2010-6-17 185640]R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-8-14 1042808]R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-8-14 270704]R2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2012-4-9 62184]R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-9-2 172704]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-20 25928]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-7-24 852256]R3 OA002Afx;Provides a software interface to control audio effects of OA002 camera.;C:\Windows\System32\drivers\OA002Afx.sys [2007-6-8 219544]R3 OA002Ufd;Creative Camera OA002 Upper Filter Driver;C:\Windows\System32\drivers\OA002Ufd.sys [2008-6-3 168864]R3 OA002Vid;Creative Camera OA002 Function Driver;C:\Windows\System32\drivers\OA002Vid.sys [2008-8-1 306560]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-21 251496]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-24 346144]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-6-17 46136]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-6-18 1038088]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-6-12 30192]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-21 19456]S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-4-21 16152]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-21 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-31 1255736]SUnknown mbamchameleon;mbamchameleon; [x].=============== File Associations ===============.FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [userChoice]FileExt: .ini: Notepad++_file="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1".=============== Created Last 30 ================.2013-10-20 20:59:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-20 20:59:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-20 20:06:01 116440 ----a-w- C:\Windows\System32\drivers\48230029.sys2013-10-20 20:05:23 91352 ----a-w- C:\Windows\System32\drivers\37EE5C39.sys2013-10-20 19:14:35 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\AVG20142013-10-20 19:13:48 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\TuneUp Software2013-10-20 19:11:23 -------- d-----w- C:\ProgramData\AVG20142013-10-20 19:03:57 -------- d-----w- C:\Users\Harlequin Haven\AppData\Local\MFAData2013-10-20 19:03:57 -------- d-----w- C:\Users\Harlequin Haven\AppData\Local\Avg20142013-10-20 18:37:50 -------- d-----w- C:\Program Files\AVAST Software2013-10-20 17:26:18 -------- d-----w- C:\Program Files\CCleaner2013-10-20 16:26:48 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\AVAST Software2013-10-20 16:22:36 -------- d-----w- C:\ProgramData\AVAST Software2013-10-18 12:45:44 24 --sha-w- C:\Users\Harlequin Haven\AppData\Roaming\1D959CA221C7573.sys2013-10-18 12:45:30 -------- d-----w- C:\Program Files (x86)\jv16 PowerTools 20142013-10-18 01:43:19 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-17 21:27:10 -------- d-----w- C:\Program Files\Western Digital2013-10-10 07:49:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-10-10 07:49:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-10-09 17:14:16 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-09 17:13:59 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-10-09 17:07:21 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-10-09 17:07:21 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-10-09 17:07:21 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-10-09 17:07:21 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-10-09 17:07:21 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-10-09 17:07:21 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-10-09 17:07:21 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-26 13:44:54 57144 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys2013-09-23 22:33:36 271256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll.==================== Find3M ====================.2013-10-12 20:38:43 2828 --sha-w- C:\ProgramData\KGyGaAvL.sys2013-10-09 10:19:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-09 10:19:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 20:07:06 251192 ----a-w- C:\Windows\System32\drivers\avgtdia.sys2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2012-11-14 11:05:55 34693120 ----a-w- C:\Program Files (x86)\GUTECD1.tmp.============= FINISH: 17:18:07.02 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 8/30/2010 10:32:29 PMSystem Uptime: 10/20/2013 4:07:56 PM (1 hours ago).Motherboard: FOXCONN | | 2A92 Processor: AMD Athlon II X4 635 Processor | CPU 1 | 2900/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 920 GiB total, 738.199 GiB free.D: is FIXED (NTFS) - 12 GiB total, 1.415 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 1863 GiB total, 1270.638 GiB free.L: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP945: 10/19/2013 8:20:00 PM - Scheduled CheckpointRP946: 10/20/2013 12:23:12 PM - avast! antivirus system restore pointRP947: 10/20/2013 12:58:05 PM - Removed HP MediaSmart/TouchSmart NetflixRP948: 10/20/2013 12:59:47 PM - Removed HP Officejet 6700 Product Improvement StudyRP949: 10/20/2013 1:01:49 PM - Removed Spinco Download ManagerRP950: 10/20/2013 1:28:26 PM - avast! antivirus system restore pointRP951: 10/20/2013 2:20:55 PM - Removed QuickTimeRP952: 10/20/2013 2:37:00 PM - avast! antivirus system restore pointRP953: 10/20/2013 3:10:15 PM - Installed AVG 2014RP954: 10/20/2013 3:10:44 PM - Installed AVG 2014RP955: 10/20/2013 4:41:11 PM - Configured HP.==== Hosts File Hijack ======================.Hosts: 127.0.0.1 wdcs.trendmicro.comHosts: 127.0.0.1 ads.bleepingcomputer.comHosts: 127.0.0.1 ox-d.majorgeeks.comHosts: 127.0.0.1 metrics.mcafee.comHosts: 127.0.0.1 metrics.bitdefender.comHosts: 127.0.0.1 analytics.microsoft.comHosts: 127.0.0.1 ads.mcafee.comHosts: 127.0.0.1 om.symantec.com.==== Installed Programs ======================.Adobe Acrobat 9 ProAdobe Acrobat 9.5.5 - CPSID_83708Adobe AIRAdobe Anchor Service CS4Adobe Anchor Service x64 CS4Adobe Bridge CS4Adobe CMaps CS4Adobe CMaps x64 CS4Adobe Color - Photoshop Specific CS4Adobe Color EU Extra Settings CS4Adobe Color JA Extra Settings CS4Adobe Color NA Recommended Settings CS4Adobe Color Video Profiles CS CS4Adobe CSI CS4Adobe CSI CS4 x64Adobe Default Language CS4Adobe Drive CS4 x64Adobe ExtendScript Toolkit CS4Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Fonts AllAdobe Fonts All x64Adobe Linguistics CS4Adobe Linguistics CS4 x64Adobe Media PlayerAdobe Output ModuleAdobe PDF Library Files CS4Adobe PDF Library Files x64 CS4Adobe Photoshop CS4Adobe Photoshop CS4 (64 Bit)Adobe Photoshop CS4 SupportAdobe Search for HelpAdobe Service Manager ExtensionAdobe SetupAdobe Type Support CS4Adobe Type Support x64 CS4Adobe Update Manager CS4Adobe WinSoft Linguistics PluginAdobe WinSoft Linguistics Plugin x64Adobe XMP Panels CS4AdobeColorCommonSetCMYKAdobeColorCommonSetRGBAdvanced Audio FX EngineApple Application SupportApple Software UpdateAVG 2014Catalyst Control Center InstallProxyCCleanerCinemaNow Media ManagerCompatibility Pack for the 2007 Office systemConnectCorel PaintShop Photo Pro X3Creative Element Power ToolsCyberLink DVD Suite DeluxeDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell Webcam CentralDHTML Editing ComponentDriveImage XML (Private Edition)DVD Menu Pack for HP MediaSmart VideoGoogle AppsGoogle ChromeGoogle DesktopGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterGroupMail :: Personal EditionHardware Diagnostic ToolsHewlett-Packard ACLM.NET v1.1.2.0HP AdvisorHP Customer Experience EnhancementsHP FWUpdateEDO2HP MediaSmart CinemaNow 2.0HP MediaSmart DVDHP MediaSmart MusicHP MediaSmart PhotoHP MediaSmart SmartMenuHP MediaSmart VideoHP OdometerHP Officejet 6700 Basic Device SoftwareHP Officejet 6700 HelpHP SetupHP Support InformationHP UpdateHPDiagnosticAlertI.R.I.S. OCRICAIPM_PSP_CLIPM_PSP_COMIpswitch WS_FTP 12jv16 PowerTools 2012jv16 PowerTools 2014kulerLabelPrintLightScribe System SoftwareMailStore Home 8.1.0.9075Malwarebytes Anti-Malware version 1.75.0.1300MetronMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Expression Design 4Microsoft Expression Encoder 4Microsoft Expression Encoder 4 Screen Capture CodecMicrosoft Expression Web 4Microsoft Expression Web 4 Service Pack 2Microsoft Mouse and Keyboard CenterMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access database engine 2007 (English)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft Streets & Trips 2010Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable PackageMicrosoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft WSE 3.0 RuntimeMicrosoft_VC90_CRT_x86Monitor Webcam Driver (1.01.02.0804) Mozilla Firefox 24.0 (x86 en-US)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)muvee Reveal Seagate EditionMyDefrag v4.2.9Notepad++PDF Settings CS4PhotoNow!Photoshop Camera RawPhotoshop Camera Raw_x64Picasa 3PlayReady PC Runtime amd64Power2GoPowerDirectorPrimoPDF -- brought to you by Nitro PDF SoftwarePSPPContentPSPPRO_DCRAWRadiAnt DICOM Viewer (64-bit)RAIDXpertRalink RT2860 Wireless LAN CardRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRecovery ManagerRoxio CinemaNow 2.0Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Expression Design 4 (KB2667730)Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSetupSpinco Download ManagerSpywareBlaster 5.0Suite Shared Configuration CS4Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionVisual Studio 2008 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesWD Drive UtilitiesWD Quick ViewWD SmartWareWD SmartWare InstallerXobniXobni Core.==== Event Viewer Messages From Past Week ========.10/20/2013 6:15:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.294.0).10/20/2013 6:14:49 AM, Error: Microsoft Antimalware [2001] - 10/20/2013 6:14:46 AM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.10/20/2013 6:14:46 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.10/20/2013 4:09:42 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.10/20/2013 4:09:42 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.10/20/2013 4:09:40 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.10/20/2013 4:05:23 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.10/20/2013 3:36:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {81213AB4-5937-4340-88CD-66B4BC80DF73}10/20/2013 3:36:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {59484148-65C9-4467-A092-3F8380023772}10/20/2013 3:35:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}10/20/2013 3:35:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}10/20/2013 3:35:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/20/2013 3:35:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}10/20/2013 3:35:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}10/20/2013 3:35:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}10/20/2013 3:35:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgdiska Avgfwfd AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:19:19 PM, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.10/20/2013 2:14:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/20/2013 2:13:35 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.10/20/2013 2:13:29 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 2:13:29 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 2:13:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/20/2013 2:13:29 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.10/20/2013 1:47:21 PM, Error: Service Control Manager [7034] - The PCPitstop Scheduling service terminated unexpectedly. It has done this 1 time(s).10/20/2013 1:11:51 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 1:11:51 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 1:11:50 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 1:11:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}10/19/2013 9:21:20 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.10/19/2013 6:13:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.246.0).10/19/2013 5:48:37 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.10/18/2013 6:16:10 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.159.0).10/17/2013 9:31:26 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.10/17/2013 6:27:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.87.0).10/17/2013 1:42:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.53.0).10/15/2013 8:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2288.0).10/15/2013 2:22:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2225.0).10/14/2013 7:09:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2190.0).10/14/2013 6:25:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2127.0).10/13/2013 6:16:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2102.0).10/13/2013 6:10:07 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.10/13/2013 2:54:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2116.0)..==== End Of File ===========================

Thanks. Here are the logs you asked for. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16720Run by Harlequin Haven at 17:17:33 on 2013-10-20Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5880.2394 [GMT -4:00].AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2014\avgrsa.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\atieclxx.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exeC:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files\Microsoft Mouse and Keyboard Center\itype.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exeC:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exeC:\Program Files (x86)\AVG\AVG2014\avgfws.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Program Files (x86)\AVG\AVG2014\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exeC:\Windows\System32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exec:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exec:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exeC:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exeC:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exeC:\Program Files (x86)\Xobni\XobniService.exeC:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Program Files (x86)\AVG\AVG2014\avgnsa.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\AVG\AVG2014\avgemca.exeC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrva.exeC:\Windows\SysWOW64\WinMsgBalloonServer.exeC:\Windows\SysWOW64\WinMsgBalloonClient.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exeC:\Program Files (x86)\Creative Element Power Tools\Startup.exeC:\Windows\system32\RunDll32.exeC:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exeC:\Program Files (x86)\AVG\AVG2014\avgui.exeC:\Program Files (x86)\Notepad++\notepad++.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\deepinvent\MailStore Home\MailStoreHome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\sysWow64\SearchProtocolHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Streets & Trips 2010\StreetsOlkShim.exeC:\Program Files (x86)\AVG\AVG2014\avgcsrvx.exeC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreservedURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>mWinlogon: Userinit = userinit.exe,BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllBHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dllTB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dlluRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exemRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLYmRunOnce: [ (A0)] cmd /c "C:\Users\Harlequin Haven\Desktop\software\mbar\mbar.exe" /rdv /smRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\HARLEQ~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Creative Element Power Tools Startup.lnk - C:\Program Files (x86)\Creative Element Power Tools\Startup.exeStartupFolder: C:\Users\HARLEQ~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700.lnk - C:\Windows\System32\RunDll32.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.254.254TCP: Interfaces\{4DFAA3EC-847A-4646-880E-104273B15845} : DHCPNameServer = 192.168.254.254Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exex64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLHosts: 127.0.0.1 wdcs.trendmicro.comHosts: 127.0.0.1 ads.bleepingcomputer.comHosts: 127.0.0.1 ox-d.majorgeeks.comHosts: 127.0.0.1 metrics.mcafee.comHosts: 127.0.0.1 metrics.bitdefender.com.Note: multiple HOSTS entries found. Please refer to Attach.txt.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dllFF - component: C:\Users\Harlequin Haven\AppData\Roaming\Mozilla\Firefox\Profiles\cfzxxe6w.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}\platform\WINNT_x86-msvc\components\ipc_fireftp.dllFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLLFF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLLFF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dllFF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dllFF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dllFF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dllFF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dllFF - ExtSQL: 2013-10-20 13:29; wrc@avast.com; C:\PROGRA~1\AVAST Software\Avast\WebRep\FF.---- FIREFOX POLICIES ----FF - user.js: extensions.autoDisableScopes - 14FF - user.js: security.csp.enable - false..============= SERVICES / DRIVERS ===============.R0 ahcix64s;ahcix64s;C:\Windows\System32\drivers\ahcix64s.sys [2009-5-18 231224]R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-9-2 192824]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-9-2 294712]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-8-20 123704]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-8 31544]R0 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\48230029.sys [2013-10-20 116440]R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-9-25 148792]R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-9-2 241464]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-9-2 212280]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-5-12 203264]R2 AMD_RAIDXpert;AMD RAIDXpert;C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [2009-12-15 122880]R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-9-25 1358944]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-10-3 3538480]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-25 301152]R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-2-26 127984]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-3-28 94264]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-10-20 701512]R2 sprtsvc_ncnetworksdm;SupportSoft Sprocket Service (ncnetworksdm);C:\Program Files (x86)\NCNETWORKSDM\bin\sprtsvc.exe [2010-6-17 206120]R2 tgsrvc_ncnetworksdm;SupportSoft Repair Service (ncnetworksdm);C:\Program Files (x86)\NCNETWORKSDM\bin\tgsrvc.exe [2010-6-17 185640]R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-8-14 1042808]R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-8-14 270704]R2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2012-4-9 62184]R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-9-2 172704]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-20 25928]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-7-24 852256]R3 OA002Afx;Provides a software interface to control audio effects of OA002 camera.;C:\Windows\System32\drivers\OA002Afx.sys [2007-6-8 219544]R3 OA002Ufd;Creative Camera OA002 Upper Filter Driver;C:\Windows\System32\drivers\OA002Ufd.sys [2008-6-3 168864]R3 OA002Vid;Creative Camera OA002 Function Driver;C:\Windows\System32\drivers\OA002Vid.sys [2008-8-1 306560]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2013-4-21 251496]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-7-24 346144]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-6-17 46136]S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-6-18 1038088]S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-6-12 30192]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-21 19456]S3 SWDUMon;SWDUMon;C:\Windows\System32\drivers\SWDUMon.sys [2013-4-21 16152]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-21 57856]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-31 1255736]SUnknown mbamchameleon;mbamchameleon; [x].=============== File Associations ===============.FileExt: .txt: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [userChoice]FileExt: .ini: Notepad++_file="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1".=============== Created Last 30 ================.2013-10-20 20:59:49 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-10-20 20:59:49 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-10-20 20:06:01 116440 ----a-w- C:\Windows\System32\drivers\48230029.sys2013-10-20 20:05:23 91352 ----a-w- C:\Windows\System32\drivers\37EE5C39.sys2013-10-20 19:14:35 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\AVG20142013-10-20 19:13:48 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\TuneUp Software2013-10-20 19:11:23 -------- d-----w- C:\ProgramData\AVG20142013-10-20 19:03:57 -------- d-----w- C:\Users\Harlequin Haven\AppData\Local\MFAData2013-10-20 19:03:57 -------- d-----w- C:\Users\Harlequin Haven\AppData\Local\Avg20142013-10-20 18:37:50 -------- d-----w- C:\Program Files\AVAST Software2013-10-20 17:26:18 -------- d-----w- C:\Program Files\CCleaner2013-10-20 16:26:48 -------- d-----w- C:\Users\Harlequin Haven\AppData\Roaming\AVAST Software2013-10-20 16:22:36 -------- d-----w- C:\ProgramData\AVAST Software2013-10-18 12:45:44 24 --sha-w- C:\Users\Harlequin Haven\AppData\Roaming\1D959CA221C7573.sys2013-10-18 12:45:30 -------- d-----w- C:\Program Files (x86)\jv16 PowerTools 20142013-10-18 01:43:19 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-10-17 21:27:10 -------- d-----w- C:\Program Files\Western Digital2013-10-10 07:49:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-10-10 07:49:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-10-09 17:14:16 633856 ----a-w- C:\Windows\System32\comctl32.dll2013-10-09 17:13:59 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-10-09 17:07:21 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-10-09 17:07:21 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-10-09 17:07:21 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-10-09 17:07:21 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-10-09 17:07:21 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-10-09 17:07:21 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-10-09 17:07:21 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-26 13:44:54 57144 ----a-w- C:\Windows\System32\drivers\avgfwd6a.sys2013-09-26 01:07:30 148792 ----a-w- C:\Windows\System32\drivers\avgdiska.sys2013-09-23 22:33:36 271256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll.==================== Find3M ====================.2013-10-12 20:38:43 2828 --sha-w- C:\ProgramData\KGyGaAvL.sys2013-10-09 10:19:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-10-09 10:19:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-09-22 23:28:06 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-09-22 23:27:49 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-09-22 23:27:48 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-09-22 23:27:48 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-09-22 22:55:10 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-09-22 22:54:51 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-09-22 22:54:50 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-09-22 22:54:50 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-09-21 02:48:36 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-09-21 02:39:47 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-09-14 01:10:19 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-09 02:11:42 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-02 14:59:14 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys2013-09-02 14:29:18 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys2013-09-02 14:26:50 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys2013-09-02 14:26:42 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll2013-08-21 02:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-08-01 20:07:06 251192 ----a-w- C:\Windows\System32\drivers\avgtdia.sys2013-08-01 12:09:36 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2012-11-14 11:05:55 34693120 ----a-w- C:\Program Files (x86)\GUTECD1.tmp.============= FINISH: 17:18:07.02 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 8/30/2010 10:32:29 PMSystem Uptime: 10/20/2013 4:07:56 PM (1 hours ago).Motherboard: FOXCONN | | 2A92 Processor: AMD Athlon II X4 635 Processor | CPU 1 | 2900/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 920 GiB total, 738.199 GiB free.D: is FIXED (NTFS) - 12 GiB total, 1.415 GiB free.E: is CDROM ()F: is FIXED (NTFS) - 1863 GiB total, 1270.638 GiB free.L: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP945: 10/19/2013 8:20:00 PM - Scheduled CheckpointRP946: 10/20/2013 12:23:12 PM - avast! antivirus system restore pointRP947: 10/20/2013 12:58:05 PM - Removed HP MediaSmart/TouchSmart NetflixRP948: 10/20/2013 12:59:47 PM - Removed HP Officejet 6700 Product Improvement StudyRP949: 10/20/2013 1:01:49 PM - Removed Spinco Download ManagerRP950: 10/20/2013 1:28:26 PM - avast! antivirus system restore pointRP951: 10/20/2013 2:20:55 PM - Removed QuickTimeRP952: 10/20/2013 2:37:00 PM - avast! antivirus system restore pointRP953: 10/20/2013 3:10:15 PM - Installed AVG 2014RP954: 10/20/2013 3:10:44 PM - Installed AVG 2014RP955: 10/20/2013 4:41:11 PM - Configured HP.==== Hosts File Hijack ======================.Hosts: 127.0.0.1 wdcs.trendmicro.comHosts: 127.0.0.1 ads.bleepingcomputer.comHosts: 127.0.0.1 ox-d.majorgeeks.comHosts: 127.0.0.1 metrics.mcafee.comHosts: 127.0.0.1 metrics.bitdefender.comHosts: 127.0.0.1 analytics.microsoft.comHosts: 127.0.0.1 ads.mcafee.comHosts: 127.0.0.1 om.symantec.com.==== Installed Programs ======================.Adobe Acrobat 9 ProAdobe Acrobat 9.5.5 - CPSID_83708Adobe AIRAdobe Anchor Service CS4Adobe Anchor Service x64 CS4Adobe Bridge CS4Adobe CMaps CS4Adobe CMaps x64 CS4Adobe Color - Photoshop Specific CS4Adobe Color EU Extra Settings CS4Adobe Color JA Extra Settings CS4Adobe Color NA Recommended Settings CS4Adobe Color Video Profiles CS CS4Adobe CSI CS4Adobe CSI CS4 x64Adobe Default Language CS4Adobe Drive CS4 x64Adobe ExtendScript Toolkit CS4Adobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Fonts AllAdobe Fonts All x64Adobe Linguistics CS4Adobe Linguistics CS4 x64Adobe Media PlayerAdobe Output ModuleAdobe PDF Library Files CS4Adobe PDF Library Files x64 CS4Adobe Photoshop CS4Adobe Photoshop CS4 (64 Bit)Adobe Photoshop CS4 SupportAdobe Search for HelpAdobe Service Manager ExtensionAdobe SetupAdobe Type Support CS4Adobe Type Support x64 CS4Adobe Update Manager CS4Adobe WinSoft Linguistics PluginAdobe WinSoft Linguistics Plugin x64Adobe XMP Panels CS4AdobeColorCommonSetCMYKAdobeColorCommonSetRGBAdvanced Audio FX EngineApple Application SupportApple Software UpdateAVG 2014Catalyst Control Center InstallProxyCCleanerCinemaNow Media ManagerCompatibility Pack for the 2007 Office systemConnectCorel PaintShop Photo Pro X3Creative Element Power ToolsCyberLink DVD Suite DeluxeDefinition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDell Webcam CentralDHTML Editing ComponentDriveImage XML (Private Edition)DVD Menu Pack for HP MediaSmart VideoGoogle AppsGoogle ChromeGoogle DesktopGoogle EarthGoogle Toolbar for Internet ExplorerGoogle Update HelperGoogle UpdaterGroupMail :: Personal EditionHardware Diagnostic ToolsHewlett-Packard ACLM.NET v1.1.2.0HP AdvisorHP Customer Experience EnhancementsHP FWUpdateEDO2HP MediaSmart CinemaNow 2.0HP MediaSmart DVDHP MediaSmart MusicHP MediaSmart PhotoHP MediaSmart SmartMenuHP MediaSmart VideoHP OdometerHP Officejet 6700 Basic Device SoftwareHP Officejet 6700 HelpHP SetupHP Support InformationHP UpdateHPDiagnosticAlertI.R.I.S. OCRICAIPM_PSP_CLIPM_PSP_COMIpswitch WS_FTP 12jv16 PowerTools 2012jv16 PowerTools 2014kulerLabelPrintLightScribe System SoftwareMailStore Home 8.1.0.9075Malwarebytes Anti-Malware version 1.75.0.1300MetronMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Expression Design 4Microsoft Expression Encoder 4Microsoft Expression Encoder 4 Screen Capture CodecMicrosoft Expression Web 4Microsoft Expression Web 4 Service Pack 2Microsoft Mouse and Keyboard CenterMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access database engine 2007 (English)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft Streets & Trips 2010Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable PackageMicrosoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft WSE 3.0 RuntimeMicrosoft_VC90_CRT_x86Monitor Webcam Driver (1.01.02.0804) Mozilla Firefox 24.0 (x86 en-US)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP3 ParserMSXML 4.0 SP3 Parser (KB2721691)MSXML 4.0 SP3 Parser (KB2758694)muvee Reveal Seagate EditionMyDefrag v4.2.9Notepad++PDF Settings CS4PhotoNow!Photoshop Camera RawPhotoshop Camera Raw_x64Picasa 3PlayReady PC Runtime amd64Power2GoPowerDirectorPrimoPDF -- brought to you by Nitro PDF SoftwarePSPPContentPSPPRO_DCRAWRadiAnt DICOM Viewer (64-bit)RAIDXpertRalink RT2860 Wireless LAN CardRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderRecovery ManagerRoxio CinemaNow 2.0Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Expression Design 4 (KB2667730)Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSetupSpinco Download ManagerSpywareBlaster 5.0Suite Shared Configuration CS4Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionVisual Studio 2008 x64 RedistributablesVisual Studio 2012 x64 RedistributablesVisual Studio 2012 x86 RedistributablesWD Drive UtilitiesWD Quick ViewWD SmartWareWD SmartWare InstallerXobniXobni Core.==== Event Viewer Messages From Past Week ========.10/20/2013 6:15:03 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.294.0).10/20/2013 6:14:49 AM, Error: Microsoft Antimalware [2001] - 10/20/2013 6:14:46 AM, Error: Service Control Manager [7003] - The Microsoft Network Inspection System service depends the following service: BFE. This service might not be installed.10/20/2013 6:14:46 AM, Error: Service Control Manager [7001] - The Microsoft Network Inspection service depends on the Microsoft Network Inspection System service which failed to start because of the following error: The dependency service does not exist or has been marked for deletion.10/20/2013 4:09:42 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.10/20/2013 4:09:42 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.10/20/2013 4:09:40 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.10/20/2013 4:05:23 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for DeleteFlag with the following error: Access is denied.10/20/2013 3:36:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {81213AB4-5937-4340-88CD-66B4BC80DF73}10/20/2013 3:36:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service WDBackup with arguments "" in order to run the server: {59484148-65C9-4467-A092-3F8380023772}10/20/2013 3:35:42 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}10/20/2013 3:35:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}10/20/2013 3:35:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/20/2013 3:35:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}10/20/2013 3:35:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}10/20/2013 3:35:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}10/20/2013 3:35:17 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgdiska Avgfwfd AVGIDSDriver Avgldx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.10/20/2013 3:35:14 PM, Error: Service Control Manager [7001] - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: A device attached to the system is not functioning.10/20/2013 3:19:19 PM, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.10/20/2013 2:14:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf10/20/2013 2:13:35 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The WdiServiceHost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7038] - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 2:13:29 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.10/20/2013 2:13:29 PM, Error: Service Control Manager [7000] - The Network List Service service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 2:13:29 PM, Error: Service Control Manager [7000] - The Diagnostic Service Host service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 2:13:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}10/20/2013 2:13:29 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.10/20/2013 1:47:21 PM, Error: Service Control Manager [7034] - The PCPitstop Scheduling service terminated unexpectedly. It has done this 1 time(s).10/20/2013 1:11:51 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 1:11:51 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.10/20/2013 1:11:50 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).10/20/2013 1:11:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}10/19/2013 9:21:20 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.10/19/2013 6:13:12 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.246.0).10/19/2013 5:48:37 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.10/18/2013 6:16:10 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.159.0).10/17/2013 9:31:26 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.10/17/2013 6:27:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.87.0).10/17/2013 1:42:51 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.161.53.0).10/15/2013 8:42:48 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2288.0).10/15/2013 2:22:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2225.0).10/14/2013 7:09:24 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2190.0).10/14/2013 6:25:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2127.0).10/13/2013 6:16:04 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2102.0).10/13/2013 6:10:07 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.10/13/2013 2:54:18 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.159.2116.0)..==== End Of File ===========================

Hi I have been using Pro for sometime but on Thurs I noticed that my blue icon is now grey and I cannot check off to enable website blocking. Everything else seems to work, but I am concerned. I have run Chameleon and Anti-Rootkit and they seem to have come up clean. I have uninstalled and reinstalled, and many reboots, but still cannot check that box!. On Thursday nite I submitted my problem to the "Paying customer -- Contact Support via email" but have received no reply (It's now Sunday evening). I am not able to do what I need to do on this computer because I'm afraid there is a malware problem since when I search on this problem those are the results that most often come up. I was using MSE along with Pro, but today changed to AVG. thanks for any good advice I can get!