DVD not reading disks.

JustJen · April 11, 2014

Hello I was sent over here from a different forum to check to see if I have a software issue or an infection. My DVD player all of a sudden won't read disks. When researching my issue Microsoft support says I have a corrupt file but does not tell me how to fix the problem. I have Malewarebytes Pro but when I scan my computer it says nothing was detected. Any help would be great.

Thanks in advance,

Jen

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 29 days old and could be outdated)
Ran by Jen (administrator) on OUR-CPU on 11-04-2014 00:03:53
Running from C:\Users\Jen\Downloads
Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSr64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Western Digital Technologies, Inc.) C:\Windows\SysWOW64\WDBtnMgr.exe
(Yahoo! Inc) C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe
() C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Jen\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WPCUMI] - C:\Windows\system32\WpcUmi.exe [182784 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [skytel] - Skytel.exe
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RAVCpl64.exe [6431232 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [1683456 2007-08-07] (Dell Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Button Manager] - WDBtnMgr.exe
HKLM-x32\...\Run: [YSearchProtection] - C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-24] (Sonic Solutions)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [eBook Library Launcher] - C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe [902504 2009-10-19] (Sony Corporation)
HKLM-x32\...\Run: [DMXLauncher] - C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe [113136 2008-05-24] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] - "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2005-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] - [X]
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3093024 2013-02-25] (Fitbit, Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Nena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\Nena.Our-CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\protected\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5090116
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2929250
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2929250
SearchScopes: HKCU - {2964F230-6750-4F92-8A6A-FC0FFD9B8656} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {DE83D8E5-54D8-4CE6-AAFD-AD7D0B8E4CCC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
Toolbar: HKCU - No Name - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {CE7499E7-AF3C-4662-AC92-454212345DDB} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 19 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default
FF Homepage: rr.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @real.com/npracplug;version=1.0.0.0 - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.8.1 - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Extension: NoScript - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-09-24]
FF Extension: Adblock Plus - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======

CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
CHR Plugin: (eBook Library) - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.8.1) - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-12-20] ()
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-18] (Andrea Electronics Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2008-05-24] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2008-05-24] (Sonic Solutions)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1889792 2007-08-07] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 Msi_ssvawt; No ImagePath
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2008-07-21] (Windows ® Codename Longhorn DDK provider)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-09 03:06 - 2014-03-07 21:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 03:06 - 2014-03-07 21:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 03:06 - 2014-03-07 20:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 03:06 - 2014-03-07 20:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 03:06 - 2014-03-07 20:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 03:06 - 2014-03-07 20:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 20:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 03:06 - 2014-03-07 20:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 20:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 20:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 20:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 20:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 03:06 - 2014-03-07 16:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 03:06 - 2014-03-07 16:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 03:06 - 2014-03-07 16:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 03:06 - 2014-03-07 16:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 03:06 - 2014-03-07 16:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 16:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 03:06 - 2014-03-07 16:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 03:06 - 2014-03-07 15:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 15:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 03:06 - 2014-03-07 15:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 15:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 03:06 - 2014-03-07 15:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 15:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 15:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-08 15:37 - 2014-02-05 21:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 15:37 - 2014-02-05 18:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:20 - 2014-04-11 00:03 - 00025531 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-07 20:20 - 2014-04-11 00:03 - 00000000 ____D () C:\FRST
2014-04-07 20:20 - 2014-04-07 20:27 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:35 - 2014-04-04 16:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:02 - 2014-04-01 13:03 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:08 - 2014-03-30 16:11 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-28 19:01 - 2014-03-28 19:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:20 - 2014-03-20 00:22 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize
2014-03-12 17:14 - 2014-02-07 05:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 17:14 - 2014-02-03 06:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 17:14 - 2014-02-03 03:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:14 - 2014-01-30 03:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 17:14 - 2014-01-30 00:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 17:14 - 2013-11-12 18:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-12 17:14 - 2013-11-12 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-11 00:03 - 2014-04-07 20:20 - 00025531 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-11 00:03 - 2014-04-07 20:20 - 00000000 ____D () C:\FRST
2014-04-11 00:03 - 2010-03-25 14:00 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-10 23:47 - 2009-02-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 23:25 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-10 23:25 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-10 23:05 - 2013-10-18 14:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-10 13:51 - 2009-01-16 08:07 - 01136804 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 07:03 - 2010-03-25 14:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 04:49 - 2009-01-16 13:22 - 00000288 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-04-09 03:32 - 2006-11-02 05:46 - 00822840 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 03:25 - 2006-11-02 08:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 03:24 - 2006-11-02 08:21 - 00415488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-09 03:22 - 2006-11-02 08:42 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-09 03:05 - 2013-08-15 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2006-11-02 05:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-07 20:27 - 2014-04-07 20:20 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-07 01:12 - 2009-01-23 23:38 - 00120832 _____ () C:\Users\Jen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:36 - 2014-04-04 16:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-02 03:02 - 2013-02-27 05:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 15:23 - 2012-08-30 10:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-04-01 15:23 - 2010-03-25 13:49 - 00120832 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 14:49 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:23 - 2012-09-23 19:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 13:23 - 2012-08-23 15:07 - 00121146 _____ () C:\Windows\PFRO.log
2014-04-01 13:06 - 2012-06-17 22:42 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:03 - 2014-04-01 13:02 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 13:03 - 2012-06-17 22:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:26 - 2009-01-16 13:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-30 16:11 - 2014-03-30 16:08 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:07 - 2012-09-10 23:45 - 00011828 _____ () C:\Windows\setupact.log
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-30 16:02 - 2009-01-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-30 16:02 - 2006-11-02 08:07 - 00000000 ____D () C:\Windows\ShellNew
2014-03-30 16:02 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\Help
2014-03-30 15:59 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\system
2014-03-29 01:14 - 2014-02-14 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-28 19:02 - 2014-03-28 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 06:58 - 2010-03-25 14:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 06:58 - 2010-03-25 14:00 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:22 - 2014-03-20 00:20 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize
2014-03-20 00:20 - 2009-01-23 23:34 - 00000000 ____D () C:\Users\Jen
2014-03-13 03:40 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\rescache
2014-03-13 03:20 - 2009-02-08 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 00:32 - 2012-06-17 22:47 - 00000000 ____D () C:\ProgramData\CanonIJ

Files to move or delete:
====================
C:\Users\Jen\AppData\Roaming\desktop.ini

Some content of TEMP:
====================
C:\Users\Jen\AppData\Local\Temp\APNStub.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Jen\AppData\Local\Temp\JREInstall??.exe
C:\Users\Jen\AppData\Local\Temp\mssinstaller.exe
C:\Users\Jen\AppData\Local\Temp\NEW14C4.tmp.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-10 15:46

==================== End Of Log ============================

Addition.txt

AdvancedSetup · April 14, 2014

Hello and :welcome:

Sorry for the delay.

Please start here and post back the logs when ready.

General P2P/Piracy Warning:

If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.

Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.

Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
If the log is too large then you can use attachments by clicking on the More Reply Options button.
Please enable your system to show hidden files: How to see hidden files in Windows
Make sure you're subscribed to this topic:
- Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly
[*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)

STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1

Link 2

On Windows XP double-click on the Rkill desktop icon to run the tool.
On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Please download ERUNT from one of the following links: Link1 | Link2 | Link3
ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
Double click on erunt-setup.exe to Install ERUNT by following the prompts.
NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
Choose a location for the backup.
- Note: the default location is C:\Windows\ERDNT which is acceptable.
[*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

STEP 02
Please run a Quick Scan with Malwarebytes
Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.
Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post back the report.
Make sure that everything is checked, and click Remove Selected if anything is found.

STEP 03
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

RogueKiller 32-bit | RogueKiller 64-bit
Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Don't run any other options, they're not all bad!!
Post back the report which should be located on your desktop.

Thanks

JustJen · April 15, 2014

Thank you for responding. I have attached the logs you requested.

Jen

Rkill.txt

RKreport0_S_04142014_181536.txt

malware.txt

README.TXT

AdvancedSetup · April 15, 2014

Thank you. Okay something is hooking the system.

Please visit this webpage and read the ComboFix User's Guide:

Once you've read the article and are ready to use the program you can download it directly from the link below.
Important! - Please make sure you save combofix to your desktop and do not run it from your browser
Direct download link for: ComboFix.exe
Please make sure you disable your security applications before running ComboFix.
Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
Please attach that log file to your next reply.
If needed the file can be located here: C:\combofix.txt
NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

JustJen · April 15, 2014

Here is the combofix log.

Jen

log.txt

AdvancedSetup · April 15, 2014

I think the program mistakenly removed your FITBIT software thinking it was an infection. We can reverse the settings but if you have the installer for Fitbit you can reinstall it as well. Let me know which way you'd like to go for that. Then for now let me have you run these items.

Please go ahead and run through the following steps and post back the logs when ready.

STEP 03
Please download Malwarebytes Anti-Rootkit from here

Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

STEP 04
Please download Junkware Removal Tool to your desktop.

Shutdown your antivirus to avoid any conflicts.
Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next reply message
When completed make sure to re-enable your antivirus

STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Please uncheck elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you may want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted:
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

STEP 06

Please go here to run the online antivirus scannner from ESET.

Turn off the real time scanner of any existing antivirus program while performing the online scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is unticked
Click on Advanced Settings and ensure these options are ticked:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
Click Scan
Wait for the scan to finish
If any threats were found, click the 'List of found threats' , then click Export to text file....
Save it to your desktop, then please copy and paste that log as a reply to this topic.

STEP 07
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

Double-click to run it. When the tool opens click Yes to disclaimer.
Press the Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.

JustJen · April 15, 2014

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.04.15.10

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jen :: OUR-CPU [administrator]

4/15/2014 12:20:39 PM
mbar-log-2014-04-15 (12-20-39).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 498447
Time elapsed: 16 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

© Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.333000 GHz
Memory total: 8588111872, free: 5729968128

Downloaded database version: v2014.04.15.10
Downloaded database version: v2014.03.27.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 90000000

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63 Numsec = 128457

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 129024 Numsec = 31457280

    Partition 2 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 31586304 Numsec = 945184768
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-31586304-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista Home Premium x64
Ran by Jen on Tue 04/15/2014 at 12:42:55.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"

~~~ Files

Successfully deleted: [File] "C:\Users\Public\Desktop\play more great games!.url"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\iwin"
Successfully deleted: [Folder] "C:\ProgramData\trymedia"
Successfully deleted: [Folder] "C:\Users\Jen\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\Jen\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Successfully deleted: [Folder] "C:\Users\Jen\appdata\locallow\asktoolbar"

~~~ FireFox

Emptied folder: C:\Users\Jen\AppData\Roaming\mozilla\firefox\profiles\tll4z1lr.default\minidumps [209 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/15/2014 at 12:50:26.22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.023 - Report created 15/04/2014 at 14:37:02
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista Home Premium Service Pack 2 (64 bits)
# Username : Jen - OUR-CPU
# Running from : C:\Users\Jen\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\BigFishSavedGames
[!] Folder Deleted : C:\Users\Jen\AppData\Local\Conduit

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1791C1B5-FFD0-4D4B-ABCD-7A7DF6EAA89C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\Software\PIP

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Jen\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2511 octets] - [15/04/2014 14:21:22]
AdwCleaner[s0].txt - [2130 octets] - [15/04/2014 14:37:02]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2190 octets] ##########

C:\Users\Jen\AppData\Local\Google\Chrome\User Data\Default\Default\aadedcdfdjgcdfgededidgdfdedfdbdh\background.html   Win32/BHO.OEI trojan
C:\Users\Jen\AppData\Local\Google\Chrome\User Data\Default\Default\aadedcdfdjgcdfgededidgdfdedfdbdh\ContentScript.js   Win32/BHO.OEI trojan
C:\Users\Jen\Downloads\plants-vs-zombies-game-of-the-year-edition-setup.exe   a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Jen (administrator) on OUR-CPU on 15-04-2014 15:36:19
Running from C:\Users\Jen\Downloads
Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSr64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\wpcumi.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Western Digital Technologies, Inc.) C:\Windows\SysWOW64\WDBtnMgr.exe
(Yahoo! Inc) C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe
() C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Farbar) C:\Users\Jen\Downloads\FRST64(4).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [182784 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [skytel] => Skytel.exe
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6431232 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [1683456 2007-08-07] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Button Manager] => WDBtnMgr.exe
HKLM-x32\...\Run: [YSearchProtection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-24] (Sonic Solutions)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [eBook Library Launcher] => C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe [902504 2009-10-19] (Sony Corporation)
HKLM-x32\...\Run: [DMXLauncher] => C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe [113136 2008-05-24] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2005-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5090116
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {2964F230-6750-4F92-8A6A-FC0FFD9B8656} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {DE83D8E5-54D8-4CE6-AAFD-AD7D0B8E4CCC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {CE7499E7-AF3C-4662-AC92-454212345DDB} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 19 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default
FF Homepage: rr.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @real.com/npracplug;version=1.0.0.0 - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin-x32: @sony.com/eBookLibrary - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.8.1 - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Extension: NoScript - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-09-24]
FF Extension: Adblock Plus - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======

CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
CHR Plugin: (eBook Library) - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.8.1) - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-12-20] ()
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-18] (Andrea Electronics Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2008-05-24] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2008-05-24] (Sonic Solutions)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1889792 2007-08-07] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-15] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 Msi_ssvawt; No ImagePath
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2008-07-21] (Windows ® Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-15 15:34 - 2014-04-15 15:35 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(4).exe
2014-04-15 15:34 - 2014-04-15 15:34 - 00000424 _____ () C:\Users\Jen\Desktop\eset.txt
2014-04-15 14:49 - 2014-04-15 14:49 - 02347384 _____ (ESET) C:\Users\Jen\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:49 - 2014-04-15 14:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:21 - 2014-04-15 14:37 - 00000000 ____D () C:\AdwCleaner
2014-04-15 14:18 - 2014-04-15 14:19 - 01426178 _____ () C:\Users\Jen\Desktop\AdwCleaner.exe
2014-04-15 12:50 - 2014-04-15 12:50 - 00001994 _____ () C:\Users\Jen\Desktop\JRT.txt
2014-04-15 12:42 - 2014-04-15 12:42 - 01016261 _____ (Thisisu) C:\Users\Jen\Downloads\JRT.exe
2014-04-15 12:42 - 2014-04-15 12:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-15 12:20 - 2014-04-15 12:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 12:19 - 2014-04-15 12:41 - 00000000 ____D () C:\Users\Jen\Desktop\mbar
2014-04-15 12:19 - 2014-04-15 12:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jen\Downloads\mbar-1.07.0.1009.exe
2014-04-14 20:16 - 2014-04-14 20:16 - 00018490 _____ () C:\ComboFix.txt
2014-04-14 19:33 - 2014-04-14 19:33 - 05194807 ____R (Swearware) C:\Users\Jen\Desktop\ComboFix.exe
2014-04-14 19:33 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-14 19:33 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-14 19:33 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-14 19:20 - 2014-04-14 20:16 - 00000000 ____D () C:\Qoobox
2014-04-14 18:15 - 2014-04-14 18:15 - 00025915 _____ () C:\Users\Jen\Desktop\RKreport[0]_S_04142014_181536.txt
2014-04-14 18:11 - 2014-04-14 18:18 - 00000000 ____D () C:\Users\Jen\Desktop\RK_Quarantine
2014-04-14 18:11 - 2014-04-14 18:11 - 04527616 _____ () C:\Users\Jen\Downloads\RogueKillerX64.exe
2014-04-14 18:11 - 2014-04-14 18:11 - 00002266 _____ () C:\malware.txt
2014-04-14 18:10 - 2014-04-14 18:10 - 00002284 _____ () C:\Malwarebytes Anti-Malware.lnk
2014-04-14 17:49 - 2014-04-15 14:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 17:48 - 2014-04-15 12:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 17:48 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 17:45 - 2014-04-14 17:46 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\protected\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Nena.Our-CPU\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mel\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mcx1\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Jen\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\protected\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Nena.Our-CPU\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mel\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mcx1\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Jen\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-04-14 17:42 - 2014-04-14 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Jen\Downloads\erunt-setup.exe
2014-04-14 17:40 - 2014-04-14 17:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill(1).exe
2014-04-14 17:34 - 2014-04-14 18:20 - 00002438 _____ () C:\Users\Jen\Desktop\Rkill.txt
2014-04-14 17:34 - 2014-04-14 17:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill.exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill64.exe
2014-04-14 17:23 - 2014-04-14 17:23 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(3).exe
2014-04-14 17:22 - 2014-04-14 17:22 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(2).exe
2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-09 03:06 - 2014-03-07 21:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 03:06 - 2014-03-07 21:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 03:06 - 2014-03-07 20:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 03:06 - 2014-03-07 20:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 03:06 - 2014-03-07 20:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 03:06 - 2014-03-07 20:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 20:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 03:06 - 2014-03-07 20:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 20:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 20:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 20:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 20:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 03:06 - 2014-03-07 16:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 03:06 - 2014-03-07 16:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 03:06 - 2014-03-07 16:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 03:06 - 2014-03-07 16:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 03:06 - 2014-03-07 16:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 16:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 03:06 - 2014-03-07 16:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 03:06 - 2014-03-07 15:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 15:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 03:06 - 2014-03-07 15:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 15:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 03:06 - 2014-03-07 15:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 15:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 15:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-08 15:37 - 2014-02-05 21:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 15:37 - 2014-02-05 18:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:20 - 2014-04-15 15:36 - 00023662 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-07 20:20 - 2014-04-15 15:36 - 00000000 ____D () C:\FRST
2014-04-07 20:20 - 2014-04-07 20:27 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:35 - 2014-04-04 16:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:02 - 2014-04-01 13:03 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:08 - 2014-03-30 16:11 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-28 19:01 - 2014-03-28 19:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:20 - 2014-03-20 00:22 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize

==================== One Month Modified Files and Folders =======

2014-04-15 15:36 - 2014-04-07 20:20 - 00023662 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-15 15:36 - 2014-04-07 20:20 - 00000000 ____D () C:\FRST
2014-04-15 15:35 - 2014-04-15 15:34 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(4).exe
2014-04-15 15:34 - 2014-04-15 15:34 - 00000424 _____ () C:\Users\Jen\Desktop\eset.txt
2014-04-15 15:05 - 2013-10-18 14:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 15:03 - 2010-03-25 14:00 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 14:52 - 2009-01-16 08:07 - 01105909 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 14:49 - 2014-04-15 14:49 - 02347384 _____ (ESET) C:\Users\Jen\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:49 - 2014-04-15 14:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:48 - 2014-04-14 17:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 14:44 - 2010-03-25 14:00 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-15 14:44 - 2009-01-16 13:22 - 00000288 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-04-15 14:38 - 2006-11-02 08:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 14:38 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 14:38 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 14:37 - 2014-04-15 14:21 - 00000000 ____D () C:\AdwCleaner
2014-04-15 14:37 - 2006-11-02 08:42 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-15 14:19 - 2014-04-15 14:18 - 01426178 _____ () C:\Users\Jen\Desktop\AdwCleaner.exe
2014-04-15 12:50 - 2014-04-15 12:50 - 00001994 _____ () C:\Users\Jen\Desktop\JRT.txt
2014-04-15 12:42 - 2014-04-15 12:42 - 01016261 _____ (Thisisu) C:\Users\Jen\Downloads\JRT.exe
2014-04-15 12:42 - 2014-04-15 12:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-15 12:41 - 2014-04-15 12:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 12:41 - 2014-04-15 12:19 - 00000000 ____D () C:\Users\Jen\Desktop\mbar
2014-04-15 12:19 - 2014-04-15 12:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jen\Downloads\mbar-1.07.0.1009.exe
2014-04-15 12:19 - 2014-04-14 17:48 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:16 - 2012-09-10 23:45 - 00012637 _____ () C:\Windows\setupact.log
2014-04-14 20:16 - 2014-04-14 20:16 - 00018490 _____ () C:\ComboFix.txt
2014-04-14 20:16 - 2014-04-14 19:20 - 00000000 ____D () C:\Qoobox
2014-04-14 20:16 - 2009-08-11 15:08 - 00000000 ____D () C:\Users\Jen\AppData\Local\Apps\2.0
2014-04-14 20:15 - 2012-08-25 01:20 - 00000000 ___RD () C:\Users\protected\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2010-03-25 13:50 - 00000000 ___RD () C:\Users\Nena.Our-CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2010-03-25 13:48 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2009-01-26 15:27 - 00000000 ___RD () C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2009-01-24 18:10 - 00000000 ___RD () C:\Users\Nena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:12 - 2006-11-02 05:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-14 19:51 - 2006-11-02 08:21 - 00413776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-14 19:49 - 2012-08-23 15:07 - 00122422 _____ () C:\Windows\PFRO.log
2014-04-14 19:47 - 2013-07-09 22:25 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-04-14 19:33 - 2014-04-14 19:33 - 05194807 ____R (Swearware) C:\Users\Jen\Desktop\ComboFix.exe
2014-04-14 19:19 - 2012-09-24 14:37 - 05194807 _____ (Swearware) C:\Users\Jen\Downloads\ComboFix.exe
2014-04-14 18:20 - 2014-04-14 17:34 - 00002438 _____ () C:\Users\Jen\Desktop\Rkill.txt
2014-04-14 18:18 - 2014-04-14 18:11 - 00000000 ____D () C:\Users\Jen\Desktop\RK_Quarantine
2014-04-14 18:15 - 2014-04-14 18:15 - 00025915 _____ () C:\Users\Jen\Desktop\RKreport[0]_S_04142014_181536.txt
2014-04-14 18:11 - 2014-04-14 18:11 - 04527616 _____ () C:\Users\Jen\Downloads\RogueKillerX64.exe
2014-04-14 18:11 - 2014-04-14 18:11 - 00002266 _____ () C:\malware.txt
2014-04-14 18:10 - 2014-04-14 18:10 - 00002284 _____ () C:\Malwarebytes Anti-Malware.lnk
2014-04-14 17:49 - 2012-08-02 23:19 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\Malwarebytes
2014-04-14 17:48 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:48 - 2012-08-02 23:18 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 17:48 - 2012-08-02 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 17:46 - 2014-04-14 17:45 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-14 17:46 - 2012-09-07 08:26 - 00000000 ____D () C:\Windows\erdnt
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\protected\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Nena.Our-CPU\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mel\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mcx1\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Jen\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\protected\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Nena.Our-CPU\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mel\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mcx1\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Jen\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-04-14 17:43 - 2014-04-14 17:42 - 00791393 _____ (Lars Hederer ) C:\Users\Jen\Downloads\erunt-setup.exe
2014-04-14 17:40 - 2014-04-14 17:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill(1).exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill.exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill64.exe
2014-04-14 17:23 - 2014-04-14 17:23 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(3).exe
2014-04-14 17:22 - 2014-04-14 17:22 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(2).exe
2014-04-11 23:00 - 2009-01-23 23:38 - 00120000 _____ () C:\Users\Jen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-11 00:57 - 2013-10-21 12:58 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\SoftGrid Client
2014-04-11 00:20 - 2009-02-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 00:20 - 2009-01-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-11 00:19 - 2009-02-08 19:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-11 00:19 - 2006-11-02 08:07 - 00000000 ____D () C:\Windows\ShellNew
2014-04-11 00:17 - 2006-11-02 06:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-09 03:32 - 2006-11-02 05:46 - 00822840 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 03:05 - 2013-08-15 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2006-11-02 05:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-07 20:27 - 2014-04-07 20:20 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:36 - 2014-04-04 16:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-03 09:51 - 2014-04-14 17:48 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-08-02 23:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 03:02 - 2013-02-27 05:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 15:23 - 2012-08-30 10:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-04-01 15:23 - 2010-03-25 13:49 - 00120832 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 14:49 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:23 - 2012-09-23 19:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 13:06 - 2012-06-17 22:42 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:03 - 2014-04-01 13:02 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 13:03 - 2012-06-17 22:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:26 - 2009-01-16 13:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-30 16:11 - 2014-03-30 16:08 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-30 16:02 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\Help
2014-03-30 15:59 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\system
2014-03-29 01:14 - 2014-02-14 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-28 19:02 - 2014-03-28 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-27 06:58 - 2010-03-25 14:00 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 06:58 - 2010-03-25 14:00 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:22 - 2014-03-20 00:20 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize
2014-03-20 00:20 - 2009-01-23 23:34 - 00000000 ____D () C:\Users\Jen

Files to move or delete:
====================
C:\Users\Jen\AppData\Roaming\desktop.ini

Some content of TEMP:
====================
C:\Users\Jen\AppData\Local\temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-15 14:51

==================== End Of Log ============================

JustJen · April 15, 2014

Sorry I forgot to attach the last file.

Thanks again,

Jen

Addition.txt

AdvancedSetup · April 15, 2014

Please go to your Control Panel, Add/Remove and uninstall ALL versions of JAVA

Then run the following

Please download JavaRa-1.16 and save it to your computer.

Double click to open the zip file and then select all and choose Copy.
Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
Quit all browsers and other running applications.
Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
From the drop-down menu, choose English and click on Select.
JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next, please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.

fixlist.txt

JustJen · April 16, 2014

Here are the next two logs.

Thanks,

Jen

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-04-2014
Ran by Jen at 2014-04-15 17:13:06 Run:1
Running from C:\Users\Jen\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1001\User: Group Policy restriction detected <======= ATTENTION
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {CE7499E7-AF3C-4662-AC92-454212345DDB} - No File
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
C:\Users\Jen\AppData\Roaming\desktop.ini
C:\Users\Jen\AppData\Local\temp\Quarantine.exe
Task: {14B8E872-CA5A-4382-B37F-E2ECF69C0CC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-25] (Google Inc.)
Task: {6839D347-6140-49AE-908D-AD1BD758967E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-03-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:00811B66
AlternateDataStreams: C:\ProgramData\TEMP:02B823FE
AlternateDataStreams: C:\ProgramData\TEMP:06F77AFE
AlternateDataStreams: C:\ProgramData\TEMP:0DFE2AE1
AlternateDataStreams: C:\ProgramData\TEMP:102394C6
AlternateDataStreams: C:\ProgramData\TEMP:11FC043F
AlternateDataStreams: C:\ProgramData\TEMP:122B409D
AlternateDataStreams: C:\ProgramData\TEMP:126591AF
AlternateDataStreams: C:\ProgramData\TEMP:14FA5E46
AlternateDataStreams: C:\ProgramData\TEMP:19C3BC3A
AlternateDataStreams: C:\ProgramData\TEMP:1A8BB29B
AlternateDataStreams: C:\ProgramData\TEMP:1B8B59DB
AlternateDataStreams: C:\ProgramData\TEMP:1CE87230
AlternateDataStreams: C:\ProgramData\TEMP:1D6686D8
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:2686AB70
AlternateDataStreams: C:\ProgramData\TEMP:2B3CA77E
AlternateDataStreams: C:\ProgramData\TEMP:2B99FE60
AlternateDataStreams: C:\ProgramData\TEMP:2D69529A
AlternateDataStreams: C:\ProgramData\TEMP:31F2397C
AlternateDataStreams: C:\ProgramData\TEMP:33384BC0
AlternateDataStreams: C:\ProgramData\TEMP:33611CFB
AlternateDataStreams: C:\ProgramData\TEMP:3790BACD
AlternateDataStreams: C:\ProgramData\TEMP:37994DBE
AlternateDataStreams: C:\ProgramData\TEMP:38E2864F
AlternateDataStreams: C:\ProgramData\TEMP:3A6BC948
AlternateDataStreams: C:\ProgramData\TEMP:3BAD65EA
AlternateDataStreams: C:\ProgramData\TEMP:413E2927
AlternateDataStreams: C:\ProgramData\TEMP:4290D685
AlternateDataStreams: C:\ProgramData\TEMP:4363DE71
AlternateDataStreams: C:\ProgramData\TEMP:43982D5E
AlternateDataStreams: C:\ProgramData\TEMP:439E3411
AlternateDataStreams: C:\ProgramData\TEMP:471AD3D0
AlternateDataStreams: C:\ProgramData\TEMP:483AC68A
AlternateDataStreams: C:\ProgramData\TEMP:49EB0FDC
AlternateDataStreams: C:\ProgramData\TEMP:4AD2C54D
AlternateDataStreams: C:\ProgramData\TEMP:4EF94CF3
AlternateDataStreams: C:\ProgramData\TEMP:52E1DB1D
AlternateDataStreams: C:\ProgramData\TEMP:55C54F7C
AlternateDataStreams: C:\ProgramData\TEMP:56C17A93
AlternateDataStreams: C:\ProgramData\TEMP:57EE48CA
AlternateDataStreams: C:\ProgramData\TEMP:593E515D
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
AlternateDataStreams: C:\ProgramData\TEMP:5D9A374E
AlternateDataStreams: C:\ProgramData\TEMP:60A4BB64
AlternateDataStreams: C:\ProgramData\TEMP:625C7287
AlternateDataStreams: C:\ProgramData\TEMP:67BA17B9
AlternateDataStreams: C:\ProgramData\TEMP:6B86037F
AlternateDataStreams: C:\ProgramData\TEMP:6BD304B9
AlternateDataStreams: C:\ProgramData\TEMP:6FDE1666
AlternateDataStreams: C:\ProgramData\TEMP:7169BE62
AlternateDataStreams: C:\ProgramData\TEMP:76C56CCB
AlternateDataStreams: C:\ProgramData\TEMP:770A9BD8
AlternateDataStreams: C:\ProgramData\TEMP:80B291A7
AlternateDataStreams: C:\ProgramData\TEMP:89C2A42C
AlternateDataStreams: C:\ProgramData\TEMP:8BCF4DE2
AlternateDataStreams: C:\ProgramData\TEMP:8C81B36D
AlternateDataStreams: C:\ProgramData\TEMP:91486201
AlternateDataStreams: C:\ProgramData\TEMP:94124B85
AlternateDataStreams: C:\ProgramData\TEMP:966CEAE7
AlternateDataStreams: C:\ProgramData\TEMP:9950163C
AlternateDataStreams: C:\ProgramData\TEMP:9AE67195
AlternateDataStreams: C:\ProgramData\TEMP:9FB90B04
AlternateDataStreams: C:\ProgramData\TEMP:A4BF246C
AlternateDataStreams: C:\ProgramData\TEMP:A61A6FCC
AlternateDataStreams: C:\ProgramData\TEMP:A688EF17
AlternateDataStreams: C:\ProgramData\TEMP:A6CDBCAC
AlternateDataStreams: C:\ProgramData\TEMP:A73E7104
AlternateDataStreams: C:\ProgramData\TEMP:A97FF73C
AlternateDataStreams: C:\ProgramData\TEMP:AAB23F74
AlternateDataStreams: C:\ProgramData\TEMP:AEABFEC4
AlternateDataStreams: C:\ProgramData\TEMP:B3942462
AlternateDataStreams: C:\ProgramData\TEMP:BAC2F271
AlternateDataStreams: C:\ProgramData\TEMP:BB709C37
AlternateDataStreams: C:\ProgramData\TEMP:BBF60A29
AlternateDataStreams: C:\ProgramData\TEMP:C0A2E219
AlternateDataStreams: C:\ProgramData\TEMP:C3C72D5F
AlternateDataStreams: C:\ProgramData\TEMP:C74009E5
AlternateDataStreams: C:\ProgramData\TEMP:CEE4A457
AlternateDataStreams: C:\ProgramData\TEMP:D02FBAEC
AlternateDataStreams: C:\ProgramData\TEMP:D1AA075A
AlternateDataStreams: C:\ProgramData\TEMP:D2A5A561
AlternateDataStreams: C:\ProgramData\TEMP:D8134D8F
AlternateDataStreams: C:\ProgramData\TEMP:D95DAC38
AlternateDataStreams: C:\ProgramData\TEMP:DF2C953B
AlternateDataStreams: C:\ProgramData\TEMP:E07EA07E
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE
AlternateDataStreams: C:\ProgramData\TEMP:E6B1AD87
AlternateDataStreams: C:\ProgramData\TEMP:EA701346
AlternateDataStreams: C:\ProgramData\TEMP:ED810E46
AlternateDataStreams: C:\ProgramData\TEMP:EF4FB3C5
AlternateDataStreams: C:\ProgramData\TEMP:F2AF86D9
AlternateDataStreams: C:\ProgramData\TEMP:F3C5E5A0
AlternateDataStreams: C:\ProgramData\TEMP:F50F1555
AlternateDataStreams: C:\ProgramData\TEMP:F67AAFC5
AlternateDataStreams: C:\ProgramData\TEMP:F86D323F
AlternateDataStreams: C:\ProgramData\TEMP:FA322695
AlternateDataStreams: C:\ProgramData\TEMP:FC60E0F8
AlternateDataStreams: C:\Users\Jen\Downloads\Dawn0001.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Downloads\Dawn0002.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\Beatles - Here Comes The Sun.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Jen\Documents\Bobbie Vinton - Blue moon.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic0.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic1.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic2.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic3.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic4.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic5.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\CineMagic6.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\dvd cover.jwl:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\Jason Mraz - I'm Yours (2008 Version).mp3:TOC.WMV
AlternateDataStreams: C:\Users\Jen\Documents\MVI_0291.AVI:TOC.WMV
AlternateDataStreams: C:\Users\Jen\Documents\Slideshow.dmsm:Roxio EMC Stream
AlternateDataStreams: C:\Users\Jen\Documents\The Beatles - Beetles - Yesterday.mp3:TOC.WMV

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1006\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1735842367-3683112332-2081419092-1001\User => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CE7499E7-AF3C-4662-AC92-454212345DDB} => Value deleted successfully.
HKCR\CLSID\{CE7499E7-AF3C-4662-AC92-454212345DDB} => Key not found.
HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2 => Key deleted successfully.
C:\Windows\system32\npDeployJava1.dll => Moved successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2 => Key not found.
C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2 => Key not found.
C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll not found.
C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll not found.
C:\Users\Jen\AppData\Roaming\desktop.ini => Moved successfully.
C:\Users\Jen\AppData\Local\temp\Quarantine.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{14B8E872-CA5A-4382-B37F-E2ECF69C0CC1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14B8E872-CA5A-4382-B37F-E2ECF69C0CC1} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6839D347-6140-49AE-908D-AD1BD758967E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6839D347-6140-49AE-908D-AD1BD758967E} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\ProgramData\TEMP => ":00811B66" ADS removed successfully.
C:\ProgramData\TEMP => ":02B823FE" ADS removed successfully.
C:\ProgramData\TEMP => ":06F77AFE" ADS removed successfully.
C:\ProgramData\TEMP => ":0DFE2AE1" ADS removed successfully.
C:\ProgramData\TEMP => ":102394C6" ADS removed successfully.
C:\ProgramData\TEMP => ":11FC043F" ADS removed successfully.
C:\ProgramData\TEMP => ":122B409D" ADS removed successfully.
C:\ProgramData\TEMP => ":126591AF" ADS removed successfully.
C:\ProgramData\TEMP => ":14FA5E46" ADS removed successfully.
C:\ProgramData\TEMP => ":19C3BC3A" ADS removed successfully.
C:\ProgramData\TEMP => ":1A8BB29B" ADS removed successfully.
C:\ProgramData\TEMP => ":1B8B59DB" ADS removed successfully.
C:\ProgramData\TEMP => ":1CE87230" ADS removed successfully.
C:\ProgramData\TEMP => ":1D6686D8" ADS removed successfully.
C:\ProgramData\TEMP => ":22741C1F" ADS removed successfully.
C:\ProgramData\TEMP => ":2686AB70" ADS removed successfully.
C:\ProgramData\TEMP => ":2B3CA77E" ADS removed successfully.
C:\ProgramData\TEMP => ":2B99FE60" ADS removed successfully.
C:\ProgramData\TEMP => ":2D69529A" ADS removed successfully.
C:\ProgramData\TEMP => ":31F2397C" ADS removed successfully.
C:\ProgramData\TEMP => ":33384BC0" ADS removed successfully.
C:\ProgramData\TEMP => ":33611CFB" ADS removed successfully.
C:\ProgramData\TEMP => ":3790BACD" ADS removed successfully.
C:\ProgramData\TEMP => ":37994DBE" ADS removed successfully.
C:\ProgramData\TEMP => ":38E2864F" ADS removed successfully.
C:\ProgramData\TEMP => ":3A6BC948" ADS removed successfully.
C:\ProgramData\TEMP => ":3BAD65EA" ADS removed successfully.
C:\ProgramData\TEMP => ":413E2927" ADS removed successfully.
C:\ProgramData\TEMP => ":4290D685" ADS removed successfully.
C:\ProgramData\TEMP => ":4363DE71" ADS removed successfully.
C:\ProgramData\TEMP => ":43982D5E" ADS removed successfully.
C:\ProgramData\TEMP => ":439E3411" ADS removed successfully.
C:\ProgramData\TEMP => ":471AD3D0" ADS removed successfully.
C:\ProgramData\TEMP => ":483AC68A" ADS removed successfully.
C:\ProgramData\TEMP => ":49EB0FDC" ADS removed successfully.
C:\ProgramData\TEMP => ":4AD2C54D" ADS removed successfully.
C:\ProgramData\TEMP => ":4EF94CF3" ADS removed successfully.
C:\ProgramData\TEMP => ":52E1DB1D" ADS removed successfully.
C:\ProgramData\TEMP => ":55C54F7C" ADS removed successfully.
C:\ProgramData\TEMP => ":56C17A93" ADS removed successfully.
C:\ProgramData\TEMP => ":57EE48CA" ADS removed successfully.
C:\ProgramData\TEMP => ":593E515D" ADS removed successfully.
C:\ProgramData\TEMP => ":5D432CE3" ADS removed successfully.
C:\ProgramData\TEMP => ":5D9A374E" ADS removed successfully.
C:\ProgramData\TEMP => ":60A4BB64" ADS removed successfully.
C:\ProgramData\TEMP => ":625C7287" ADS removed successfully.
C:\ProgramData\TEMP => ":67BA17B9" ADS removed successfully.
C:\ProgramData\TEMP => ":6B86037F" ADS removed successfully.
C:\ProgramData\TEMP => ":6BD304B9" ADS removed successfully.
C:\ProgramData\TEMP => ":6FDE1666" ADS removed successfully.
C:\ProgramData\TEMP => ":7169BE62" ADS removed successfully.
C:\ProgramData\TEMP => ":76C56CCB" ADS removed successfully.
C:\ProgramData\TEMP => ":770A9BD8" ADS removed successfully.
C:\ProgramData\TEMP => ":80B291A7" ADS removed successfully.
C:\ProgramData\TEMP => ":89C2A42C" ADS removed successfully.
C:\ProgramData\TEMP => ":8BCF4DE2" ADS removed successfully.
C:\ProgramData\TEMP => ":8C81B36D" ADS removed successfully.
C:\ProgramData\TEMP => ":91486201" ADS removed successfully.
C:\ProgramData\TEMP => ":94124B85" ADS removed successfully.
C:\ProgramData\TEMP => ":966CEAE7" ADS removed successfully.
C:\ProgramData\TEMP => ":9950163C" ADS removed successfully.
C:\ProgramData\TEMP => ":9AE67195" ADS removed successfully.
C:\ProgramData\TEMP => ":9FB90B04" ADS removed successfully.
C:\ProgramData\TEMP => ":A4BF246C" ADS removed successfully.
C:\ProgramData\TEMP => ":A61A6FCC" ADS removed successfully.
C:\ProgramData\TEMP => ":A688EF17" ADS removed successfully.
C:\ProgramData\TEMP => ":A6CDBCAC" ADS removed successfully.
C:\ProgramData\TEMP => ":A73E7104" ADS removed successfully.
C:\ProgramData\TEMP => ":A97FF73C" ADS removed successfully.
C:\ProgramData\TEMP => ":AAB23F74" ADS removed successfully.
C:\ProgramData\TEMP => ":AEABFEC4" ADS removed successfully.
C:\ProgramData\TEMP => ":B3942462" ADS removed successfully.
C:\ProgramData\TEMP => ":BAC2F271" ADS removed successfully.
C:\ProgramData\TEMP => ":BB709C37" ADS removed successfully.
C:\ProgramData\TEMP => ":BBF60A29" ADS removed successfully.
C:\ProgramData\TEMP => ":C0A2E219" ADS removed successfully.
C:\ProgramData\TEMP => ":C3C72D5F" ADS removed successfully.
C:\ProgramData\TEMP => ":C74009E5" ADS removed successfully.
C:\ProgramData\TEMP => ":CEE4A457" ADS removed successfully.
C:\ProgramData\TEMP => ":D02FBAEC" ADS removed successfully.
C:\ProgramData\TEMP => ":D1AA075A" ADS removed successfully.
C:\ProgramData\TEMP => ":D2A5A561" ADS removed successfully.
C:\ProgramData\TEMP => ":D8134D8F" ADS removed successfully.
C:\ProgramData\TEMP => ":D95DAC38" ADS removed successfully.
C:\ProgramData\TEMP => ":DF2C953B" ADS removed successfully.
C:\ProgramData\TEMP => ":E07EA07E" ADS removed successfully.
C:\ProgramData\TEMP => ":E0AE69BE" ADS removed successfully.
C:\ProgramData\TEMP => ":E6B1AD87" ADS removed successfully.
C:\ProgramData\TEMP => ":EA701346" ADS removed successfully.
C:\ProgramData\TEMP => ":ED810E46" ADS removed successfully.
C:\ProgramData\TEMP => ":EF4FB3C5" ADS removed successfully.
C:\ProgramData\TEMP => ":F2AF86D9" ADS removed successfully.
C:\ProgramData\TEMP => ":F3C5E5A0" ADS removed successfully.
C:\ProgramData\TEMP => ":F50F1555" ADS removed successfully.
C:\ProgramData\TEMP => ":F67AAFC5" ADS removed successfully.
C:\ProgramData\TEMP => ":F86D323F" ADS removed successfully.
C:\ProgramData\TEMP => ":FA322695" ADS removed successfully.
C:\ProgramData\TEMP => ":FC60E0F8" ADS removed successfully.
C:\Users\Jen\Downloads\Dawn0001.jpg => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Downloads\Dawn0002.jpg => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\Beatles - Here Comes The Sun.mp3 => ":TOC.WMV" ADS removed successfully.
C:\Users\Jen\Documents\Bobbie Vinton - Blue moon.mp3 => ":TOC.WMV" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic0.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic1.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic2.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic3.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic4.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic5.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\CineMagic6.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\dvd cover.jwl => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\Jason Mraz - I'm Yours (2008 Version).mp3 => ":TOC.WMV" ADS removed successfully.
C:\Users\Jen\Documents\MVI_0291.AVI => ":TOC.WMV" ADS removed successfully.
C:\Users\Jen\Documents\Slideshow.dmsm => ":Roxio EMC Stream" ADS removed successfully.
C:\Users\Jen\Documents\The Beatles - Beetles - Yesterday.mp3 => ":TOC.WMV" ADS removed successfully.

The system needed a reboot.

==== End of Fixlog ====

avaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Apr 15 17:02:52 2014

Found and removed: C:\Program Files (x86)\Java\jre6

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

Found and removed: SOFTWARE\Classes\JavaPlugin.170_03

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

Found and removed: SOFTWARE\Classes\CLSID\{5852F5ED-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.7.0.0

------------------------------------

Finished reporting.

AdvancedSetup · April 16, 2014

Please Run TFC by OldTimer to clear temporary files:

Download TFC from here and save it to your desktop.
http://oldtimer.geekstogo.com/TFC.exe
Close any open programs and Internet browsers.
Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
Please be patient as clearing out temp files may take a while.
Once it completes you may be prompted to restart your computer, please do so.
Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

Then restart the computer and let me know how things are running now please.

Thanks

JustJen · April 16, 2014

I am still not able to play disks and now my audio won't work.

Jen

AdvancedSetup · April 16, 2014

We'll check on things. The computer was heavily infected and it's quite possible the DVD drive is simply no longer working but we'll see.

Please download Farbar Service Scanner and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Next, Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Devices
List Users, Partitions and Memory size.
List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.

JustJen · April 16, 2014

Here are the two logs.

Jen

Farbar Service Scanner Version: 25-02-2014
Ran by Jen (administrator) on 15-04-2014 at 22:43:27
Running from "C:\Users\Jen\Downloads"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2013-11-13 05:39] - [2013-09-03 19:31] - 0404992 ____A (Microsoft Corporation) 2BA159E1F9FD75F6A496742B20F1D9CF

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit

**** End of log ****

MiniToolBox by Farbar Version: 23-01-2014
Ran by Jen (administrator) on 15-04-2014 at 22:47:11
Running from "C:\Users\Jen\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Dell Wireless 1505 Draft 802.11n WLAN Mini-Card = Wireless Network Connection (Connected)
Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
add address name="Local Area Connection 2" address=169.254.193.1

popd
# End of IPv4 configuration

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Our-CPU
   Primary Dns Suffix . . . . . . . :
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
   Physical Address. . . . . . . . . : 00-23-4E-C0-28-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c0c8:82e5:ce76:dcd4%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, April 15, 2014 10:12:10 PM
   Lease Expires . . . . . . . . . . : Wednesday, April 16, 2014 10:32:27 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 201335630
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-02-5A-F7-00-21-70-44-DE-20
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-21-70-44-DE-20
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : isatap.{2F23932D-DF9C-47F4-AFE7-E7855F016713}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:34c0:19d8:3f57:fefa(Preferred)
   Link-local IPv6 Address . . . . . : fe80::34c0:19d8:3f57:fefa%10(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix . :
   Description . . . . . . . . . . . : isatap.{BC62BB9E-EBAF-4507-8D71-3AD90D89B2CA}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.1

Name:    google.com
Addresses: 2607:f8b0:4007:803::1005
      74.125.239.5
      74.125.239.6
      74.125.239.7
      74.125.239.8
      74.125.239.9
      74.125.239.14
      74.125.239.0
      74.125.239.1
      74.125.239.2
      74.125.239.3
      74.125.239.4

Pinging google.com [74.125.224.102] with 32 bytes of data:

Reply from 74.125.224.102: bytes=32 time=15ms TTL=53

Reply from 74.125.224.102: bytes=32 time=16ms TTL=53

Ping statistics for 74.125.224.102:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 15ms, Maximum = 16ms, Average = 15ms

Server: UnKnown
Address: 192.168.1.1

Name:    yahoo.com
Addresses: 98.139.183.24
      206.190.36.45
      98.138.253.109

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=66ms TTL=48

Reply from 206.190.36.45: bytes=32 time=65ms TTL=48

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 65ms, Maximum = 66ms, Average = 65ms

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
12 ...00 23 4e c0 28 61 ...... Dell Wireless 1505 Draft 802.11n WLAN Mini-Card
11 ...00 21 70 44 de 20 ...... Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
1 ........................... Software Loopback Interface 1
13 ...00 00 00 00 00 00 00 e0 isatap.{2F23932D-DF9C-47F4-AFE7-E7855F016713}
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
15 ...00 00 00 00 00 00 00 e0 6TO4 Adapter
16 ...00 00 00 00 00 00 00 e0 isatap.{BC62BB9E-EBAF-4507-8D71-3AD90D89B2CA}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.5     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1 255.255.255.255         On-link         127.0.0.1    306
127.255.255.255 255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.5    286
      192.168.1.5 255.255.255.255         On-link       192.168.1.5    286
    192.168.1.255 255.255.255.255         On-link       192.168.1.5    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.5    286
255.255.255.255 255.255.255.255         On-link         127.0.0.1    306
255.255.255.255 255.255.255.255         On-link       192.168.1.5    286
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
10     18 ::/0                     On-link
1    306 ::1/128                  On-link
10     18 2001::/32                On-link
10    266 2001:0:9d38:6ab8:34c0:19d8:3f57:fefa/128
                                    On-link
12    286 fe80::/64                On-link
10    266 fe80::/64                On-link
10    266 fe80::34c0:19d8:3f57:fefa/128
                                    On-link
12    286 fe80::c0c8:82e5:ce76:dcd4/128
                                    On-link
1    306 ff00::/8                 On-link
10    266 ff00::/8                 On-link
12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 16 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 17 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 18 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 19 C:\Windows\System32\wpclsp.dll [102912] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/15/2014 10:13:58 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 10:13:55 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 09:56:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 09:55:14 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 09:26:11 PM) (Source: Application Error) (User: )
Description: Faulting application TFC.exe, version 3.1.9.0, time stamp 0x2a425e19, faulting module RPCRT4.dll, version 6.0.6002.18882, time stamp 0x51dd2dc5, exception code 0xc0000005, fault offset 0x00029a44,
process id 0x13dc, application start time 0xTFC.exe0.

Error: (04/15/2014 05:44:31 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/15/2014 05:16:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 05:15:29 PM) (Source: CVHSVC) (User: )
Description: Information only.
Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 04:52:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/15/2014 03:35:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

System errors:
=============
Error: (04/15/2014 10:15:46 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/15/2014 10:15:46 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization Handler

Error: (04/15/2014 10:13:56 PM) (Source: Service Control Manager) (User: )
Description: 30000LeapFrog Connect Device Service

Error: (04/15/2014 09:56:35 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/15/2014 09:56:35 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization Handler

Error: (04/15/2014 09:50:53 PM) (Source: Service Control Manager) (User: )
Description: Adobe Acrobat Update Service1

Error: (04/15/2014 09:22:29 PM) (Source: Service Control Manager) (User: )
Description: ArcSoft Connect Daemon1

Error: (04/15/2014 05:59:19 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer CHARLIE-VAIO
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2F23932D-DF9C-47F4-AFE7-E7855F016713}.
The master browser is stopping or an election is being forced.

Error: (04/15/2014 05:16:51 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/15/2014 05:16:51 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization Handler

Microsoft Office Sessions:
=========================
Error: (04/15/2014 10:13:58 PM) (Source: CVHSVC)(User: )
Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 10:13:55 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 09:56:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 09:55:14 PM) (Source: CVHSVC)(User: )
Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 09:26:11 PM) (Source: Application Error)(User: )
Description: TFC.exe3.1.9.02a425e19RPCRT4.dll6.0.6002.1888251dd2dc5c000000500029a4413dc01cf592b78557e19

Error: (04/15/2014 05:44:31 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Jen\Downloads\esetsmartinstaller_enu.exe

Error: (04/15/2014 05:16:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2014 05:15:29 PM) (Source: CVHSVC)(User: )
Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.

Error: (04/15/2014 04:52:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Jen\Downloads\esetsmartinstaller_enu.exe

Error: (04/15/2014 03:35:36 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Jen\Downloads\esetsmartinstaller_enu.exe

CodeIntegrity Errors:
===================================
Date: 2014-04-15 17:45:13.558
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 17:45:13.292
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 17:45:13.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 17:45:12.765
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:40.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:40.084
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:39.816
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:39.545
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:39.271
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-04-15 15:36:39.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================

Canon MX880 series MP Drivers
CanoScan 9000F Scanner Driver
ccc-utility64 (Version: 2008.0728.2151.37274)
Dell Driver Download Manager (Version: 3.0.0.0)
Dell Wireless WLAN Card (Version: 4.102.15.61)
join.me (Version: 1.3.1.431)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.5.0216.0)
Microsoft Security Essentials (Version: 4.5.216.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Octoshape add-in for Adobe Flash Player
Pinnacle Video Driver (Version: 12.1.0.030)
Shared C Run-time for x64 (Version: 10.0.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Yahoo! BrowserPlus 2.8.1

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 8190.26 MB
Available physical RAM: 6409 MB
Total Pagefile: 16431.55 MB
Available Pagefile: 14586.16 MB
Total Virtual: 4095.88 MB
Available Virtual: 4000.39 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:450.7 GB) (Free:102.64 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:7.8 GB) NTFS

========================= Users: ========================================

User accounts for \\OUR-CPU

Administrator            Guest                    Jen
Mcx1                     Mel                      Nena
protected

========================= Minidump Files ==================================

**** End of log ****

AdvancedSetup · April 16, 2014

Okay getting late here but please run a new FRST scan and post back that log after first restarting the computer again. I'll check back on you sometime tomorrow.

Thanks

JustJen · April 16, 2014

Thank you again for taking the time to help me. I had no Idea my computer was so infected. When I first discovered the dvd problem, I tried a system restore but I had no restore points available to me so I knew I had more going on.

Jen

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Jen (administrator) on OUR-CPU on 15-04-2014 23:15:58
Running from C:\Users\Jen\Downloads
Windows Vista Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Windows\system32\AERTSr64.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(iWin Inc.) C:\Program Files (x86)\Pogo Games\PGMTrusted.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Western Digital Technologies, Inc.) C:\Windows\SysWOW64\WDBtnMgr.exe
(Yahoo! Inc) C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe
() C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Microsoft Corporation) C:\Program Files (x86)\Windows Calendar\wincal.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Farbar) C:\Users\Jen\Downloads\FRST64(3).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [182784 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [skytel] => Skytel.exe
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6431232 2008-07-18] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [1683456 2007-08-07] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [WD Button Manager] => WDBtnMgr.exe
HKLM-x32\...\Run: [YSearchProtection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe [244208 2008-05-24] (Sonic Solutions)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724536 2012-04-22] (Sony Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296 2008-05-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [eBook Library Launcher] => C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\eBook Library Launcher.exe [902504 2009-10-19] (Sony Corporation)
HKLM-x32\...\Run: [DMXLauncher] => C:\Program Files (x86)\Roxio\CinePlayer\DMXLauncher.exe [113136 2008-05-24] ()
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2005-09-23] (Adobe Systems Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1555968 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6276408 2011-08-22] (Yahoo! Inc.)
HKU\S-1-5-21-1735842367-3683112332-2081419092-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
Startup: C:\Users\RA Media Server\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5090116
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {2964F230-6750-4F92-8A6A-FC0FFD9B8656} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {DE83D8E5-54D8-4CE6-AAFD-AD7D0B8E4CCC} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - No File
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\SysWOW64\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9-x64 01 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 02 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 03 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 04 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 05 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 06 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 07 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 08 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Winsock: Catalog9-x64 19 C:\Windows\system32\wpclsp.dll [102912] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default
FF Homepage: rr.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.8.1 - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Extension: NoScript - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-09-24]
FF Extension: Adblock Plus - C:\Users\Jen\AppData\Roaming\Mozilla\Firefox\Profiles\tll4z1lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======

CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Jen\AppData\Local\Google\Chrome\Application\8.0.552.224\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.230.5) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java Platform SE 6 U23) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Oberon com adapter) - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files (x86)\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
CHR Plugin: (eBook Library) - C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
CHR Plugin: (Unity Player) - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.8.1) - C:\Users\Jen\AppData\Local\Yahoo!\BrowserPlus\2.8.1\Plugins\npybrowserplus_2.8.1.dll (Yahoo! Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2009-12-20] ()
R2 AERTFilters; C:\Windows\system32\AERTSr64.exe [86016 2008-07-18] (Andrea Electronics Corporation)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1239584 2013-02-25] (Fitbit, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474168 2012-04-22] (Sony Corporation)
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2008-05-24] (Sonic Solutions)
S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2008-05-24] (Sonic Solutions)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [1889792 2007-08-07] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [58496 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-20] (Microsoft Corporation)
S1 Beep; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 Msi_ssvawt; No ImagePath
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2008-07-21] (Windows ® Codename Longhorn DDK provider)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-15 22:47 - 2014-04-15 22:47 - 00026566 _____ () C:\Users\Jen\Desktop\Result.txt
2014-04-15 22:45 - 2014-04-15 22:45 - 00982016 _____ (Farbar) C:\Users\Jen\Desktop\MiniToolBox.exe
2014-04-15 22:43 - 2014-04-15 22:43 - 00002487 _____ () C:\Users\Jen\Downloads\FSS.txt
2014-04-15 22:42 - 2014-04-15 22:42 - 00409600 _____ (Farbar) C:\Users\Jen\Downloads\FSS.exe
2014-04-15 21:50 - 2014-04-15 21:50 - 00000000 ____D () C:\Users\Jen\AppData\Local\CrashDumps
2014-04-15 21:21 - 2014-04-15 21:21 - 00448512 _____ (OldTimer Tools) C:\Users\Jen\Downloads\TFC.exe
2014-04-15 17:11 - 2014-04-15 17:11 - 00008604 _____ () C:\Users\Jen\Downloads\fixlist(2).txt
2014-04-15 17:10 - 2014-04-15 17:10 - 00000557 _____ () C:\Users\Jen\Desktop\FRST64(3).exe - Shortcut.lnk
2014-04-15 17:09 - 2014-04-15 17:09 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(5).exe
2014-04-15 17:06 - 2014-04-15 17:06 - 00008604 _____ () C:\Users\Jen\Downloads\fixlist(1).txt
2014-04-15 17:05 - 2014-04-15 17:05 - 00008604 _____ () C:\Users\Jen\Desktop\fixlist.txt
2014-04-15 17:05 - 2014-04-15 17:05 - 00004415 _____ () C:\Users\Jen\Desktop\JavaRa.log
2014-04-15 17:02 - 2014-04-15 17:03 - 00004415 _____ () C:\JavaRa.log
2014-04-15 16:51 - 2014-04-15 16:53 - 00000000 ____D () C:\Users\Jen\Desktop\RemoveJava
2014-04-15 16:50 - 2014-04-15 16:50 - 00165483 _____ () C:\Users\Jen\Downloads\JavaRa-1.16-28-5-13.zip
2014-04-15 15:43 - 2014-04-15 15:43 - 00045629 _____ () C:\Users\Jen\Desktop\Addition.txt
2014-04-15 15:34 - 2014-04-15 15:35 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(4).exe
2014-04-15 15:34 - 2014-04-15 15:34 - 00000424 _____ () C:\Users\Jen\Desktop\eset.txt
2014-04-15 14:49 - 2014-04-15 14:49 - 02347384 _____ (ESET) C:\Users\Jen\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:49 - 2014-04-15 14:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:21 - 2014-04-15 14:37 - 00000000 ____D () C:\AdwCleaner
2014-04-15 14:18 - 2014-04-15 14:19 - 01426178 _____ () C:\Users\Jen\Desktop\AdwCleaner.exe
2014-04-15 12:50 - 2014-04-15 12:50 - 00001994 _____ () C:\Users\Jen\Desktop\JRT.txt
2014-04-15 12:42 - 2014-04-15 12:42 - 01016261 _____ (Thisisu) C:\Users\Jen\Downloads\JRT.exe
2014-04-15 12:42 - 2014-04-15 12:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-15 12:20 - 2014-04-15 12:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 12:19 - 2014-04-15 12:41 - 00000000 ____D () C:\Users\Jen\Desktop\mbar
2014-04-15 12:19 - 2014-04-15 12:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jen\Downloads\mbar-1.07.0.1009.exe
2014-04-14 20:16 - 2014-04-14 20:16 - 00018490 _____ () C:\ComboFix.txt
2014-04-14 19:33 - 2014-04-14 19:33 - 05194807 ____R (Swearware) C:\Users\Jen\Desktop\ComboFix.exe
2014-04-14 19:33 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-14 19:33 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-14 19:33 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-14 19:33 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-14 19:20 - 2014-04-14 20:16 - 00000000 ____D () C:\Qoobox
2014-04-14 18:15 - 2014-04-14 18:15 - 00025915 _____ () C:\Users\Jen\Desktop\RKreport[0]_S_04142014_181536.txt
2014-04-14 18:11 - 2014-04-14 18:18 - 00000000 ____D () C:\Users\Jen\Desktop\RK_Quarantine
2014-04-14 18:11 - 2014-04-14 18:11 - 04527616 _____ () C:\Users\Jen\Downloads\RogueKillerX64.exe
2014-04-14 18:11 - 2014-04-14 18:11 - 00002266 _____ () C:\malware.txt
2014-04-14 18:10 - 2014-04-14 18:10 - 00002284 _____ () C:\Malwarebytes Anti-Malware.lnk
2014-04-14 17:49 - 2014-04-15 22:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 17:48 - 2014-04-15 12:19 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 17:48 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 17:45 - 2014-04-14 17:46 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\protected\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Nena.Our-CPU\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mel\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mcx1\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Jen\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\protected\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Nena.Our-CPU\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mel\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mcx1\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Jen\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-04-14 17:42 - 2014-04-14 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Jen\Downloads\erunt-setup.exe
2014-04-14 17:40 - 2014-04-14 17:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill(1).exe
2014-04-14 17:34 - 2014-04-14 18:20 - 00002438 _____ () C:\Users\Jen\Desktop\Rkill.txt
2014-04-14 17:34 - 2014-04-14 17:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill.exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill64.exe
2014-04-14 17:23 - 2014-04-14 17:23 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(3).exe
2014-04-14 17:22 - 2014-04-14 17:22 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(2).exe
2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-09 03:06 - 2014-03-07 21:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-09 03:06 - 2014-03-07 21:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-09 03:06 - 2014-03-07 20:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-09 03:06 - 2014-03-07 20:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-09 03:06 - 2014-03-07 20:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-09 03:06 - 2014-03-07 20:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 20:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-09 03:06 - 2014-03-07 20:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-09 03:06 - 2014-03-07 20:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 20:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-09 03:06 - 2014-03-07 20:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 20:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 20:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 20:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-09 03:06 - 2014-03-07 16:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-09 03:06 - 2014-03-07 16:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-09 03:06 - 2014-03-07 16:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-09 03:06 - 2014-03-07 16:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 03:06 - 2014-03-07 16:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-09 03:06 - 2014-03-07 16:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-09 03:06 - 2014-03-07 16:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-09 03:06 - 2014-03-07 15:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-09 03:06 - 2014-03-07 15:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-09 03:06 - 2014-03-07 15:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-09 03:06 - 2014-03-07 15:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-09 03:06 - 2014-03-07 15:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-09 03:06 - 2014-03-07 15:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-09 03:06 - 2014-03-07 15:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-09 03:06 - 2014-03-07 15:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-08 15:37 - 2014-02-05 21:21 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 15:37 - 2014-02-05 18:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:20 - 2014-04-15 23:15 - 00019901 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-07 20:20 - 2014-04-15 23:15 - 00000000 ____D () C:\FRST
2014-04-07 20:20 - 2014-04-07 20:27 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:35 - 2014-04-04 16:36 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:02 - 2014-04-01 13:03 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:08 - 2014-03-30 16:11 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-28 19:01 - 2014-03-28 19:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:20 - 2014-03-20 00:22 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize

==================== One Month Modified Files and Folders =======

2014-04-15 23:19 - 2014-04-07 20:20 - 00019901 _____ () C:\Users\Jen\Downloads\FRST.txt
2014-04-15 23:15 - 2014-04-07 20:20 - 00000000 ____D () C:\FRST
2014-04-15 23:14 - 2009-01-16 13:22 - 00000288 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-04-15 23:13 - 2006-11-02 08:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-15 23:13 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 23:13 - 2006-11-02 08:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 23:12 - 2009-01-16 08:07 - 01140585 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 23:12 - 2006-11-02 08:42 - 00032590 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-15 23:05 - 2013-10-18 14:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 22:53 - 2014-04-14 17:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:47 - 2014-04-15 22:47 - 00026566 _____ () C:\Users\Jen\Desktop\Result.txt
2014-04-15 22:45 - 2014-04-15 22:45 - 00982016 _____ (Farbar) C:\Users\Jen\Desktop\MiniToolBox.exe
2014-04-15 22:43 - 2014-04-15 22:43 - 00002487 _____ () C:\Users\Jen\Downloads\FSS.txt
2014-04-15 22:42 - 2014-04-15 22:42 - 00409600 _____ (Farbar) C:\Users\Jen\Downloads\FSS.exe
2014-04-15 21:54 - 2012-08-23 15:07 - 00122852 _____ () C:\Windows\PFRO.log
2014-04-15 21:50 - 2014-04-15 21:50 - 00000000 ____D () C:\Users\Jen\AppData\Local\CrashDumps
2014-04-15 21:21 - 2014-04-15 21:21 - 00448512 _____ (OldTimer Tools) C:\Users\Jen\Downloads\TFC.exe
2014-04-15 17:21 - 2009-01-26 23:54 - 00000008 __RSH () C:\Users\Jen\ntuser.pol
2014-04-15 17:21 - 2009-01-23 23:34 - 00000000 ____D () C:\Users\Jen
2014-04-15 17:16 - 2012-09-20 03:02 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 17:13 - 2006-11-02 06:34 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-15 17:11 - 2014-04-15 17:11 - 00008604 _____ () C:\Users\Jen\Downloads\fixlist(2).txt
2014-04-15 17:10 - 2014-04-15 17:10 - 00000557 _____ () C:\Users\Jen\Desktop\FRST64(3).exe - Shortcut.lnk
2014-04-15 17:09 - 2014-04-15 17:09 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(5).exe
2014-04-15 17:06 - 2014-04-15 17:06 - 00008604 _____ () C:\Users\Jen\Downloads\fixlist(1).txt
2014-04-15 17:05 - 2014-04-15 17:05 - 00008604 _____ () C:\Users\Jen\Desktop\fixlist.txt
2014-04-15 17:05 - 2014-04-15 17:05 - 00004415 _____ () C:\Users\Jen\Desktop\JavaRa.log
2014-04-15 17:03 - 2014-04-15 17:02 - 00004415 _____ () C:\JavaRa.log
2014-04-15 17:02 - 2009-01-16 13:21 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-15 16:53 - 2014-04-15 16:51 - 00000000 ____D () C:\Users\Jen\Desktop\RemoveJava
2014-04-15 16:50 - 2014-04-15 16:50 - 00165483 _____ () C:\Users\Jen\Downloads\JavaRa-1.16-28-5-13.zip
2014-04-15 15:43 - 2014-04-15 15:43 - 00045629 _____ () C:\Users\Jen\Desktop\Addition.txt
2014-04-15 15:35 - 2014-04-15 15:34 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(4).exe
2014-04-15 15:34 - 2014-04-15 15:34 - 00000424 _____ () C:\Users\Jen\Desktop\eset.txt
2014-04-15 14:49 - 2014-04-15 14:49 - 02347384 _____ (ESET) C:\Users\Jen\Downloads\esetsmartinstaller_enu.exe
2014-04-15 14:49 - 2014-04-15 14:49 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-15 14:37 - 2014-04-15 14:21 - 00000000 ____D () C:\AdwCleaner
2014-04-15 14:19 - 2014-04-15 14:18 - 01426178 _____ () C:\Users\Jen\Desktop\AdwCleaner.exe
2014-04-15 12:50 - 2014-04-15 12:50 - 00001994 _____ () C:\Users\Jen\Desktop\JRT.txt
2014-04-15 12:42 - 2014-04-15 12:42 - 01016261 _____ (Thisisu) C:\Users\Jen\Downloads\JRT.exe
2014-04-15 12:42 - 2014-04-15 12:42 - 00000000 ____D () C:\Windows\ERUNT
2014-04-15 12:41 - 2014-04-15 12:20 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 12:41 - 2014-04-15 12:19 - 00000000 ____D () C:\Users\Jen\Desktop\mbar
2014-04-15 12:19 - 2014-04-15 12:19 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jen\Downloads\mbar-1.07.0.1009.exe
2014-04-15 12:19 - 2014-04-14 17:48 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 21:16 - 2012-09-10 23:45 - 00012637 _____ () C:\Windows\setupact.log
2014-04-14 20:16 - 2014-04-14 20:16 - 00018490 _____ () C:\ComboFix.txt
2014-04-14 20:16 - 2014-04-14 19:20 - 00000000 ____D () C:\Qoobox
2014-04-14 20:16 - 2009-08-11 15:08 - 00000000 ____D () C:\Users\Jen\AppData\Local\Apps\2.0
2014-04-14 20:15 - 2012-08-25 01:20 - 00000000 ___RD () C:\Users\protected\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2010-03-25 13:50 - 00000000 ___RD () C:\Users\Nena.Our-CPU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2010-03-25 13:48 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2009-01-26 15:27 - 00000000 ___RD () C:\Users\Mel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:15 - 2009-01-24 18:10 - 00000000 ___RD () C:\Users\Nena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-14 20:12 - 2006-11-02 05:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-14 19:51 - 2006-11-02 08:21 - 00413776 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-14 19:47 - 2013-07-09 22:25 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2014-04-14 19:33 - 2014-04-14 19:33 - 05194807 ____R (Swearware) C:\Users\Jen\Desktop\ComboFix.exe
2014-04-14 19:19 - 2012-09-24 14:37 - 05194807 _____ (Swearware) C:\Users\Jen\Downloads\ComboFix.exe
2014-04-14 18:20 - 2014-04-14 17:34 - 00002438 _____ () C:\Users\Jen\Desktop\Rkill.txt
2014-04-14 18:18 - 2014-04-14 18:11 - 00000000 ____D () C:\Users\Jen\Desktop\RK_Quarantine
2014-04-14 18:15 - 2014-04-14 18:15 - 00025915 _____ () C:\Users\Jen\Desktop\RKreport[0]_S_04142014_181536.txt
2014-04-14 18:11 - 2014-04-14 18:11 - 04527616 _____ () C:\Users\Jen\Downloads\RogueKillerX64.exe
2014-04-14 18:11 - 2014-04-14 18:11 - 00002266 _____ () C:\malware.txt
2014-04-14 18:10 - 2014-04-14 18:10 - 00002284 _____ () C:\Malwarebytes Anti-Malware.lnk
2014-04-14 17:49 - 2012-08-02 23:19 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\Malwarebytes
2014-04-14 17:48 - 2014-04-14 17:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 17:48 - 2012-08-02 23:18 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 17:48 - 2012-08-02 23:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 17:46 - 2014-04-14 17:45 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-04-14 17:46 - 2012-09-07 08:26 - 00000000 ____D () C:\Windows\erdnt
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\protected\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Nena.Our-CPU\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mel\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Mcx1\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Jen\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000765 _____ () C:\Users\Guest\Desktop\NTREGOPT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\protected\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Nena.Our-CPU\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mel\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Mcx1\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Jen\Desktop\ERUNT.lnk
2014-04-14 17:45 - 2014-04-14 17:45 - 00000746 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-04-14 17:43 - 2014-04-14 17:42 - 00791393 _____ (Lars Hederer ) C:\Users\Jen\Downloads\erunt-setup.exe
2014-04-14 17:40 - 2014-04-14 17:40 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill(1).exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill.exe
2014-04-14 17:34 - 2014-04-14 17:34 - 01057016 _____ (Bleeping Computer, LLC) C:\Users\Jen\Downloads\rkill64.exe
2014-04-14 17:23 - 2014-04-14 17:23 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(3).exe
2014-04-14 17:22 - 2014-04-14 17:22 - 02054144 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(2).exe
2014-04-11 23:00 - 2009-01-23 23:38 - 00120000 _____ () C:\Users\Jen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-11 00:57 - 2013-10-21 12:58 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\SoftGrid Client
2014-04-11 00:20 - 2009-02-08 19:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 00:20 - 2009-01-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-04-11 00:19 - 2009-02-08 19:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-11 00:19 - 2006-11-02 08:07 - 00000000 ____D () C:\Windows\ShellNew
2014-04-11 00:17 - 2006-11-02 06:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-11 00:00 - 2014-04-11 00:00 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64(1).exe
2014-04-09 03:32 - 2006-11-02 05:46 - 00822840 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-09 03:05 - 2013-08-15 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 03:01 - 2006-11-02 05:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 00:57 - 2014-04-09 00:57 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-04-07 20:27 - 2014-04-07 20:20 - 00045629 _____ () C:\Users\Jen\Downloads\Addition.txt
2014-04-07 20:26 - 2014-04-07 20:26 - 00042507 _____ () C:\Users\Jen\Desktop\FRST.txt
2014-04-07 20:19 - 2014-04-07 20:19 - 02157056 _____ (Farbar) C:\Users\Jen\Downloads\FRST64.exe
2014-04-07 20:16 - 2014-04-07 20:16 - 00134542 _____ () C:\Users\Jen\Desktop\CheckResults.txt
2014-04-07 20:15 - 2014-04-07 20:15 - 01673896 _____ (Malwarebytes Corporation) C:\Users\Jen\Downloads\mbam-check-2.1.0.0002.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00019513 _____ () C:\Users\Jen\Desktop\dds.txt
2014-04-07 20:12 - 2014-04-07 20:12 - 00013577 _____ () C:\Users\Jen\Desktop\attach.txt
2014-04-07 20:11 - 2014-04-07 20:11 - 00688992 ____R (Swearware) C:\Users\Jen\Downloads\dds.scr
2014-04-04 16:58 - 2014-04-04 16:58 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.LB.139320086585379642.2.1.Run.exe
2014-04-04 16:57 - 2014-04-04 16:57 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.139320086585379642.1.1.Run.exe
2014-04-04 16:36 - 2014-04-04 16:35 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-04-03 09:51 - 2014-04-14 17:48 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-08-02 23:18 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 03:02 - 2013-02-27 05:55 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 03:01 - 2012-11-03 14:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-01 15:23 - 2014-04-01 15:23 - 00000000 ____D () C:\Users\Guest\AppData\Local\Adobe
2014-04-01 15:23 - 2012-08-30 10:07 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Adobe
2014-04-01 15:23 - 2010-03-25 13:49 - 00120832 _____ () C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 14:49 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-01 13:39 - 2014-04-01 13:39 - 00347816 _____ (Microsoft Corporation) C:\Users\Jen\Downloads\MicrosoftFixit.dvd.RNP.147319815196114130.2.1.Run.exe
2014-04-01 13:23 - 2012-09-23 19:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-01 13:06 - 2012-06-17 22:42 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-01 13:05 - 2014-04-01 13:05 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2014-04-01 13:04 - 2014-04-01 13:04 - 00001750 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-04-01 13:03 - 2014-04-01 13:03 - 00000000 ____D () C:\Program Files\Canon
2014-04-01 13:03 - 2014-04-01 13:02 - 05529160 _____ () C:\Users\Jen\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-04-01 13:03 - 2012-06-17 22:36 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-04-01 12:37 - 2014-04-01 12:37 - 00006237 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.txt
2014-04-01 12:36 - 2014-04-01 12:36 - 00020078 _____ () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital.htm
2014-04-01 12:36 - 2014-04-01 12:36 - 00000000 ____D () C:\Users\Jen\Downloads\NAPA Autocare _ Automotive Financing - Go GE Capital_files
2014-03-31 11:43 - 2014-03-31 11:43 - 00000000 ____D () C:\Users\Jen\AppData\Roaming\AdobeUM
2014-03-30 16:28 - 2014-03-30 16:28 - 00001924 _____ () C:\Users\Public\Desktop\Adobe Acrobat 7.0 Professional.lnk
2014-03-30 16:27 - 2014-03-30 16:27 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 16:26 - 2009-01-16 13:25 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-30 16:11 - 2014-03-30 16:08 - 00000000 ____D () C:\acrobatINstall
2014-03-30 16:03 - 2014-03-30 16:03 - 00000376 _____ () C:\Windows\ODBC.INI
2014-03-30 16:02 - 2014-03-30 16:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft ActiveSync
2014-03-30 16:02 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\Help
2014-03-30 15:59 - 2006-11-02 06:33 - 00000000 ____D () C:\Windows\system
2014-03-29 01:14 - 2014-02-14 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-28 19:02 - 2014-03-28 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(4)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(3)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(2)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21(1)
2014-03-21 20:12 - 2014-03-21 20:12 - 00033857 _____ () C:\Users\Jen\Downloads\WILBORNTERESITA_Message_2014-03-21
2014-03-20 00:22 - 2014-03-20 00:20 - 00000000 ____D () C:\Users\Jen\Desktop\Bitwize

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-04-15 22:22

==================== End Of Log ============================

AdvancedSetup · April 16, 2014

Okay now that the computer has been cleaned up pretty well please visit the following link from Microsoft and run their Fixit Tool and see if it can correct your DVD issue.
Fix problems with CD or DVD drives that can’t read or write media

Let me know the results

JustJen · April 17, 2014

Sorry I had a busy day. I ran that scan and my drive still does not work. I won't be able to get a new one till next week. My sound works again.

Thanks,

Jen

AdvancedSetup · April 18, 2014

Well if that's not working then it does look like the drive may be bad. Let us know once you get a replacement.

AdvancedSetup · May 9, 2014

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

DVD not reading disks.

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information