Inactive Subsystem Error "Image type not supported"

wisenblaker · Jul 17, 2013

I keep getting an error trying to open almost all programs on my lenovo running windows 7. I created a thread in the windows section and was told to try here as well. I installed a windows update about two weeks ago and became stuck in a startup loop that I thought I solved with a restore from a back up. However, I discovered this above error after attempting to open almost any program besides word and excel and such. I think it may be a malware issue and I would love any help that could be given. Thanks!

Broni · Jul 17, 2013

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==================================

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

wisenblaker · Jul 17, 2013

Hey there Broni, I followed another one of your posts similar to this up to the FRST.txt and realized it was going to be computer specific. Here is the Addition:

ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by Collin at 2013-07-17 20:59:36
Running from C:\Users\Collin\Desktop
Boot Mode: Normal
==========================================================

==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Akamai NetSession Interface (HKCU)
Apple Mobile Device Support (Version: 6.1.0.13)
AutoCAD 2013 - English (Version: 19.0.114.0)
AutoCAD 2013 - English (Version: 19.0.55.0)
AutoCAD 2013 - English SP1.1 (Version: 1)
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79)
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138)
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230)
Autodesk Simulation Multiphysics 2012 (Version: 2012.00.00.0163)
Autodesk Sync (Version: 3.5.102.0)
Bonjour (Version: 3.0.0.10)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DWG TrueView 2013 (Version: 19.0.55.0)
hematica Extras 9.0 (4092550) (Version: 9.0.1)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet 3050A J611 series Basic Device Software (Version: 23.0.504.0)
HP Deskjet 3510 series Basic Device Software (Version: 28.0.989.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
iCloud (Version: 2.1.2.8)
Intel PROSet Wireless
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (Version: 15.0.0.0059)
Intel(R) Wireless Display
Intel(R) Wireless Music device driver (Version: 1.5.5323.0)
Intel® PROSet/Wireless WiFi Software (Version: 15.00.0000.0642)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
iTunes (Version: 11.0.4.4)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
LEGO MINDSTORMS NXT x64 Driver (Version: 1.20.115.0)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.5.1.2300)
Lenovo OneKey Recovery (Version: 7.0.0.3712)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (Version: 8.0.52572)
MotioninJoy Gamepad tool 0.7.0000 (Version: 0.7.0000)
Network64 (Version: 130.0.572.000)
Network64 (Version: 140.0.221.000)
NI Assistant Framework 64-bit (Version: 7.5.127.0)
NI Authentication 2.0 (64-bit) (Version: 2.0.220.0)
NI Curl 1.1 (64-bit) (Version: 1.1.216.0)
NI DataSocket 4.9 (64-bit) (Version: 4.9.217.0)
NI GMP Windows 64-bit Installer 11.0.0 (Version: 11.0.22.0)
NI Help Assistant (64bit) (Version: 1.0.11)
NI LabVIEW Broker (64 bit) (Version: 6.8.10.0)
NI Logos64 5.3.0 (Version: 5.3.223.0)
NI Logos64 XT Support (Version: 5.3.222.0)
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0)
NI Math Kernel Libraries (64-bit) (Version: 1.0.5.0)
NI MAX Remote Configuration 64-bit Installer 5.0 (Version: 5.00.49153)
NI MAX Support for 64 Bit Windows (Version: 5.00.49153)
NI mDNS Responder 1.6 for Windows 64-bit (Version: 1.60.49155)
NI MXS 5.0.0 for 64 Bit Windows (Version: 5.00.49153)
NI Network Discovery 5.0 for Windows 64-bit (Version: 5.00.49152)
NI Portable Configuration for 64 Bit Windows 5.0.0 (Version: 5.00.49152)
NI SSL Support (64-bit) (Version: 10.0.297.0)
NI System API Windows 64-bit 5.0.0 (Version: 5.0.312.0)
NI System Configuration Runtime 5.0.0 for Windows 64-bit (Version: 5.0.361.0)
NI System State Publisher (64-bit) (Version: 11.0.306.0)
NI System Web Server Base 2.0 (64-bit) (Version: 2.0.215.0)
NI TDM Excel Add-In 3.3 64-bit (Version: 3.3.28.0)
NI TDMS (64-bit) (Version: 2.3.175.0)
NI Trace Engine (64-bit) (Version: 11.0.213.0)
NI USI 1.9.0 64-Bit (Version: 1.9.04551)
NI Variable Engine (64-bit) (Version: 2.5.242.0)
NI VC2005MSMs x64 (Version: 8.04.0)
NI VC2008MSMs x64 (Version: 9.0.301)
NI Web Application Server 2.0 (64-bit) (Version: 1.1.269.0)
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0)
NI Xalan Delay Load 1.10.1 64-bit (Version: 1.10.47.0)
NI Xerces Delay Load 2.7.3 64-bit (Version: 2.7.190.0)
NI-DAQmx/LabVIEW shared documentation for 64 Bit Windows 1.9.5 (Version: 1.95.49152)
NI-RPC 4.2.2f0 for 64 Bit Windows (Version: 4.22.49152)
NVIDIA Control Panel 306.97 (Version: 306.97)
NVIDIA Graphics Driver 306.97 (Version: 306.97)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA Optimus 1.10.8 (Version: 1.10.8)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Python 2.7.3 (64-bit) (Version: 2.7.3150)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 13.0)
SolidWorks 2012 x64 Edition SP02 (Version: 20.120.55)
SolidWorks eDrawings 2012 x64 Edition SP02 (Version: 12.2.110)
Synaptics Pointing Device Driver (Version: 15.3.38.0)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
VmciSockets (Version: 9.1.54.1)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

==================== Restore Points =========================

04-07-2013 05:00:00 Scheduled Checkpoint
13-07-2013 07:12:38 Windows Update
13-07-2013 11:29:34 Windows Update
14-07-2013 04:15:25 Windows Update
14-07-2013 04:34:41 Windows Update
17-07-2013 17:36:33 Windows Update

==================== Hosts content: ==========================

2009-07-13 21:34 - 2012-12-09 03:36 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01115868-8140-456C-9506-FA2372334D1F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {116458B3-344C-4AFE-9C6F-C49D26ABE773} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {13F04D83-F3A5-4581-A4B6-A767B5DAD7B7} - System32\Tasks\LAUNCH CDPCO => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe No File
Task: {1B2719E7-97D7-4548-8BA8-21ED6DD2CCB0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3976F64D-06FE-4D98-8AE8-0418DB39EB41} - System32\Tasks\AdobeAAMUpdater-1.0-Collin-PC-Collin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {3BE091D5-4B7F-4607-87C1-49ADF67DC84E} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe No File
Task: {533F15A3-9C09-4D97-AFBB-F530C8B5C379} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {803082DF-7689-46D6-99C2-BE65686D34E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {80B2920C-8FC2-4545-9408-F17D9FD92A08} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [2011-06-07] (National Instruments)
Task: {E009B097-8A77-409A-9F44-D931860E89B2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6300 series
Description: Officejet 6300 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6300 series
Description: Officejet 6300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.MapPI> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <> cannot be initialized.

Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <> cannot be initialized.

Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service) (User: )
Description: The plug-in manager <> cannot be initialized.

Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:57:43 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

System errors:
=============
Error: (07/17/2013 08:58:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 26 time(s).

Error: (07/17/2013 08:58:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (07/17/2013 08:57:43 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 25 time(s).

Error: (07/17/2013 08:57:43 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (07/17/2013 08:02:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 24 time(s).

Error: (07/17/2013 08:02:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (07/17/2013 08:00:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 23 time(s).

Error: (07/17/2013 08:00:01 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147218170.

Error: (07/17/2013 07:34:01 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{9eee80c7-aee5-11e1-88fc-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{40BF05FC-90EA-4E04-A833-370C757C1EA3}

Error: (07/17/2013 07:09:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 22 time(s).

Microsoft Office Sessions:
=========================
Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Search.JetPropStore

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)
Search.MapPI

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:58:22 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
(HRESULT : 0x800401f3) (0x800401f3)

Error: (07/17/2013 08:57:43 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06)

CodeIntegrity Errors:
===================================
Date: 2013-05-28 18:18:59.685
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-31 23:51:41.614
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-31 23:51:41.288
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 18:22:09.968
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 18:22:09.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 18:21:41.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-01 18:21:40.862
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-26 21:20:36.478
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-26 21:20:36.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2012-10-15 14:47:49.728
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 8094.36 MB
Available physical RAM: 6289.41 MB
Total Pagefile: 16186.89 MB
Available Pagefile: 13877.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:886.32 GB) (Free:660.81 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:21.68 GB) NTFS (Disk=0 Partition=3)
Drive e: (USB20FD) (Removable) (Total:14.92 GB) (Free:14.16 GB) FAT32 (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3B8DB40F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=20 GB) - (Type=12)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================

wisenblaker · Jul 17, 2013

And FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by Collin (administrator) on 17-07-2013 20:57:54
Running from C:\Users\Collin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Lenovo) C:\Windows\System32\NSDSvc.exe
(Quest Software) C:\Windows\system32\pnusbvirtualhubwssrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(McAfee, Inc.) c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Core\mchost.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-15] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-15] (Synaptics)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-06-05] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-06-05] (Lenovo)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [ooVoo.exe] - C:\program files (x86)\oovoo\oovoo.exe [25249400 2012-05-29] (ooVoo LLC)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Collin\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [846520 2010-06-21] ()
HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\I-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKCU\...\Run: [AdobeBridge] - [x]
HKLM-x32\...\Run: [YouCam Tray] - "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [vmware-tray] - "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [103536 2012-01-18] (VMware, Inc.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-06-05] (Lenovo)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-03-11] (Intel Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] - "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-01] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [NI Update Service] - "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask [3002976 2011-06-07] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM-x32\...\Run: [pnusbclitray] - pnusbclitray.exe [67480 2012-06-09] (Quest Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [39136 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [825560 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: [Power2GoExpress] - NA [x]
HKU\UpdatusUser\...\Run: [ooVoo.exe] - C:\program files (x86)\oovoo\oovoo.exe /minimized [25249400 2012-05-29] (ooVoo LLC)
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - "C:\Users\Collin\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\UpdatusUser\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033 [846520 2010-06-21] ()
HKU\UpdatusUser\...\Run: [iFunBoxConnector] - "C:\Program Files (x86)\I-Funbox DevTeam\ifb_conn.exe" [812544 2012-11-20] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-02] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

URLSearchHook: (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
URLSearchHook: (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={sear...SP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130713062807.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Plugin Update - {09942569-D515-42BE-9F5A-A439B20F91AB} - C:\Program Files (x86)\Plugin Update\uc.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130305164023.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Winsock: Catalog5 11 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 13 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog5-x64 11 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26328] (National Instruments Corporation)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default
FF user.js: detected! => C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default\user.js
FF SelectedSearchEngine: Search the web (Babylon)
FF Homepage: hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Collin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: BitTorrentControl_v12 - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [uc@uc.com] C:\Program Files (x86)\Plugin Update\FF\
FF Extension: No Name - C:\Program Files (x86)\Plugin Update\FF\

Chrome:
=======
CHR HomePage: hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
CHR RestoreOnStartup: "hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll (McAfee, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (National Instruments LabVIEW 2011 Netscape Plug-in for Windows) - C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 9.0 Netscape Plug-in for Windows) - C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll (National Instruments)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (BitTorrentControl_v12) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.19.11_0
CHR Extension: (Mahjongg) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegpopcingfghbompjfejakfeaolmbop\1.0.0.2_0
CHR Extension: () - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0
CHR Extension: (Ancient Dark) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkfcefhebalbhjgphdocdieolkkgffo\1.1_0
CHR Extension: () - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0
CHR Extension: (Apple Shooter) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingecjekeggadjbbklelffkgeppklgnm\4.0.0_0
CHR Extension: (Chrome Sounds) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkfibincabhfblmkmhcabnlghmncdcaf\1.1_0
CHR Extension: (Strike Force Heroes HD) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefnkbjjknfeplogkgdnnljnmobhgmnh\1.0.1_0
CHR Extension: (Happy Wheels) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp\13.2334.9140_0
CHR Extension: (Hack me!) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljpmlpgnjljcjikoimdifbklgebnpkej\6.0_0
CHR Extension: (Google I/O: input/output) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmphclbekipaojhpbkbofoioffecilh\1.3.3.7_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
S2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
S2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2011-06-14] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [68256 2011-05-27] (National Instruments Corporation)
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [362104 2011-06-14] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [194224 2011-06-01] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [121032 2011-06-10] (National Instruments Corporation)
S2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
S2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [676016 2011-06-14] (National Instruments Corporation)
R2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-23] (Lenovo)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-04-15] ()
R2 pnusbvirtualhubwssrv; C:\Windows\system32\pnusbvirtualhubwssrv.exe [473600 2013-03-03] (Quest Software)
S2 USTSScheduler; C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe [736648 2012-07-12] (US Tech Support LLC)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-23] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-21] (Lenovo Corporation)
R2 pnpnptool; C:\Windows\system32\Drivers\pnpnptool.sys [51736 2013-03-03] (Quest Software)
S3 pnusbd; C:\Windows\system32\Drivers\pnusbd.sys [37272 2013-03-03] (Quest Software)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U3 mfeavfk01; No ImagePath
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-17 20:57 - 2013-07-17 13:30 - 01778209 _____ (Farbar) C:\Users\Collin\Desktop\frst64.exe
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\FRST
2013-07-17 12:39 - 2013-07-17 12:40 - 00000000 ____D C:\Windows\system32\MRT
2013-07-13 19:42 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-13 19:42 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 02:21 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 02:21 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-13 02:21 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 02:21 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-06-29 14:28 - 2013-06-29 14:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll
2013-06-29 14:26 - 2013-06-29 14:26 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-06-29 13:17 - 2013-06-08 09:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-29 13:17 - 2013-06-08 09:07 - 19233792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-29 13:17 - 2013-06-08 07:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-29 13:17 - 2013-06-08 06:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 14327808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-29 13:17 - 2013-06-08 06:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== One Month Modified Files and Folders =======

2013-07-17 20:57 - 2012-06-21 19:16 - 01789019 _____ C:\FaceProv.log
2013-07-17 20:29 - 2012-09-05 18:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-17 20:15 - 2012-06-05 03:59 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-17 18:56 - 2012-06-05 03:11 - 01957893 _____ C:\Windows\WindowsUpdate.log
2013-07-17 18:52 - 2012-06-05 04:00 - 00584542 _____ C:\Windows\system32\fastboot.set
2013-07-17 18:52 - 2012-06-05 03:59 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\FRST
2013-07-17 14:40 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-17 14:40 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-17 14:33 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-17 14:33 - 2009-07-13 23:51 - 00086096 _____ C:\Windows\setupact.log
2013-07-17 13:30 - 2013-07-17 20:57 - 01778209 _____ (Farbar) C:\Users\Collin\Desktop\frst64.exe
2013-07-17 12:55 - 2009-07-13 23:45 - 05167856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-17 12:52 - 2011-10-10 03:19 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-17 12:40 - 2013-07-17 12:39 - 00000000 ____D C:\Windows\system32\MRT
2013-07-13 23:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-13 23:11 - 2012-11-04 15:08 - 00001728 _____ C:\Users\Collin\Documents\acad.err
2013-07-13 06:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 06:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-06-29 14:28 - 2013-06-29 14:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll
2013-06-29 14:26 - 2013-06-29 14:26 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-06-29 14:18 - 2012-06-05 03:25 - 00000000 ____D C:\Windows\SysWOW64\SDA
2013-06-29 14:18 - 2012-06-05 03:25 - 00000000 ____D C:\Program Files (x86)\LockKey
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\TAPI
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\IME
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
2013-06-29 14:17 - 2012-06-05 03:59 - 00000000 ____D C:\ProgramData\VeriFace
2013-06-29 14:17 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-06-29 14:16 - 2013-06-08 00:21 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-29 14:16 - 2013-04-16 20:37 - 00000000 ____D C:\Users\Collin\Downloads\photoshop
2013-06-29 14:16 - 2013-04-15 14:47 - 00000000 ____D C:\Users\Collin\Downloads\jtk374en
2013-06-29 14:16 - 2013-03-18 13:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-29 14:16 - 2012-12-07 02:44 - 00000000 ____D C:\Python27
2013-06-29 14:16 - 2012-11-12 23:15 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pepakura Designer 3
2013-06-29 14:16 - 2012-11-04 14:38 - 00000000 ____D C:\Users\Collin\AppData\Local\Akamai
2013-06-29 14:16 - 2012-10-26 14:00 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-06-29 14:16 - 2012-09-05 18:56 - 00000000 ____D C:\ProgramData\FLEXnet
2013-06-29 14:16 - 2012-09-04 04:45 - 00000000 ____D C:\Windows\Minidump
2013-06-29 14:16 - 2012-09-04 00:20 - 00000000 ____D C:\Users\Collin\AppData\Roaming\VMware
2013-06-29 14:16 - 2012-09-03 19:06 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-06-29 14:16 - 2012-09-03 19:05 - 00000000 ____D C:\Program Files\WinRAR
2013-06-29 14:16 - 2012-07-18 22:48 - 00000000 ____D C:\Users\Collin\Desktop\eclipse
2013-06-29 14:16 - 2012-06-27 23:13 - 00000000 ____D C:\Users\Collin\Desktop\Stronghold Crusader
2013-06-29 14:16 - 2012-06-27 23:07 - 00000000 ____D C:\ProgramData\Energy Management
2013-06-29 14:16 - 2012-06-22 21:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-29 14:16 - 2012-06-21 20:30 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-29 14:16 - 2012-06-21 20:27 - 00000000 ____D C:\Users\Collin\AppData\Local\Microsoft Help
2013-06-29 14:16 - 2012-06-21 19:18 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-06-29 14:16 - 2012-06-05 03:54 - 00000000 ____D C:\ProgramData\McAfee
2013-06-29 14:16 - 2012-06-05 03:25 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2013-06-29 14:16 - 2012-06-05 03:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-29 14:16 - 2011-10-10 03:19 - 00000000 ____D C:\Windows\ShellNew
2013-06-29 14:16 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\restore
2013-06-29 14:16 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-29 14:15 - 2013-06-08 00:21 - 00000000 ____D C:\Program Files\iTunes
2013-06-29 14:15 - 2013-06-08 00:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-29 14:15 - 2013-06-05 10:51 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-29 14:15 - 2013-03-18 13:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-29 14:15 - 2013-02-09 00:04 - 00000000 ____D C:\Program Files (x86)\Plugin Update
2013-06-29 14:15 - 2013-02-04 22:08 - 00000000 ____D C:\Program Files (x86)\I-Funbox DevTeam
2013-06-29 14:15 - 2013-01-14 15:26 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2013-06-29 14:15 - 2012-11-04 14:44 - 00000000 ____D C:\Program Files (x86)\DWG TrueView 2013
2013-06-29 14:15 - 2012-10-12 14:33 - 00000000 ____D C:\Program Files (x86)\RASAero
2013-06-29 14:15 - 2012-09-05 18:39 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-06-29 14:15 - 2012-08-28 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-29 14:15 - 2012-08-28 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-29 14:15 - 2012-06-22 21:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-29 14:15 - 2012-06-22 21:27 - 00000000 ____D C:\Program Files\Bonjour
2013-06-29 14:15 - 2012-06-22 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-29 14:15 - 2012-06-21 20:30 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-06-29 14:15 - 2012-06-05 03:55 - 00000000 ____D C:\Program Files (x86)\ooVoo
2013-06-29 14:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2013-06-29 14:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-06-29 13:56 - 2012-09-03 23:48 - 00000000 ____D C:\ProgramData\VMware
2013-06-29 13:54 - 2012-07-15 13:36 - 00000000 ____D C:\Program Files\McAfee
2013-06-29 11:32 - 2012-06-21 19:18 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-29 11:32 - 2012-06-21 19:16 - 00000000 ____D C:\Users\Collin
2013-06-24 00:57 - 2012-06-30 18:01 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-22 02:00 - 2012-08-28 20:14 - 00000000 ____D C:\Users\Collin\AppData\Local\Adobe
2013-06-21 19:48 - 2012-06-05 03:59 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-13 07:11

==================== End Of Log ============================

wisenblaker · Jul 17, 2013

Sorry...I didnt realize it was posting when I hit the post because I didnt see it edit...thats why theres all the periods

Broni · Jul 17, 2013

Any reason you posted FRST log 6 or 7 times?

It looks like we have one 32-bit system file missing:

C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.

Re-run FRST again.
Type the following in the edit box after "Search:".

svchost.exe

Click Search button and post the log (Search.txt) it makes in your reply.

wisenblaker · Jul 17, 2013

Sorry about that I couldn't tell it was posting it:/

Here's the search:

Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02
Ran by Collin at 2013-07-17 21:18:29
Running from C:\Users\Collin\Desktop
Boot Mode: Normal

================== Search: "svchost.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2009-07-13 18:31] - [2009-07-13 20:39] - 0027136 ____A (Microsoft Corporation) C78655BC80301D76ED4FEF1C1EA40A7D

C:\Windows\System32\svchost.exe
[2009-07-13 18:31] - [2009-07-13 20:39] - 0027136 ____A (Microsoft Corporation) C78655BC80301D76ED4FEF1C1EA40A7D

====== End Of Search ======

Broni · Jul 17, 2013

There is no backup for that file.
Let me fire up my Win 7.
Hold on...

Broni · Jul 17, 2013

Download my svchost.exe file from here: http://www.sendspace.com/file/m4llzz and paste to this folder:

C:\Windows\SysWOW64

Restart computer and see how it goes.

wisenblaker · Jul 18, 2013

OK so I restarted my computer and it tried to do an automatic windows update but failed and said it was reverting changes. Then it came up normal like it has been but still no luck with opening other programs.

Broni · Jul 18, 2013

One of my rules says:

Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.

Please comply.

Same error as before?
What programs?
Any program?

Post fresh FRST log.

wisenblaker · Jul 18, 2013

I dont know how to stop the automatic updates...is there a way to turn those off?
and same error as before with any program.

wisenblaker · Jul 18, 2013

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02
Ran by Collin (administrator) on 18-07-2013 19:17:45
Running from C:\Users\Collin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Lenovo) C:\Windows\System32\NSDSvc.exe
(Quest Software) C:\Windows\system32\pnusbvirtualhubwssrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Core\mchost.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-15] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-15] (Synaptics)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-06-05] (Lenovo)
HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-06-05] (Lenovo)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [ooVoo.exe] - C:\program files (x86)\oovoo\oovoo.exe [25249400 2012-05-29] (ooVoo LLC)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Collin\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe [846520 2010-06-21] ()
HKCU\...\Run: [iFunBoxConnector] - C:\Program Files (x86)\I-Funbox DevTeam\ifb_conn.exe [812544 2012-11-20] ()
HKCU\...\Run: [AdobeBridge] - [x]
HKLM-x32\...\Run: [YouCam Tray] - "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [228448 2011-01-29] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] - "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe" [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [vmware-tray] - "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [103536 2012-01-18] (VMware, Inc.)
HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-06-05] (Lenovo)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-03-11] (Intel Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] - "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [222504 2010-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] - "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1532992 2013-03-13] (McAfee, Inc.)
HKLM-x32\...\Run: [LockKey] - C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [Intelligent Touchpad] - C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] - "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263512 2012-11-01] ()
HKLM-x32\...\Run: [hpqSRMon] - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [NI Update Service] - "C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe" -startupTask [3002976 2011-06-07] (National Instruments)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [x]
HKLM-x32\...\Run: [pnusbclitray] - pnusbclitray.exe [67480 2012-06-09] (Quest Software)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [39136 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [825560 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\UpdatusUser\...\Run: [Power2GoExpress] - NA [x]
HKU\UpdatusUser\...\Run: [ooVoo.exe] - C:\program files (x86)\oovoo\oovoo.exe /minimized [25249400 2012-05-29] (ooVoo LLC)
HKU\UpdatusUser\...\Run: [Akamai NetSession Interface] - "C:\Users\Collin\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\UpdatusUser\...\Run: [NIRegistrationWizard] - C:\Program Files (x86)\National Instruments\Shared\RegistrationWizard\Bin\RegistrationWizard.exe -autoDiscover 1 -displayIfNoneFound 0 -displayRegisterOptions 1 -sleepIfNoneFound 0 -locale 1033 [846520 2010-06-21] ()
HKU\UpdatusUser\...\Run: [iFunBoxConnector] - "C:\Program Files (x86)\I-Funbox DevTeam\ifb_conn.exe" [812544 2012-11-20] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll [247144 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-02] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

URLSearchHook: (No Name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - No File
URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
URLSearchHook: (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://isearch.babylon.com/?q={sear...SP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Plugin Update - {09942569-D515-42BE-9F5A-A439B20F91AB} - C:\Program Files (x86)\Plugin Update\uc.dll ()
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
Winsock: Catalog5 11 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [24280] (National Instruments Corporation)
Winsock: Catalog9 12 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog9 13 %SystemRoot%\system32\vsocklib.dll [63088] (VMware, Inc.)
Winsock: Catalog5-x64 11 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [26328] (National Instruments Corporation)
Winsock: Catalog9-x64 12 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Winsock: Catalog9-x64 13 %SystemRoot%\system32\vsocklib.dll [67184] (VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default
FF user.js: detected! => C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default\user.js
FF SelectedSearchEngine: Search the web (Babylon)
FF Homepage: hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4092550\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: No Name - C:\Users\Collin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: BitTorrentControl_v12 - C:\Users\Collin\AppData\Roaming\Mozilla\Firefox\Profiles\p7zshopm.default\Extensions\{b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [uc@uc.com] C:\Program Files (x86)\Plugin Update\FF\
FF Extension: No Name - C:\Program Files (x86)\Plugin Update\FF\

Chrome:
=======
CHR HomePage: hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28
CHR RestoreOnStartup: "hxxp://isearch.babylon.com/?affID=116223&tt=4612_6&babsrc=HP_ss&mntrId=e075f4fe000000000000dc0ea1f3fb28"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google

riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll (McAfee, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (National Instruments LabVIEW 2011 Netscape Plug-in for Windows) - C:\Program Files (x86)\Mozilla Firefox\plugins\nplv2011win32.dll (National Instruments)
CHR Plugin: (National Instruments LabVIEW 9.0 Netscape Plug-in for Windows) - C:\Program Files (x86)\Mozilla Firefox\plugins\nplv90win32.dll (National Instruments)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (BitTorrentControl_v12) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf\2.3.19.11_0
CHR Extension: (Mahjongg) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegpopcingfghbompjfejakfeaolmbop\1.0.0.2_0
CHR Extension: () - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0
CHR Extension: (Ancient Dark) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flkfcefhebalbhjgphdocdieolkkgffo\1.1_0
CHR Extension: () - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0
CHR Extension: (Apple Shooter) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingecjekeggadjbbklelffkgeppklgnm\4.0.0_0
CHR Extension: (Chrome Sounds) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkfibincabhfblmkmhcabnlghmncdcaf\1.1_0
CHR Extension: (Strike Force Heroes HD) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefnkbjjknfeplogkgdnnljnmobhgmnh\1.0.1_0
CHR Extension: (Happy Wheels) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljdngafdeknonigdklkdlolkefpigejp\13.2334.9140_0
CHR Extension: (Hack me!) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljpmlpgnjljcjikoimdifbklgebnpkej\6.0_0
CHR Extension: (Google I/O: input/output) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmphclbekipaojhpbkbofoioffecilh\1.3.3.7_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Battlefield Play4Free) - C:\Users\Collin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0

==================== Services (Whitelisted) =================

S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-01] (Broadcom Corporation.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2010-10-27] (National Instruments, Inc.)
S2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [46192 2011-06-14] (National Instruments Corporation)
S2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [56952 2011-06-14] (National Instruments Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
S2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2011-06-14] (National Instruments Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 NIApplicationWebServer; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [50336 2011-05-27] (National Instruments Corporation)
S4 NIApplicationWebServer64; C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [68256 2011-05-27] (National Instruments Corporation)
S2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [362104 2011-06-14] (National Instruments Corporation)
S3 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1427688 2010-08-02] (Macrovision Corporation)
S2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [194224 2011-06-01] (National Instruments Corporation)
S2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [121032 2011-06-10] (National Instruments Corporation)
S2 niSvcLoc; C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe [50328 2011-05-27] (National Instruments Corporation)
S2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [676016 2011-06-14] (National Instruments Corporation)
R2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-23] (Lenovo)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-04-15] ()
R2 pnusbvirtualhubwssrv; C:\Windows\system32\pnusbvirtualhubwssrv.exe [473600 2013-03-03] (Quest Software)
S2 USTSScheduler; C:\Program Files (x86)\USTechSupport\SchedulerService\SchedulerService.exe [736648 2012-07-12] (US Tech Support LLC)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [11839488 2012-01-18] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-01] (Broadcom Corporation.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-23] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-21] (Lenovo Corporation)
R2 pnpnptool; C:\Windows\system32\Drivers\pnpnptool.sys [51736 2013-03-03] (Quest Software)
S3 pnusbd; C:\Windows\system32\Drivers\pnusbd.sys [37272 2013-03-03] (Quest Software)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
U3 BcmSqlStartupSvc;
U2 CLKMSVC10_3A60B698;
U2 CLKMSVC10_C3B3B687;
U2 DriverService;
U2 iATAgentService;
U2 idealife Update Service;
U3 IGRS;
U2 IviRegMgr;
U3 mfeavfk01; No ImagePath
U2 Oasis2Service;
U2 PCCarerService;
U2 ReadyComm.DirectRouter;
U2 RichVideo;
U2 RtLedService;
U2 SeaPort;
U2 SoftwareService;
U3 SQLWriter;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-07-18 09:06 - 2013-07-18 09:05 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-07-17 21:18 - 2013-07-17 21:19 - 00000635 _____ C:\Users\Collin\Desktop\Search.txt
2013-07-17 20:59 - 2013-07-17 20:59 - 00023444 _____ C:\Users\Collin\Desktop\Addition.txt
2013-07-17 20:57 - 2013-07-17 13:30 - 01778209 _____ (Farbar) C:\Users\Collin\Desktop\frst64.exe
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\FRST
2013-07-17 12:39 - 2013-07-17 12:40 - 00000000 ____D C:\Windows\system32\MRT
2013-07-13 19:42 - 2013-04-09 18:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-13 19:42 - 2013-04-02 17:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-13 02:21 - 2013-06-04 01:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-13 02:21 - 2013-06-03 23:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-13 02:21 - 2013-05-06 01:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-13 02:21 - 2013-05-05 23:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-06-29 14:28 - 2013-06-29 14:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll
2013-06-29 14:26 - 2013-06-29 14:26 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-06-29 13:17 - 2013-06-08 09:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-06-29 13:17 - 2013-06-08 09:07 - 19233792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 02648064 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-06-29 13:17 - 2013-06-08 09:06 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-06-29 13:17 - 2013-06-08 07:28 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-06-29 13:17 - 2013-06-08 06:42 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 14327808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-29 13:17 - 2013-06-08 06:40 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-29 13:17 - 2013-06-08 06:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

==================== One Month Modified Files and Folders =======

2013-07-18 19:17 - 2012-06-21 19:16 - 01796128 _____ C:\FaceProv.log
2013-07-18 19:15 - 2012-06-05 03:59 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-18 19:04 - 2012-09-05 18:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-18 09:29 - 2012-06-05 03:11 - 01173252 _____ C:\Windows\WindowsUpdate.log
2013-07-18 09:26 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-18 09:26 - 2009-07-13 23:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-18 09:24 - 2012-06-05 04:00 - 00971760 _____ C:\Windows\system32\fastboot.set
2013-07-18 09:24 - 2012-06-05 03:59 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-18 09:19 - 2011-10-10 03:19 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-18 09:18 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-18 09:18 - 2009-07-13 23:51 - 00086264 _____ C:\Windows\setupact.log
2013-07-18 09:18 - 2009-07-13 23:45 - 05167856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 09:05 - 2013-07-18 09:06 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
2013-07-17 21:19 - 2013-07-17 21:18 - 00000635 _____ C:\Users\Collin\Desktop\Search.txt
2013-07-17 20:59 - 2013-07-17 20:59 - 00023444 _____ C:\Users\Collin\Desktop\Addition.txt
2013-07-17 17:09 - 2013-07-17 17:09 - 00000000 ____D C:\FRST
2013-07-17 13:30 - 2013-07-17 20:57 - 01778209 _____ (Farbar) C:\Users\Collin\Desktop\frst64.exe
2013-07-17 12:40 - 2013-07-17 12:39 - 00000000 ____D C:\Windows\system32\MRT
2013-07-13 23:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-13 23:11 - 2012-11-04 15:08 - 00001728 _____ C:\Users\Collin\Documents\acad.err
2013-07-13 06:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-13 06:44 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-06-29 14:28 - 2013-06-29 14:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscat32.dll
2013-06-29 14:26 - 2013-06-29 14:26 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-06-29 14:18 - 2012-06-05 03:25 - 00000000 ____D C:\Windows\SysWOW64\SDA
2013-06-29 14:18 - 2012-06-05 03:25 - 00000000 ____D C:\Program Files (x86)\LockKey
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\TAPI
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\InstallShield
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\servicing
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\IME
2013-06-29 14:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Cursors
2013-06-29 14:17 - 2012-06-05 03:59 - 00000000 ____D C:\ProgramData\VeriFace
2013-06-29 14:17 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 __RSD C:\Windows\Media
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\th-TH
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sr-Latn-CS
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ro-RO
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\hr-HR
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\he-IL
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\et-EE
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\bg-BG
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-06-29 14:17 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-06-29 14:16 - 2013-06-08 00:21 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-29 14:16 - 2013-04-16 20:37 - 00000000 ____D C:\Users\Collin\Downloads\photoshop
2013-06-29 14:16 - 2013-04-15 14:47 - 00000000 ____D C:\Users\Collin\Downloads\jtk374en
2013-06-29 14:16 - 2013-03-18 13:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-06-29 14:16 - 2012-12-07 02:44 - 00000000 ____D C:\Python27
2013-06-29 14:16 - 2012-11-12 23:15 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pepakura Designer 3
2013-06-29 14:16 - 2012-11-04 14:38 - 00000000 ____D C:\Users\Collin\AppData\Local\Akamai
2013-06-29 14:16 - 2012-10-26 14:00 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-06-29 14:16 - 2012-09-05 18:56 - 00000000 ____D C:\ProgramData\FLEXnet
2013-06-29 14:16 - 2012-09-04 04:45 - 00000000 ____D C:\Windows\Minidump
2013-06-29 14:16 - 2012-09-04 00:20 - 00000000 ____D C:\Users\Collin\AppData\Roaming\VMware
2013-06-29 14:16 - 2012-09-03 19:06 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-06-29 14:16 - 2012-09-03 19:05 - 00000000 ____D C:\Program Files\WinRAR
2013-06-29 14:16 - 2012-07-18 22:48 - 00000000 ____D C:\Users\Collin\Desktop\eclipse
2013-06-29 14:16 - 2012-06-27 23:13 - 00000000 ____D C:\Users\Collin\Desktop\Stronghold Crusader
2013-06-29 14:16 - 2012-06-27 23:07 - 00000000 ____D C:\ProgramData\Energy Management
2013-06-29 14:16 - 2012-06-22 21:28 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-06-29 14:16 - 2012-06-21 20:30 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2013-06-29 14:16 - 2012-06-21 20:27 - 00000000 ____D C:\Users\Collin\AppData\Local\Microsoft Help
2013-06-29 14:16 - 2012-06-21 19:18 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-06-29 14:16 - 2012-06-21 19:16 - 00000000 ____D C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2013-06-29 14:16 - 2012-06-05 03:54 - 00000000 ____D C:\ProgramData\McAfee
2013-06-29 14:16 - 2012-06-05 03:25 - 00000000 ____D C:\Windows\SysWOW64\Atheros_L1e
2013-06-29 14:16 - 2012-06-05 03:18 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-06-29 14:16 - 2011-10-10 03:19 - 00000000 ____D C:\Windows\ShellNew
2013-06-29 14:16 - 2009-07-14 00:32 - 00000000 ____D C:\Windows\system32\restore
2013-06-29 14:16 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-06-29 14:16 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-29 14:15 - 2013-06-08 00:21 - 00000000 ____D C:\Program Files\iTunes
2013-06-29 14:15 - 2013-06-08 00:21 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-29 14:15 - 2013-06-05 10:51 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-29 14:15 - 2013-03-18 13:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-06-29 14:15 - 2013-02-09 00:04 - 00000000 ____D C:\Program Files (x86)\Plugin Update
2013-06-29 14:15 - 2013-02-04 22:08 - 00000000 ____D C:\Program Files (x86)\I-Funbox DevTeam
2013-06-29 14:15 - 2013-01-14 15:26 - 00000000 ____D C:\Program Files\Common Files\SolidWorks Shared
2013-06-29 14:15 - 2012-11-04 14:44 - 00000000 ____D C:\Program Files (x86)\DWG TrueView 2013
2013-06-29 14:15 - 2012-10-12 14:33 - 00000000 ____D C:\Program Files (x86)\RASAero
2013-06-29 14:15 - 2012-09-05 18:39 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2013-06-29 14:15 - 2012-08-28 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-29 14:15 - 2012-08-28 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-29 14:15 - 2012-06-22 21:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-06-29 14:15 - 2012-06-22 21:27 - 00000000 ____D C:\Program Files\Bonjour
2013-06-29 14:15 - 2012-06-22 21:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-06-29 14:15 - 2012-06-21 20:30 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-06-29 14:15 - 2012-06-05 03:55 - 00000000 ____D C:\Program Files (x86)\ooVoo
2013-06-29 14:13 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\uk-UA
2013-06-29 14:10 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-06-29 13:56 - 2012-09-03 23:48 - 00000000 ____D C:\ProgramData\VMware
2013-06-29 13:54 - 2012-07-15 13:36 - 00000000 ____D C:\Program Files\McAfee
2013-06-29 11:32 - 2012-06-21 19:18 - 00000000 ___RD C:\Users\Collin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-06-29 11:32 - 2012-06-21 19:16 - 00000000 ____D C:\Users\Collin
2013-06-24 00:57 - 2012-06-30 18:01 - 78277128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-06-22 02:00 - 2012-08-28 20:14 - 00000000 ____D C:\Users\Collin\AppData\Local\Adobe
2013-06-21 19:48 - 2012-06-05 03:59 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-07-13 07:11

==================== End Of Log ============================

Broni · Jul 18, 2013

It can't be any program since you're able to run FRST.

wisenblaker · Jul 18, 2013

I think it is because I had to download it from a different computer and then transfered it to that computer so its not like a program I downloaded on the cumputer with the problem

Broni · Jul 18, 2013

It shouldn't matter.

I can see following restore points:

04-07-2013 05:00:00 Scheduled Checkpoint
13-07-2013 07:12:38 Windows Update
13-07-2013 11:29:34 Windows Update
14-07-2013 04:15:25 Windows Update
14-07-2013 04:34:41 Windows Update
17-07-2013 17:36:33 Windows Update

Try to use one from July 4th

wisenblaker · Jul 18, 2013

How would I restore from said point?

Broni · Jul 18, 2013

http://forums.windowsitpro.com/forums/aft/97760

wisenblaker · Jul 18, 2013

Ok I am doing the restore now and will update you with the effects

wisenblaker · Jul 19, 2013

So I restored to that point and still have the same error.

Broni · Jul 19, 2013

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

Go to Step 4 and under "System Restore" click on Create button:

Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

wisenblaker · Jul 19, 2013

Ok so I dont have internet access on the computer I am trying to fix because it wont open internet explorer so I tried downloading in onto a flash drive and running it from there but I get the subsystem error when I try to.

Broni · Jul 19, 2013

Personally I've never seen this kind of error before.

Said that...

In this forum, we make sure, your computer is free of malware and your computer is clean

Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.

Good luck

wisenblaker · Jul 20, 2013

Thanks for your help! I will have them reopen my other thread and hopefully they can figure out whats up.

Broni · Jul 20, 2013

Inactive Subsystem Error "Image type not supported"

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Posts: 19 +0

Posts: 56,041 +516

Similar threads