Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2013.09.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Wilson Family :: WILSONFAMILY-PC [administrator]
9/5/2013 5:07:21 PM
mbam-log-2013-09-05 (17-07-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 248359
Time elapsed: 4 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Users\Wilson Family\Downloads\Setup.exe (PUP.Optional.IBryte) -> Quarantined and deleted successfully.
C:\Users\Wilson Family\Local Settings\Temporary Internet Files\Content.IE5\ZK0UMZVH\checker_20130826[1].exe (Trojan.Downloader.Agent) -> Quarantined and deleted successfully.
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/8/2013 11:40:38 PM
System Uptime: 9/5/2013 5:14:18 PM (4 hours ago)
.
Motherboard: Dell Inc. | | 0C2KJT
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 332 GiB total, 168.761 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 586 GiB total, 585.792 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MTP Bluetooth Device
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Standard MTP Device)
Name: MTP Bluetooth Device
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP107: 8/14/2013 3:01:21 AM - Windows Update
RP108: 8/18/2013 8:14:13 AM - Windows Update
RP109: 8/21/2013 9:44:44 PM - Windows Update
RP110: 8/24/2013 10:38:54 PM - Windows Update
RP111: 8/24/2013 11:20:37 PM - Windows Live Essentials
RP112: 8/24/2013 11:21:40 PM - Installed DirectX
RP113: 8/24/2013 11:22:05 PM - Installed DirectX
RP114: 8/24/2013 11:22:32 PM - Installed DirectX
RP115: 8/24/2013 11:24:16 PM - WLSetup
RP116: 8/24/2013 11:41:14 PM - Windows Update
RP117: 8/25/2013 1:51:26 PM - Installed MSXML 4.0 SP3 Parser
RP118: 8/28/2013 6:01:10 PM - Windows Update
RP119: 9/1/2013 11:27:45 AM - Windows Update
RP120: 9/4/2013 8:06:47 PM - Windows Update
RP121: 9/5/2013 4:08:13 PM - Installed MSXML 4.0 SP3 Parser
RP122: 9/5/2013 4:55:10 PM - Removed MSXML 4.0 SP2 (KB954430)
RP123: 9/5/2013 4:55:38 PM - Removed MSXML 4.0 SP2 (KB973688)
RP125: 9/5/2013 5:00:16 PM - Microsoft Antimalware Checkpoint
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcadesafari
Bonjour
Broadcom NetXtreme-I Netlink Driver and Management Installer
D3DX10
Dropbox
DW 1525 Driver Installation
Google Chrome
Google Update Helper
iCloud
ImgBurn
iTunes
Java 7 Update 25
Java 7 Update 25 (64-bit)
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Movie Maker
Mozilla Firefox 23.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
OpenAL
PDFCreator
Photo Common
Photo Gallery
QuickBooks
QuickBooks Premier: Retail Edition 2013
Revo Uninstaller 1.94
Secunia PSI (3.0.0.6005)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype™ 6.3
swMSM
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 2.0.8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WOT for Internet Explorer
XnView 2.04
.
==== Event Viewer Messages From Past Week ========
.
9/5/2013 5:20:07 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
9/5/2013 5:17:23 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/5/2013 5:17:23 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
9/5/2013 4:06:19 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {9E14B23B-5D8A-447F-B962-6D6D6897861E}. The error: "786" Happened while starting this command: "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgr.exe" -Embedding
9/2/2013 5:10:38 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ROUTER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CA1381DF-366E-48FD-8589-502F15D5AA28}. The master browser is stopping or an election is being forced.
9/2/2013 4:11:37 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} as /. The error: "786" Happened while starting this command: "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} -Embedding
8/29/2013 6:56:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.641.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by Wilson Family at 21:18:47 on 2013-09-05
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6007.4219 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [6067C2AC2210922E522273F2366461E9D62B57A2._service_run] "C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\1425259435D234546434 : DHCPNameServer = 24.116.0.53 24.116.2.50
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\24271636B6E697 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4124FCD-4933-47A5-BAED-F8259ABFECA1} : DHCPNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wilson Family\AppData\Roaming\Mozilla\Firefox\Profiles\bdoewn14.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Users\Wilson Family\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Wilson Family\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-8-24 57840]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-31 139616]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2013-3-11 1248256]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-16 321064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-10 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-10 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-12 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== Created Last 30 ================
.
2013-09-05 23:18:42262552----a-w-C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-05 23:02:20965008----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D99B234C-C9FA-4B28-BA7C-9CFB85A0BE09}\gapaengine.dll
2013-09-05 23:02:109515512----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89EAA539-4918-4C9D-A41C-28BFA75BE76C}\mpengine.dll
2013-09-05 18:23:30--------d-----w-C:\Program Files\iPod
2013-09-05 18:23:29--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-05 18:23:29--------d-----w-C:\Program Files (x86)\iTunes
2013-09-05 02:07:099515512----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-25 05:27:22--------d-----w-C:\Users\Wilson Family\Tracing
2013-08-25 05:25:53--------d-----w-C:\Windows\en
2013-08-25 05:25:21--------d-----w-C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-25 05:24:4057840----a-w-C:\Windows\System32\drivers\fssfltr.sys
2013-08-25 05:22:4677656----a-w-C:\Windows\System32\XAPOFX1_5.dll
2013-08-25 05:22:4674072----a-w-C:\Windows\SysWow64\XAPOFX1_5.dll
2013-08-25 05:22:46527192----a-w-C:\Windows\SysWow64\XAudio2_7.dll
2013-08-25 05:22:46518488----a-w-C:\Windows\System32\XAudio2_7.dll
2013-08-25 05:22:45276832----a-w-C:\Windows\System32\d3dx11_43.dll
2013-08-25 05:22:452526056----a-w-C:\Windows\System32\D3DCompiler_43.dll
2013-08-25 05:22:45248672----a-w-C:\Windows\SysWow64\d3dx11_43.dll
2013-08-25 05:22:452106216----a-w-C:\Windows\SysWow64\D3DCompiler_43.dll
2013-08-25 05:22:18523088----a-w-C:\Windows\System32\d3dx10_42.dll
2013-08-25 05:22:18453456----a-w-C:\Windows\SysWow64\d3dx10_42.dll
2013-08-25 05:21:544398360----a-w-C:\Windows\System32\d3dx9_32.dll
2013-08-25 05:21:543426072----a-w-C:\Windows\SysWow64\d3dx9_32.dll
2013-08-25 05:21:305659096-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\e2640f7f1cea15204\skydrivesetup.exe
2013-08-25 05:21:30--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
2013-08-25 05:21:30--------d-----r-C:\Users\Wilson Family\SkyDrive
2013-08-25 05:21:21--------d-----w-C:\ProgramData\Microsoft SkyDrive
2013-08-25 05:20:5889944-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\DSETUP.dll
2013-08-25 05:20:58537432-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\DXSETUP.exe
2013-08-25 05:20:581801048-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\dsetup32.dll
2013-08-25 05:20:54525656-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\DXSETUP.exe
2013-08-25 05:20:5394040-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\DSETUP.dll
2013-08-25 05:20:531691480-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\dsetup32.dll
2013-08-25 05:20:4689944-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\DSETUP.dll
2013-08-25 05:20:46537432-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\DXSETUP.exe
2013-08-25 05:20:461801048-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\dsetup32.dll
2013-08-25 05:20:36--------d-----w-C:\Users\Wilson Family\AppData\Local\Windows Live
2013-08-25 05:20:15--------d-----w-C:\Program Files (x86)\Common Files\Windows Live
2013-08-21 21:48:16--------d-----w-C:\Program Files\HP
2013-08-13 04:59:05108968----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-08-13 04:32:5096168----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-13 04:32:310----a-w-C:\Windows\SysWow64\REN713F.tmp
2013-08-13 04:32:310----a-w-C:\Windows\SysWow64\REN713E.tmp
2013-08-12 09:01:25--------d-----w-C:\Windows\System32\MRT
2013-08-12 05:03:52--------d-----w-C:\_OTL
2013-08-12 04:05:06--------d-sh--w-C:\$RECYCLE.BIN
2013-08-12 03:22:3798816----a-w-C:\Windows\sed.exe
2013-08-12 03:22:37256000----a-w-C:\Windows\PEV.exe
2013-08-12 03:22:37208896----a-w-C:\Windows\MBR.exe
.
==================== Find3M ====================
.
2013-08-13 04:58:56972712----a-w-C:\Windows\System32\deployJava1.dll
2013-08-13 04:58:561093032----a-w-C:\Windows\System32\npDeployJava1.dll
2013-08-13 04:32:44867240----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-08-13 04:32:44789416----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-07-25 09:25:541888768----a-w-C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:271620992----a-w-C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:422048----a-w-C:\Windows\System32\tzres.dll
2013-07-19 01:41:012048----a-w-C:\Windows\SysWow64\tzres.dll
2013-07-11 09:26:21692104----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-11 09:26:2071048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 06:03:305550528----a-w-C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:221732032----a-w-C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12243712----a-w-C:\Windows\System32\wow64.dll
2013-07-09 05:52:52224256----a-w-C:\Windows\System32\wintrust.dll
2013-07-09 05:51:161217024----a-w-C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20184320----a-w-C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:201472512----a-w-C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20139776----a-w-C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:343968960----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:343913664----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:471292192----a-w-C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33663552----a-w-C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:335120----a-w-C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10175104----a-w-C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:311166848----a-w-C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:0744032----a-w-C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:4225600----a-w-C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:417680----a-w-C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:3914336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:382048----a-w-C:\Windows\SysWow64\user.exe
2013-07-06 06:03:531910208----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-06-19 03:50:08247216----a-w-C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 03:50:08139616----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-15 04:32:1639936----a-w-C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 21:19:09.45 ===============
www.malwarebytes.org
Database version: v2013.09.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Wilson Family :: WILSONFAMILY-PC [administrator]
9/5/2013 5:07:21 PM
mbam-log-2013-09-05 (17-07-21).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 248359
Time elapsed: 4 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\Users\Wilson Family\Downloads\Setup.exe (PUP.Optional.IBryte) -> Quarantined and deleted successfully.
C:\Users\Wilson Family\Local Settings\Temporary Internet Files\Content.IE5\ZK0UMZVH\checker_20130826[1].exe (Trojan.Downloader.Agent) -> Quarantined and deleted successfully.
(end)
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/8/2013 11:40:38 PM
System Uptime: 9/5/2013 5:14:18 PM (4 hours ago)
.
Motherboard: Dell Inc. | | 0C2KJT
Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 332 GiB total, 168.761 GiB free.
D: is CDROM (UDF)
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is FIXED (NTFS) - 586 GiB total, 585.792 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: MTP Bluetooth Device
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Standard MTP Device)
Name: MTP Bluetooth Device
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP107: 8/14/2013 3:01:21 AM - Windows Update
RP108: 8/18/2013 8:14:13 AM - Windows Update
RP109: 8/21/2013 9:44:44 PM - Windows Update
RP110: 8/24/2013 10:38:54 PM - Windows Update
RP111: 8/24/2013 11:20:37 PM - Windows Live Essentials
RP112: 8/24/2013 11:21:40 PM - Installed DirectX
RP113: 8/24/2013 11:22:05 PM - Installed DirectX
RP114: 8/24/2013 11:22:32 PM - Installed DirectX
RP115: 8/24/2013 11:24:16 PM - WLSetup
RP116: 8/24/2013 11:41:14 PM - Windows Update
RP117: 8/25/2013 1:51:26 PM - Installed MSXML 4.0 SP3 Parser
RP118: 8/28/2013 6:01:10 PM - Windows Update
RP119: 9/1/2013 11:27:45 AM - Windows Update
RP120: 9/4/2013 8:06:47 PM - Windows Update
RP121: 9/5/2013 4:08:13 PM - Installed MSXML 4.0 SP3 Parser
RP122: 9/5/2013 4:55:10 PM - Removed MSXML 4.0 SP2 (KB954430)
RP123: 9/5/2013 4:55:38 PM - Removed MSXML 4.0 SP2 (KB973688)
RP125: 9/5/2013 5:00:16 PM - Microsoft Antimalware Checkpoint
.
==== Installed Programs ======================
.
7-Zip 9.20
7-Zip 9.20 (x64 edition)
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 12.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Arcadesafari
Bonjour
Broadcom NetXtreme-I Netlink Driver and Management Installer
D3DX10
Dropbox
DW 1525 Driver Installation
Google Chrome
Google Update Helper
iCloud
ImgBurn
iTunes
Java 7 Update 25
Java 7 Update 25 (64-bit)
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Movie Maker
Mozilla Firefox 23.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
OpenAL
PDFCreator
Photo Common
Photo Gallery
QuickBooks
QuickBooks Premier: Retail Edition 2013
Revo Uninstaller 1.94
Secunia PSI (3.0.0.6005)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype™ 6.3
swMSM
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VLC media player 2.0.8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WOT for Internet Explorer
XnView 2.04
.
==== Event Viewer Messages From Past Week ========
.
9/5/2013 5:20:07 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
9/5/2013 5:17:23 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
9/5/2013 5:17:23 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
9/5/2013 4:06:19 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {9E14B23B-5D8A-447F-B962-6D6D6897861E}. The error: "786" Happened while starting this command: "C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\QBMsgMgr.exe" -Embedding
9/2/2013 5:10:38 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ROUTER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{CA1381DF-366E-48FD-8589-502F15D5AA28}. The master browser is stopping or an election is being forced.
9/2/2013 4:11:37 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} as /. The error: "786" Happened while starting this command: "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /PhotoViewerComServer {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} -Embedding
8/29/2013 6:56:10 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.157.641.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9800.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660
Run by Wilson Family at 21:18:47 on 2013-09-05
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6007.4219 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [6067C2AC2210922E522273F2366461E9D62B57A2._service_run] "C:\Users\Wilson Family\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
StartupFolder: C:\Users\WILSON~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Wilson Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~2.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\QUICKB~1.LNK - C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\1425259435D234546434 : DHCPNameServer = 24.116.0.53 24.116.2.50
TCP: Interfaces\{CA1381DF-366E-48FD-8589-502F15D5AA28}\24271636B6E697 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F4124FCD-4933-47A5-BAED-F8259ABFECA1} : DHCPNameServer = 192.168.1.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [fssui] "C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe" -autorun
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll
x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Wilson Family\AppData\Roaming\Mozilla\Firefox\Profiles\bdoewn14.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Users\Wilson Family\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Users\Wilson Family\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-1-27 203776]
R2 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-8-24 57840]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-2-5 1512448]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-31 139616]
R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2013-3-11 1248256]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2009-10-16 321064]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-10 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-10 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-1-12 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
.
=============== Created Last 30 ================
.
2013-09-05 23:18:42262552----a-w-C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-09-05 23:02:20965008----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D99B234C-C9FA-4B28-BA7C-9CFB85A0BE09}\gapaengine.dll
2013-09-05 23:02:109515512----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89EAA539-4918-4C9D-A41C-28BFA75BE76C}\mpengine.dll
2013-09-05 18:23:30--------d-----w-C:\Program Files\iPod
2013-09-05 18:23:29--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-05 18:23:29--------d-----w-C:\Program Files (x86)\iTunes
2013-09-05 02:07:099515512----a-w-C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-25 05:27:22--------d-----w-C:\Users\Wilson Family\Tracing
2013-08-25 05:25:53--------d-----w-C:\Windows\en
2013-08-25 05:25:21--------d-----w-C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-25 05:24:4057840----a-w-C:\Windows\System32\drivers\fssfltr.sys
2013-08-25 05:22:4677656----a-w-C:\Windows\System32\XAPOFX1_5.dll
2013-08-25 05:22:4674072----a-w-C:\Windows\SysWow64\XAPOFX1_5.dll
2013-08-25 05:22:46527192----a-w-C:\Windows\SysWow64\XAudio2_7.dll
2013-08-25 05:22:46518488----a-w-C:\Windows\System32\XAudio2_7.dll
2013-08-25 05:22:45276832----a-w-C:\Windows\System32\d3dx11_43.dll
2013-08-25 05:22:452526056----a-w-C:\Windows\System32\D3DCompiler_43.dll
2013-08-25 05:22:45248672----a-w-C:\Windows\SysWow64\d3dx11_43.dll
2013-08-25 05:22:452106216----a-w-C:\Windows\SysWow64\D3DCompiler_43.dll
2013-08-25 05:22:18523088----a-w-C:\Windows\System32\d3dx10_42.dll
2013-08-25 05:22:18453456----a-w-C:\Windows\SysWow64\d3dx10_42.dll
2013-08-25 05:21:544398360----a-w-C:\Windows\System32\d3dx9_32.dll
2013-08-25 05:21:543426072----a-w-C:\Windows\SysWow64\d3dx9_32.dll
2013-08-25 05:21:305659096-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\e2640f7f1cea15204\skydrivesetup.exe
2013-08-25 05:21:30--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
2013-08-25 05:21:30--------d-----r-C:\Users\Wilson Family\SkyDrive
2013-08-25 05:21:21--------d-----w-C:\ProgramData\Microsoft SkyDrive
2013-08-25 05:20:5889944-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\DSETUP.dll
2013-08-25 05:20:58537432-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\DXSETUP.exe
2013-08-25 05:20:581801048-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\df8b1b421cea15203\dsetup32.dll
2013-08-25 05:20:54525656-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\DXSETUP.exe
2013-08-25 05:20:5394040-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\DSETUP.dll
2013-08-25 05:20:531691480-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\dae639ea1cea15202\dsetup32.dll
2013-08-25 05:20:4689944-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\DSETUP.dll
2013-08-25 05:20:46537432-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\DXSETUP.exe
2013-08-25 05:20:461801048-c--a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\d8a6efdd1cea15201\dsetup32.dll
2013-08-25 05:20:36--------d-----w-C:\Users\Wilson Family\AppData\Local\Windows Live
2013-08-25 05:20:15--------d-----w-C:\Program Files (x86)\Common Files\Windows Live
2013-08-21 21:48:16--------d-----w-C:\Program Files\HP
2013-08-13 04:59:05108968----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-08-13 04:32:5096168----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-13 04:32:310----a-w-C:\Windows\SysWow64\REN713F.tmp
2013-08-13 04:32:310----a-w-C:\Windows\SysWow64\REN713E.tmp
2013-08-12 09:01:25--------d-----w-C:\Windows\System32\MRT
2013-08-12 05:03:52--------d-----w-C:\_OTL
2013-08-12 04:05:06--------d-sh--w-C:\$RECYCLE.BIN
2013-08-12 03:22:3798816----a-w-C:\Windows\sed.exe
2013-08-12 03:22:37256000----a-w-C:\Windows\PEV.exe
2013-08-12 03:22:37208896----a-w-C:\Windows\MBR.exe
.
==================== Find3M ====================
.
2013-08-13 04:58:56972712----a-w-C:\Windows\System32\deployJava1.dll
2013-08-13 04:58:561093032----a-w-C:\Windows\System32\npDeployJava1.dll
2013-08-13 04:32:44867240----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-08-13 04:32:44789416----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-07-25 09:25:541888768----a-w-C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:271620992----a-w-C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58:422048----a-w-C:\Windows\System32\tzres.dll
2013-07-19 01:41:012048----a-w-C:\Windows\SysWow64\tzres.dll
2013-07-11 09:26:21692104----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-11 09:26:2071048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-09 06:03:305550528----a-w-C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:221732032----a-w-C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12243712----a-w-C:\Windows\System32\wow64.dll
2013-07-09 05:52:52224256----a-w-C:\Windows\System32\wintrust.dll
2013-07-09 05:51:161217024----a-w-C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20184320----a-w-C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:201472512----a-w-C:\Windows\System32\crypt32.dll
2013-07-09 05:46:20139776----a-w-C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:343968960----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:343913664----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:471292192----a-w-C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33663552----a-w-C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:335120----a-w-C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10175104----a-w-C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31140288----a-w-C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:311166848----a-w-C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31103936----a-w-C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:0744032----a-w-C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:4225600----a-w-C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:417680----a-w-C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:3914336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:382048----a-w-C:\Windows\SysWow64\user.exe
2013-07-06 06:03:531910208----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-06-19 03:50:08247216----a-w-C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 03:50:08139616----a-w-C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-15 04:32:1639936----a-w-C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 21:19:09.45 ===============