Computer Hope

Software => Computer viruses and spyware => Virus and spyware removal => Topic started by: srcstcbstrd on November 17, 2014, 08:19:41 PM

Title: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 17, 2014, 08:19:41 PM

Hi - first time poster here. I have a problem that seems to have started with attempts to update my Windows 7 Home Premium on an HP desktop. Various 'important' updates have appeared and when trying to install them, they invariably fail. At the same time (and this just may be a coincidence), I can not play any video files either with any program on the desktop (WMP, VLC and Media Player Classic). I also cannot play any videos online - Flashback crashes every time. When I try and go into the Control Panel and 'System', I get booted out automatically. When I try and do a restore, I get booted out automatically. Something has taken control of these functions for some reason.
I followed the pinned topic on what to do before I post and here are the logs:

# AdwCleaner v4.101 - Report created 17/11/2014 at 19:15:28
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : srcstcbstrd - TIMS-COMPUTER
# Running from : C:\Users\srcstcbstrd\Desktop\adwcleaner_4.101.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\mkjojgglmmcghgaiknnpgjgldgaocjfd

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Mozilla Firefox v33.1 (x86 en-US)

[h7dij27t.default-1412713083351\prefs.js] - Line Deleted : user_pref("extensions.dashlane.safesearchcapable", false);

-\\ Google Chrome v

*************************

AdwCleaner[R10].txt - [10016 octets] - [14/09/2014 15:23:16]
AdwCleaner[R11].txt - [6407 octets] - [21/09/2014 12:51:51]
AdwCleaner[R12].txt - [3873 octets] - [09/11/2014 16:54:38]
AdwCleaner[R13].txt - [3415 octets] - [10/11/2014 19:25:44]
AdwCleaner[R8].txt - [2220 octets] - [24/07/2014 19:22:13]
AdwCleaner[R9].txt - [1443 octets] - [01/08/2014 15:25:16]
AdwCleaner[S10].txt - [10142 octets] - [14/09/2014 15:47:08]
AdwCleaner[S11].txt - [3210 octets] - [07/11/2014 04:53:34]
AdwCleaner[S12].txt - [3978 octets] - [10/11/2014 19:27:30]
AdwCleaner[S13].txt - [1515 octets] - [17/11/2014 19:15:28]
AdwCleaner[S8].txt - [2265 octets] - [24/07/2014 19:23:34]
AdwCleaner[S9].txt - [1510 octets] - [01/08/2014 15:29:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S13].txt - [1696 octets] ##########

Results of screen317's Security Check version 0.99.90
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled!
Norton Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````[/u]
SpywareBlaster 5.0
Secunia PSI (3.0.0.6001)
TuneUp Utilities 2011
TuneUp Utilities Language Pack (en-US)
TuneUp Utilities 2011
Ashampoo Registry Cleaner v.1.00
JavaFX 2.1.1
Java 7 Update 67
Java version out of Date!
Adobe Flash Player 15.0.0.223
Mozilla Firefox (33.1)
````````Process Check: objlist.exe by Laurent````````[/u]
Norton ccSvcHst.exe
Symantec Norton Online Backup NOBuClient.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````[/u]

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/11/2014
Scan Time: 9:13:51 PM
Logfile: MWB.txt
Administrator: Yes

Version: 2.00.3.1025
Malware Database: v2014.11.18.01
Rootkit Database: v2014.11.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: srcstcbstrd

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 568463
Time Elapsed: 21 min, 17 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 18, 2014, 12:17:25 PM

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Can you tell me the size of the harddrive and how much free space you have on it?

Click Start> Computer> right click the C Drive and choose Properties> enter

(http://i424.photobucket.com/albums/pp322/digistar/diskcleanup2.jpg)
***************************************************************
Registry cleaners are extremely powerful applications and their potential for harming your OS far outweighs any small potential for improving your computer's performance.

There are a number of them available and some are more safe than others. Keep in mind that no two registry cleaners work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad" entry. One cleaner may find entries on your system that will not cause a problem when removed, another may not find the same entries, and still another may want to remove entries required for a program to work. Without research into what the registry entry selected for deletion is, a registry cleaner can end up being an automated method to cause problems with the registry.

For routine use by those not familiar with the registry, the benefits to your computer are negligible while the potential risks are great.

Further reading: XP Fixes Myth #1: Registry Cleaners (http://www.windowsbbs.com/showthread.php?t=61015)
Ashampoo Registry Cleaner v.1.00
*********************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version (http://www.java.com/en/download/installed.jsp)

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment (http://www.majorgeeks.com/Sun_Java_Runtime_Environment_d4648.html).

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa (http://raproducts.org/click/click.php?id=1) and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) (http://java.sun.com/javase/6/docs/technotes/guides/jweb/otherFeatures/jqs.html) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*************************************************
Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this (http://www.bleepingcomputer.com/forums/topic114351.html) link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.
************************************************
Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit (http://www.malwarebytes.org/products/mbar/) and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page for performing a scan.
Caution: This is a beta version so also read the disclaimer and back up (http://support.microsoft.com/kb/971759) all your data before using.
When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
Copy and paste the contents of these two log files in your next reply.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 19, 2014, 04:00:04 PM

Hi SuperDave - thanks for taking the time to help me out. My 'C' drive is 1.5TB with 265GB free space.

As far as the Java version I have, that's part of the problem - I can't read what version it is because this bug or whatever it is won't allow me to access that on the web - by which I mean that the Java applet won't work for this or videos. So I downloaded the latest version anyway and tried to install it. After the install screen came up, it was just a blank field. When I closed the field, Java congratulated me on the install but I didn't have a chance to uncheck any other crappy extras. I ran it as the administrator with the Firefox closed as you suggested.

Ran the JavaRa.

Ran the Junk Removal Tool and Malwarebytes Anti-Rootkit (see logs below)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Home Premium x64
Ran by srcstcbstrd on 19/11/2014 at 16:56:12.97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\One-Click Optimizer.job

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\srcstcbstrd\appdata\local\{93D6AAE3-FB95-4F5F-AEE9-BE75BE2C5BD7}
Successfully deleted: [Empty Folder] C:\Users\srcstcbstrd\appdata\local\{F9F2DD8D-02A5-413B-B5AB-3B63A16C42D2}

~~~ FireFox

Emptied folder: C:\Users\srcstcbstrd\AppData\Roaming\mozilla\firefox\profiles\h7dij27t.default-1412713083351\minidumps [5 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19/11/2014 at 17:00:54.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.1.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17420

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.700000 GHz
Memory total: 8589176832, free: 5753118720

Downloaded database version: v2014.11.19.07
Downloaded database version: v2014.11.18.01
=======================================
Initializing...
------------ Kernel report ------------
11/19/2014 17:06:07
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\NISx64\1506000.020\SYMDS64.SYS
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\timntr.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\Drivers\MDFSYSNT.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\System32\drivers\BootDefragDriver.sys
\SystemRoot\system32\DRIVERS\AtiPcie64.sys
\SystemRoot\system32\DRIVERS\39594152.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys
\SystemRoot\system32\drivers\NISx64\1506000.020\ccSetx64.sys
\SystemRoot\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys
\SystemRoot\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS
\SystemRoot\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS
\SystemRoot\system32\drivers\NISx64\1506000.020\Ironx64.SYS
\??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
\SystemRoot\system32\DRIVERS\3959415.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\??\C:\Windows\System32\drivers\GUBootStartup.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
\??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\Windows\system32\drivers\cbfs.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\39594151.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\netr28x.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\asvpndrv.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\drivers\dfx11_1x64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(1).sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(2).sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(3).sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(4).sys
\SystemRoot\system32\drivers\WsAudio_DeviceS(5).sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
\SystemRoot\system32\DRIVERS\idmwfp.sys
\??\C:\Windows\system32\drivers\iPodDrv.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\psi_mf.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141118.003\IDSvia64.sys
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141118.050\EX64.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20141118.050\ENG64.SYS
\??\C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141118.001\BHDrvx64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa8007ae7790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007e\
Lower Device Object: 0xfffffa80079659c0
Lower Device Driver Name: \Driver\amd_sata\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007af8790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007d\
Lower Device Object: 0xfffffa80079639c0
Lower Device Driver Name: \Driver\amd_sata\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007af8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007998b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007af8790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80079958b0, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800796bac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80079639c0, DeviceName: \Device\0000007d\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7ED5077

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 2901763905

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2901970753 Numsec = 28301312

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1500301910016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8007ae7790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007ae72c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007ae7790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007998860, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800796cac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80079659c0, DeviceName: \Device\0000007e\, DriverName: \Driver\amd_sata\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5C27753C

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3907024896
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

The Anit-Rootkit program did not find any malware. I did not run the fixdamage.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 20, 2014, 04:15:10 PM

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan (http://eset.com/onlinescan)

•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetOnline.png) button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

Click on (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstall.png) to download the ESET Smart Installer. Save it to your desktop.
Double click on the (http://i424.photobucket.com/albums/pp322/digistar/esetSmartInstallDesktopIcon-1.png) icon on your desktop.

•Check (http://i424.photobucket.com/albums/pp322/digistar/esetAcceptTerms.png)
•Click the (http://i424.photobucket.com/albums/pp322/digistar/esetStart.png) button.
•Accept any security warnings from your browser.

Leave the check mark next to Remove found threats.

•Check (http://i424.photobucket.com/albums/pp322/digistar/esetScanArchives.png)
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push (http://i424.photobucket.com/albums/pp322/digistar/esetListThreats.png)
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetExport.png), and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the (http://i424.photobucket.com/albums/pp322/digistar/esetBack.png) button.
•Push (http://i424.photobucket.com/albums/pp322/digistar/esetFinish.png)
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 21, 2014, 02:05:31 AM

Hey SuperDave - ran ESET and saved the results to a .txt but do you think I could find the bloody thing after I hit save so I could include it here? :'(

Found the log under Programs and it looks to include the same info although a little more detailed:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6fefafb7614aa5418622183009c5b71b
# engine=14752
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-13 07:09:25
# local_time=2013-08-13 03:09:25 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=3591 16777213 100 91 0 138884350 0 0
# compatibility_mode=5893 16776574 100 94 1927882 127921215 0 0
# scanned=326336
# found=17
# cleaned=17
# scan_time=29725
sh=1EBD938E07FFD1FE8D61576A69ED4D329F483881 ft=1 fh=e5fa4db611a76ae3 vn="a variant of MSIL/HackTool.IdleKMS.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\1L7X14.exe"
sh=1CD3339BFA397F18363CAC27F97B723AC62C1874 ft=1 fh=0e77d44e3a493c8f vn="a variant of Win32/HackTool.KMSAuto.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\7A2LE4BSH0R.exe"
sh=D64F3AE178BF6B9DAB3986072DE3AEB3BF285059 ft=1 fh=f3e29fe027250a81 vn="a variant of Win32/HackTool.KMSAuto.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\A5PFAUY8TJS.exe"
sh=7CC319C63E4CAE93C529B4462C93DD5AB9D811F0 ft=1 fh=8694618c27250a81 vn="a variant of Win32/HackTool.KMSAuto.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\NM4Z7O6H2L6.exe"
sh=DE6AF192DCA55D8ED8B8117F656E8E342D742C5A ft=1 fh=c67e1a899f871570 vn="a variant of Win32/HackTool.KMSAuto.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\XN2W3J8E0G6.exe"
sh=E1A0CCCD1A729E7D9C4A9A563CB4DAD8E5586E95 ft=1 fh=321f99703a493c8f vn="a variant of Win32/HackTool.KMSAuto.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files\KMSpico\YYD37OW5H6R.exe"
sh=DB5E733C80A9F9125478F939C94B3295A0B7036F ft=1 fh=36fc2114735cd03f vn="a variant of Win32/Packed.VMDetector.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Solid Savings\Uninstall.exe"
sh=A9BFA09044E90270939723184D08219EB110D3DE ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.SpeedingUpMyPC.C application (deleted - quarantined)" ac=C fn="C:\Torrents Complete\Smart Driver Updater 3.0 + Reg.iso"
sh=5FCF9DB122C04903B2407A5027782099D8A251B6 ft=1 fh=475041420d7baef6 vn="a variant of Win32/Toolbar.CrossRider.C application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\srcstcbstrd\AppData\Local\Updater26278\Updater26278.exe"
sh=FCD42701A1701A73EF2635AFA160307198AEF8A8 ft=0 fh=0000000000000000 vn="Win32/OpenCandy application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab"
sh=6E30879097C72B4093F9037D58E9EB950395CD82 ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.DD application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\ALZip_7.52.0.1.zip"
sh=3DC71E97DC90B905991A8F6CD3B83BE2426BEA15 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\FFSetup260.zip"
sh=0AAA6E7D019034C78ED7DF41015A0647F483922F ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\FFSetup290.zip"
sh=25D2D351D1F97779DF2D9B8A61BA7EB1B9AAA230 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\FFSetup295.zip"
sh=210E43BE1A81AD5652960E5C2E9EE9E606B89E7E ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Uniblue PowerSuite 2010 2.1.10.17.rar"
sh=EC624227C6BBF5AEB26C3DE8DBF27050B9C7A1B0 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Uniblue - PowerSuite 2010_\Uniblue - PowerSuite 2010.rar"
sh=F27A51138D02C8701172427C99FDD45B671D00D4 ft=0 fh=0000000000000000 vn="multiple threats (deleted - quarantined)" ac=C fn="E:\Most Recent Downloads\FFSetup3.0.1.1.zip"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=6fefafb7614aa5418622183009c5b71b
# engine=18051
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-27 10:56:19
# local_time=2014-04-27 06:56:19 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=3591 16777213 100 91 603159 161145964 0 0
# compatibility_mode=5893 16776574 100 94 3703021 150182829 0 0
# scanned=353855
# found=1
# cleaned=1
# scan_time=8657
sh=FA31AF96DEB291C6C2CEE09E4E132FAFD9613A6B ft=1 fh=394f713fd0c4a198 vn="a variant of Win32/SpeedingUpMyPC.F application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Smart PC Solutions\Smart Driver Updater\SmartDriverUpdater.exe"
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6fefafb7614aa5418622183009c5b71b
# engine=21191
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-21 06:38:46
# local_time=2014-11-21 01:38:46 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 2094630 179058511 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 0 168095376 0 0
# scanned=414762
# found=26
# cleaned=26
# scan_time=22070
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\8708JGO6~DealPly.crx.vir~"
sh=5339ABEE428B92A04DF04A1D1B81896A68CF7CBD ft=0 fh=0000000000000000 vn="Win32/DealPly.J potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir"
sh=033736CF5EFB70477C757857F08649B4094F9E9C ft=1 fh=c6af5358d9a2bf2f vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit\Driver Booster\DBPro.exe.vir"
sh=033736CF5EFB70477C757857F08649B4094F9E9C ft=1 fh=c6af5358d9a2bf2f vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\IObit\Driver Booster\ICOMUAEC~DBPro.exe~.vir"
sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js.vir"
sh=75F83D0E2071210C11B550863EC82F53D0E195A9 ft=1 fh=71573f5a1c96d142 vn="Win32/Toolbar.Conduit.AJ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3298573\R80KKBO0~UninstallerUI.exe.vir~"
sh=75F83D0E2071210C11B550863EC82F53D0E195A9 ft=1 fh=71573f5a1c96d142 vn="Win32/Toolbar.Conduit.AJ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\IE\CT3298573\UninstallerUI.exe.vir"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="a variant of Win32/Hao123.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\1183J62F~hao123inst.exe~"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="a variant of Win32/Hao123.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=E618E799466D260BAF1B9ACE24765440A8F58DE3 ft=1 fh=5a138b81daee5b8e vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\MVUFBKHO~stampsetup_v2.32.exe~"
sh=B8B92A7D23DBAC2B21461FC20BD52D80B51418E5 ft=1 fh=a0a99892d46f4f18 vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\O97Q3QJJ~stamp.exe~"
sh=E361FF32BA76F7BE1EC5FEDA434BEE37A39B2EC0 ft=1 fh=5a97dc58d46f4f18 vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\P0FKTGCG~uninst.exe~"
sh=B8B92A7D23DBAC2B21461FC20BD52D80B51418E5 ft=1 fh=a0a99892d46f4f18 vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\stamp.exe"
sh=E618E799466D260BAF1B9ACE24765440A8F58DE3 ft=1 fh=5a138b81daee5b8e vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\stampsetup_v2.32.exe"
sh=E361FF32BA76F7BE1EC5FEDA434BEE37A39B2EC0 ft=1 fh=5a97dc58d46f4f18 vn="a variant of Win32/Toolbar.Conduit.K potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Swift Sound\Stamp\uninst.exe"
sh=DA1DBF1BAFCD44E53E59C1A587BC2E1A8D453904 ft=1 fh=c71c001183df20df vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Torrents Complete\DFX Audio Enhancer v11.200 - Final + Keygen-CORE\DFX Audio Enhancer v11.200 - Final + Keygen-CORE.exe"
sh=4370E4F60FB96627C6AD4F4820A4FA8A61F8EC29 ft=1 fh=3b60eb1472d7e959 vn="a variant of Win32/CNETInstaller.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Desktop\Disc Cleaners\cbsidlm-cbsi213-Smart_Toolbar_Remover-SEO-10972491.exe"
sh=9271AC56219EAA6E7C3BEB56DCF85B4B0C94BCBD ft=1 fh=01ecc5747fa432f4 vn="Win32/ELEX.Q potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Desktop\Disc Cleaners\isafedl.exe"
sh=0AE9EA41E2AD96BCEB05E511DD7E695B48136BE2 ft=0 fh=0000000000000000 vn="a variant of Win32/Toolbar.Conduit.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\AshampooHDDControl.zip"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="a variant of Win32/CNETInstaller.B potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\cbsidlm-cbsi134-SpaceMonger-ORG-10050288.exe"
sh=B56B5771AA023A370CA6CA451F205C9BD5E12681 ft=1 fh=ad644d67f0cd6c0b vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Moo0 AudioTypeConverter 1.24 Installer.exe"
sh=E74FA086BBBAD71DC1D5D0C7A3318CD8668D6115 ft=1 fh=d3a5976dcefb8dbb vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Moo0 RightClicker 1.44 Installer.exe"
sh=E3D6EFE0B506F9C8CDA93F72EA8C4F8C994CF388 ft=1 fh=a5c543a71e9285f8 vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Moo0 RightClicker Pro 1.45 Installer.exe"
sh=1581FFD923E452064CC77096E0FF2C3A77715B46 ft=1 fh=788dee7a256dd793 vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\Moo0 RightClicker Pro 1.47 Installer.exe"
sh=171C059174B038313C374731A2AFAC13B1AD2C7C ft=1 fh=ebd4c9b089c9e787 vn="a variant of Win32/Complitly.A potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\M_VideoConverter_1.10.setup.exe"
sh=C4068C7DF5DAA0FAC748AB0A9ABEDDA7F0F6C1A4 ft=1 fh=9a88bee7093cd2af vn="Win32/Toolbar.Conduit potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\srcstcbstrd\Downloads\Programs Downloaded\utorrentspeeduppro_setup.exe"

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 21, 2014, 02:24:22 AM

SuperDave - just as an update - restarted the computer and tried to play a video - still the same result (tried VLC - program closed immediately). Tried System Restore and it only went back as far as the 19th of this month. Tried to get into 'System' and was immediately kicked out (screen came up for a millisecond and closed). Tried an online video and Flash crashed. There has been no change from the original problem. >:(

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 21, 2014, 11:47:09 AM

Please try this and tell me what happens.

To Run the SFC /SCANNOW Command in Windows 7
1. Open an elevated command prompt. (http://www.sevenforums.com/tutorials/783-elevated-command-prompt.html)

2. To Scan and Repair System Files
NOTE: Scans the integrity of all protected system files and repairs the system files if needed.
A) In the elevated command prompt, type sfc /scannow and press Enter. (see screenshot below)
NOTE: This may take some time to finish.

(http://www.sevenforums.com/attachments/tutorials/2327d1231529432t-sfc-scannow-command-system-file-checker-command-1.jpg)

B) Go to step 4.

3. To Only Verify if the System Files are Corrupted
NOTE: Scans and only verifies the integrity of all proteced system files only.
A) In the elevated command prompt, type sfc /verifyonly and press Enter.

4. When the scan is complete, hopefully you will see all is ok like the screenshot below.
NOTE: If not, then you can attempt to run a System Restore (http://www.sevenforums.com/tutorials/700-system-restore.html) using a restore point dated before the bad file occured to fix it. You may need to repeat doing a System Restore until you find a older restore point that may work.

(http://www.sevenforums.com/attachments/tutorials/2328d1231529438t-sfc-scannow-command-system-file-checker-finished.jpg)

5. When done, close the elevated command prompt.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 22, 2014, 10:19:35 AM

Ok SuperDave - I ran the scan and it came back with a lot of issues. I've tried twice to post the results here - first as a copy and paste and then as an attachment but neither is being accepted.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 22, 2014, 11:14:23 AM

Did it ask for the OS disk? Do you have the OS disk?

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 22, 2014, 12:43:52 PM

No - preloaded HP desktop. Windows 7 Home Premium.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 22, 2014, 07:45:31 PM

Please check to see if you have the Recovery console on a partition of your hard drive. If it's there, you will be able to do a repair of the OS system.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 23, 2014, 12:12:05 AM

Ok - sounds easy but not for me. What steps do I need to make?

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 23, 2014, 08:44:34 AM

This (http://www.proposedsolution.com/solutions/windows-7-or-vista-recovery-console/) should explain it very well.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 23, 2014, 12:57:33 PM

Thanks. Tried a System Repair. Got back in after the 'repair' (apparently not much could be done) and did a 'sfc' scan. Restarted and am trying a second go round. Would it help if I did the scan in safe mode?

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 23, 2014, 02:46:07 PM

Quote

Would it help if I did the scan in safe mode?

No, I don't think that will help much. Let's try this:

Download Combofix from any of the links below, and save it to your DESKTOP.
If your version of Windows defaults to you download folder you will need to copy it to your desktop.

Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here (http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/) for a tutorial regarding how to do so if you are unsure.

Close any open windows and double click ComboFix.exe to run it.

You will see the following image:

(http://i424.photobucket.com/albums/pp322/digistar/NSIS_disclaimer_ENG.png)

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:

(http://i424.photobucket.com/albums/pp322/digistar/NSIS_extraction.png)

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.

(http://i424.photobucket.com/albums/pp322/digistar/RcAuto1.gif)

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

(http://i424.photobucket.com/albums/pp322/digistar/whatnext.png)

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 24, 2014, 03:02:29 AM

Good Morning SuperDave - before we get to the ComboFix log, I've noticed another hiccup with whatever has got hold of my computer. When I'm visiting a site and I want to find out the location of a retailer, when I click on 'Where to Buy' or if a Google Map is included and I go to click on it for any reason, Firefox crashes immediately. I'm not sure if this is just a bug in Firefox or it is related to not being able to play videos or get into my 'System' or System Restore. Anyhoo - here's the log:

ComboFix 14-11-18.01 - srcstcbstrd 24/11/2014 4:43.7.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5973 [GMT -5:00]
Running from: c:\users\srcstcbstrd\Desktop\ComboFix_2.exe
AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton Internet Security *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton Internet Security *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((( Files Created from 2014-10-24 to 2014-11-24 )))))))))))))))))))))))))))))))
.
.
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Tim Mahoney\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Tim's Computer\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Public\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Owner\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Jan's Stuff\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\HomeGroupUser$\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Guest\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-11-24 09:53 . 2014-11-24 09:53   --------   d-----w-   c:\users\Administrator\AppData\Local\temp
2014-11-23 07:07 . 2014-11-23 07:10   --------   d-----w-   c:\users\srcstcbstrd\AppData\Local\ElevatedDiagnostics
2014-11-22 22:26 . 2014-11-22 22:26   --------   d-sh--w-   c:\users\srcstcbstrd\AppData\Local\EmieBrowserModeList
2014-11-22 17:39 . 2014-11-22 17:47   --------   d-----w-   c:\users\srcstcbstrd\AppData\Roaming\HTC
2014-11-22 17:31 . 2014-11-24 08:47   --------   d-----w-   c:\users\srcstcbstrd\AppData\Local\HTC MediaHub
2014-11-22 17:31 . 2014-11-22 17:31   --------   d-----w-   c:\users\srcstcbstrd\.android
2014-11-22 17:31 . 2014-11-22 17:31   --------   d-----w-   c:\programdata\HTC
2014-11-22 17:31 . 2014-11-22 17:31   --------   d-----w-   c:\program files (x86)\Common Files\Nero
2014-11-22 17:31 . 2014-11-22 17:31   --------   d-----w-   c:\program files (x86)\Spirent Communications
2014-11-22 17:31 . 2014-11-22 17:31   --------   d-----w-   c:\program files (x86)\HTC
2014-11-20 23:39 . 2012-05-04 23:29   772504   ----a-w-   c:\windows\SysWow64\npDeployJava1.dll
2014-11-20 23:39 . 2012-05-04 23:29   687504   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2014-11-20 23:37 . 2014-11-19 21:48   98216   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-11-19 22:06 . 2014-11-19 22:46   --------   d-----w-   c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-11-19 21:56 . 2014-11-19 21:56   --------   d-----w-   c:\windows\ERUNT
2014-11-18 00:24 . 2014-11-19 22:06   131800   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-11-18 00:24 . 2014-11-19 22:05   96472   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-11-18 00:24 . 2014-10-01 16:11   63704   ----a-w-   c:\windows\system32\drivers\mwac.sys
2014-11-18 00:24 . 2014-10-01 16:11   25816   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-11-18 00:24 . 2014-11-18 00:24   --------   d-----w-   c:\program files (x86)\Malwarebytes Anti-Malware
2014-11-15 17:36 . 2014-11-15 17:36   --------   d-----w-   c:\users\Public\Foxit Software
2014-11-15 17:32 . 2014-04-04 05:42   3382440   ----a-w-   c:\windows\system32\BootMan.exe
2014-11-15 17:32 . 2014-04-04 05:25   2499752   ----a-w-   c:\windows\SysWow64\BootMan.exe
2014-11-15 17:32 . 2013-03-07 14:49   9160   ----a-w-   c:\windows\SysWow64\EuGdiDrv.sys
2014-11-15 17:32 . 2013-03-07 14:49   87112   ----a-w-   c:\windows\SysWow64\setupempdrv03.exe
2014-11-15 17:32 . 2013-03-07 14:49   13896   ----a-w-   c:\windows\SysWow64\epmntdrv.sys
2014-11-15 17:32 . 2013-03-07 14:49   9800   ----a-w-   c:\windows\system32\EuGdiDrv.sys
2014-11-15 17:32 . 2013-03-07 14:49   17480   ----a-w-   c:\windows\system32\epmntdrv.sys
2014-11-15 17:32 . 2013-03-07 14:49   100936   ----a-w-   c:\windows\system32\setupempdrvx64.exe
2014-11-15 17:32 . 2013-03-07 14:49   16256   ----a-w-   c:\windows\system32\EuEpmGdi.dll
2014-11-15 17:32 . 2013-03-07 14:49   19840   ----a-w-   c:\windows\SysWow64\EuEpmGdi.dll
2014-11-15 17:32 . 2014-11-15 17:32   --------   d-----w-   c:\program files (x86)\EaseUS
2014-11-14 01:56 . 2014-11-14 09:51   --------   d-----w-   c:\program files\stinger
2014-11-12 13:29 . 2014-10-25 01:57   77824   ----a-w-   c:\windows\system32\packager.dll
2014-11-12 13:29 . 2014-10-25 01:32   67584   ----a-w-   c:\windows\SysWow64\packager.dll
2014-11-12 13:29 . 2014-10-10 00:57   3198976   ----a-w-   c:\windows\system32\win32k.sys
2014-11-12 13:29 . 2014-10-18 02:05   861696   ----a-w-   c:\windows\system32\oleaut32.dll
2014-11-12 13:29 . 2014-10-18 01:33   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2014-11-09 18:13 . 2014-11-09 18:13   --------   d-----w-   c:\users\srcstcbstrd\.jmc
2014-11-09 18:12 . 2014-11-09 18:12   --------   d-----w-   c:\users\srcstcbstrd\.eclipse
2014-11-07 07:21 . 2014-10-01 04:19   180136   ----a-w-   c:\windows\system32\drivers\idmwfp.sys
2014-11-04 22:36 . 2014-11-04 22:36   --------   d-----w-   c:\users\Default\AppData\Local\Google
2014-11-02 17:13 . 2014-07-17 02:07   235520   ----a-w-   c:\windows\system32\winsta.dll
2014-11-02 17:13 . 2014-07-17 02:07   681984   ----a-w-   c:\windows\system32\termsrv.dll
2014-11-02 17:13 . 2014-07-17 02:07   150528   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2014-11-02 17:13 . 2014-07-17 02:07   455168   ----a-w-   c:\windows\system32\winlogon.exe
2014-11-02 17:13 . 2014-07-17 01:40   157696   ----a-w-   c:\windows\SysWow64\winsta.dll
2014-11-02 17:13 . 2014-07-17 01:21   212480   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2014-11-02 17:13 . 2014-07-17 01:21   39936   ----a-w-   c:\windows\system32\drivers\tssecsrv.sys
2014-11-02 17:12 . 2014-06-18 22:23   73880   ----a-w-   c:\windows\system32\mscories.dll
2014-11-02 17:12 . 2014-06-18 22:23   1943696   ----a-w-   c:\windows\system32\dfshim.dll
2014-11-02 17:12 . 2014-06-18 22:23   156312   ----a-w-   c:\windows\system32\mscorier.dll
2014-11-02 17:12 . 2014-06-18 22:23   81560   ----a-w-   c:\windows\SysWow64\mscories.dll
2014-11-02 17:12 . 2014-06-18 22:23   156824   ----a-w-   c:\windows\SysWow64\mscorier.dll
2014-11-02 17:12 . 2014-06-18 22:23   1131664   ----a-w-   c:\windows\SysWow64\dfshim.dll
2014-11-02 17:12 . 2014-09-04 05:23   424448   ----a-w-   c:\windows\system32\rastls.dll
2014-11-02 17:12 . 2014-09-04 05:04   372736   ----a-w-   c:\windows\SysWow64\rastls.dll
2014-10-26 13:05 . 2014-10-26 13:05   --------   d-----w-   c:\users\srcstcbstrd\AppData\Roaming\New Version Available
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-20 23:41 . 2014-07-30 08:09   71344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-20 23:41 . 2014-07-30 08:09   701104   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-07 09:24 . 2012-09-04 19:55   111016   ----a-w-   c:\windows\system32\WindowsAccessBridge-64.dll
2014-11-01 04:26 . 2014-07-07 17:36   103374192   ----a-w-   c:\windows\system32\MRT.exe
2014-10-04 22:32 . 2014-07-27 13:42   20160   ----a-w-   c:\windows\system32\drivers\GUBootStartup.sys
2014-09-30 20:13 . 2014-09-30 19:34   67632   ----a-w-   c:\windows\system32\msln.exe
2014-09-28 17:43 . 2014-09-28 17:43   98816   ----a-w-   c:\windows\system32\OpenVideo64.dll
2014-09-28 17:43 . 2014-09-28 17:43   91648   ----a-w-   c:\windows\system32\mantleaxl64.dll
2014-09-28 17:43 . 2014-09-28 17:43   86528   ----a-w-   c:\windows\system32\OVDecode64.dll
2014-09-28 17:43 . 2014-09-28 17:43   85504   ----a-w-   c:\windows\SysWow64\mantleaxl32.dll
2014-09-28 17:43 . 2014-09-28 17:43   83456   ----a-w-   c:\windows\SysWow64\OpenVideo.dll
2014-09-28 17:43 . 2014-09-28 17:43   826368   ----a-w-   c:\windows\system32\coinst_14.20.dll
2014-09-28 17:43 . 2014-09-28 17:43   73216   ----a-w-   c:\windows\SysWow64\OVDecode.dll
2014-09-28 17:43 . 2014-09-28 17:43   231424   ----a-w-   c:\windows\system32\clinfo.exe
2014-09-28 17:43 . 2014-09-28 17:43   127488   ----a-w-   c:\windows\system32\mantle64.dll
2014-09-28 17:43 . 2014-09-28 17:43   113664   ----a-w-   c:\windows\SysWow64\mantle32.dll
2014-09-28 17:43 . 2014-09-28 17:43   442368   ----a-w-   c:\windows\system32\atidemgy.dll
2014-09-28 17:43 . 2014-09-28 17:43   65024   ----a-w-   c:\windows\system32\OpenCL.dll
2014-09-28 17:43 . 2014-09-28 17:43   58880   ----a-w-   c:\windows\SysWow64\OpenCL.dll
2014-09-28 17:43 . 2014-09-28 17:43   5225472   ----a-w-   c:\windows\system32\amdmantle64.dll
2014-09-28 17:43 . 2014-09-28 17:43   48128   ----a-w-   c:\windows\system32\amdmmcl6.dll
2014-09-28 17:43 . 2014-09-28 17:43   4180992   ----a-w-   c:\windows\SysWow64\amdmantle32.dll
2014-09-28 17:43 . 2014-09-28 17:43   37888   ----a-w-   c:\windows\SysWow64\amdmmcl.dll
2014-09-28 17:43 . 2014-09-28 17:43   32876544   ----a-w-   c:\windows\system32\amdocl64.dll
2014-09-28 17:43 . 2014-09-28 17:43   27843072   ----a-w-   c:\windows\SysWow64\amdocl.dll
2014-09-28 17:43 . 2014-09-28 17:43   276192   ----a-w-   c:\windows\system32\drivers\amdacpksd.sys
2014-09-28 17:43 . 2014-09-28 17:43   9889352   ----a-w-   c:\windows\SysWow64\RsCRIcon.dll
2014-09-28 17:43 . 2014-09-28 17:43   271064   ----a-w-   c:\windows\system32\drivers\RtsUStor.sys
2014-09-28 17:42 . 2014-09-28 17:42   94720   ----a-w-   c:\windows\system32\drivers\AtihdW76.sys
2014-09-28 17:42 . 2014-09-28 17:42   110080   ----a-w-   c:\windows\system32\DelayAPO.dll
2014-09-28 17:42 . 2014-09-28 17:42   941784   ----a-w-   c:\windows\system32\drivers\Rt64win7.sys
2014-09-28 17:42 . 2014-09-28 17:42   73800   ----a-w-   c:\windows\system32\RtNicProp64.dll
2014-09-28 17:42 . 2011-01-05 08:26   107552   ----a-w-   c:\windows\system32\RTNUninst64.dll
2014-09-28 17:22 . 2014-09-28 17:22   948952   ----a-w-   c:\windows\system32\RCoInstII64.dll
2014-09-28 17:22 . 2014-09-28 17:22   628952   ----a-w-   c:\windows\system32\RtDataProc64.dll
2014-09-28 17:22 . 2014-09-28 17:22   60636160   ----a-w-   c:\windows\system32\RCoRes64.dat
2014-09-28 17:22 . 2014-09-28 17:22   3962840   ----a-w-   c:\windows\system32\drivers\RTKVHD64.sys
2014-09-28 17:22 . 2014-09-28 17:22   2834648   ----a-w-   c:\windows\system32\RtPgEx64.dll
2014-09-28 17:22 . 2014-09-28 17:22   2800344   ----a-w-   c:\windows\system32\RltkAPO64.dll
2014-09-28 17:22 . 2014-09-28 17:22   1959128   ----a-w-   c:\windows\system32\RTSnMg64.cpl
2014-09-28 17:22 . 2014-09-28 17:22   1286872   ----a-w-   c:\windows\system32\RTCOM64.dll
2014-09-28 17:22 . 2014-09-28 17:22   1022168   ----a-w-   c:\windows\system32\RtkApi64.dll
2014-09-28 17:22 . 2014-09-28 17:22   2770976   ----a-w-   c:\windows\system32\FMAPO64.dll
2014-09-28 17:22 . 2014-09-28 17:22   113576   ----a-w-   c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-28 17:22 . 2014-09-28 17:22   209096   ----a-w-   c:\windows\system32\AERTAC64.dll
2014-09-25 02:08 . 2014-10-12 13:45   371712   ----a-w-   c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-12 13:45   519680   ----a-w-   c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-09-28 20:08   2048   ----a-w-   c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-09-28 20:08   2048   ----a-w-   c:\windows\SysWow64\tzres.dll
2014-08-29 07:18 . 2010-06-24 19:33   23256   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2006-05-03 16:06   163328   --sha-r-   c:\windows\SysWOW64\flvDX.dll
2007-02-21 17:47   31232   --sha-r-   c:\windows\SysWOW64\msfDX.dll
2008-03-16 19:30   216064   --sha-r-   c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dashlane"="c:\users\srcstcbstrd\AppData\Roaming\Dashlane\Dashlane.exe" [2014-11-15 219832]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2014-11-07 3882576]
"Astrill"="c:\program files (x86)\Astrill\astrill.exe" [2014-07-10 5132312]
"uTorrent"="c:\users\srcstcbstrd\AppData\Roaming\uTorrent\uTorrent.exe" [2014-10-28 1385808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"PCTools FGuard"="c:\program files (x86)\PC Tools Security\BDT\FGuard.exe" [2011-09-01 247760]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2009-12-03 847872]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-18 767200]
"SSDMonitor"="c:\program files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe" [2014-07-13 106112]
"DFX"="c:\program files (x86)\DFX\DFX.exe" [2014-09-24 1271768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
.
R0 SMR410;Symantec SMR Utility Service 4.1.0;c:\windows\System32\drivers\SMR410.SYS;c:\windows\SYSNATIVE\drivers\SMR410.SYS

R2 AODDriver4.3;AODDriver4.3;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

R2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

R3 AM10;Cisco AM10 Driver;c:\windows\system32\DRIVERS\am10w7.sys;c:\windows\SYSNATIVE\DRIVERS\am10w7.sys

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys

R3 ASOVPNHelper;Astrill OpenVPN Service;c:\program files (x86)\Astrill\ASOvpnSvc.exe;c:\program files (x86)\Astrill\ASOvpnSvc.exe

R3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;c:\windows\system32\drivers\BVRPMPR5a64.SYS;c:\windows\SYSNATIVE\drivers\BVRPMPR5a64.SYS

R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys

R3 DiskDoctorService;Norton Disk Doctor Service;c:\program files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe;c:\program files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe

R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys

R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys

R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys

R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys

R3 SpeedDiskService;Norton SpeedDisk Service;c:\program files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe;c:\program files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys

R3 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe

R3 WsAudio_Device(1);WsAudio_Device(1);c:\windows\system32\drivers\VirtualAudio1.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio1.sys

R3 WsAudio_Device(2);WsAudio_Device(2);c:\windows\system32\drivers\VirtualAudio2.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio2.sys

R3 WsAudio_Device(3);WsAudio_Device(3);c:\windows\system32\drivers\VirtualAudio3.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio3.sys

R3 WsAudio_Device(4);WsAudio_Device(4);c:\windows\system32\drivers\VirtualAudio4.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio4.sys

R3 WsAudio_Device(5);WsAudio_Device(5);c:\windows\system32\drivers\VirtualAudio5.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio5.sys

R4 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE

R4 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

S0 39594152;39594152 Boot Guard Driver;c:\windows\system32\DRIVERS\39594152.sys;c:\windows\SYSNATIVE\DRIVERS\39594152.sys

S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys

S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys

S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys

S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys

S0 MDFSYSNT;MacDrive file system driver;

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1506000.020\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1506000.020\SYMDS64.SYS

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1506000.020\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1506000.020\SYMEFA64.SYS

S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys

S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys

S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys

S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys

S1 39594151;39594151;c:\windows\system32\DRIVERS\39594151.sys;c:\windows\SYSNATIVE\DRIVERS\39594151.sys

S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141118.001\BHDrvx64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20141118.001\BHDrvx64.sys

S1 CbFs;CbFs;c:\windows\system32\drivers\cbfs.sys;c:\windows\SYSNATIVE\drivers\cbfs.sys

S1 ccSet_MCLIENT;Norton Management Settings Manager;c:\windows\system32\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\MCLIENTx64\0302020.00C\ccSetx64.sys

S1 ccSet_NIS;NIS Settings Manager;c:\windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NISx64\1506000.020\ccSetx64.sys

S1 ccSet_NST;Norton Identity Safe Settings Manager;c:\windows\system32\drivers\NSTx64\7DD04000.00A\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NSTx64\7DD04000.00A\ccSetx64.sys

S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys

S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141121.001\IDSvia64.sys;c:\program files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20141121.001\IDSvia64.sys

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS

S1 setup_9.0.0.722_27.04.2011_00-08drv;setup_9.0.0.722_27.04.2011_00-08drv;c:\windows\system32\DRIVERS\3959415.sys;c:\windows\SYSNATIVE\DRIVERS\3959415.sys

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1506000.020\Ironx64.SYS

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\NISx64\1506000.020\SYMNETS.SYS

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE

S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe

S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe;c:\program files (x86)\PC Tools Security\BDT\BDTUpdateService.exe

S2 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo HDD Control\DfsdkS.exe;c:\program files (x86)\Ashampoo\Ashampoo HDD Control\DfsdkS.exe

S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe

S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe

S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys

S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys;c:\windows\SYSNATIVE\drivers\iPodDrv.sys

S2 M4iPodWPDService;M4iPodWPDService;c:\program files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe;c:\program files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe

S2 M4LIC;Mediafour M4LIC service;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE;c:\program files (x86)\Common Files\Mediafour\M4LIC.EXE

S2 MCLIENT;Norton Management;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe;c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe

S2 NCO;Norton Identity Safe;c:\program files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe;c:\program files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe;c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe

S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE

S2 NU16StartManagerSvc;Norton Utilities 16 Start Manager Service;c:\program files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe;c:\program files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe

S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe

S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe

S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys

S3 ASProxy;ASProxy;c:\program files (x86)\Astrill\ASProxy.exe;c:\program files (x86)\Astrill\ASProxy.exe

S3 asvpndrv;Astrill SSL VPN Adapter;c:\windows\system32\DRIVERS\asvpndrv.sys;c:\windows\SYSNATIVE\DRIVERS\asvpndrv.sys

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys

S3 DFX11_1;DFX Audio Enhancer 11.1;c:\windows\system32\drivers\dfx11_1x64.sys;c:\windows\SYSNATIVE\drivers\dfx11_1x64.sys

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys

S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys

S3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(1).sys

S3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(2).sys

S3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(3).sys

S3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(4).sys

S3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys;c:\windows\SYSNATIVE\drivers\WsAudio_DeviceS(5).sys

.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - EraserUtilDrv11410
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2013-01-16 16:46   454176   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-30 23:41]
.
2014-11-24 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2014-09-29 06:52]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 20:21]
.
2014-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25 20:21]
.
2014-06-12 c:\windows\Tasks\HPCeeScheduleForsrcstcbstrd.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2014-06-12 c:\windows\Tasks\HPCeeScheduleForTIMS-COMPUTER$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2014-11-24 c:\windows\Tasks\NUAutoUpdate.job
- c:\program files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2014-07-13 17:21]
.
2014-11-23 c:\windows\Tasks\Wise Turbo Checker.job
- c:\program files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-08-03 21:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-08-17 04:10   164760   ----a-w-   c:\users\srcstcbstrd\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-10-01 14:26   2810968   ----a-w-   c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-10-01 14:26   2810968   ----a-w-   c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-10-01 14:26   2810968   ----a-w-   c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 22:52   777032   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 22:52   777032   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 22:52   777032   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 22:52   777032   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 22:52   777032   ----a-w-   c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2014-04-21 08:02   25112   ----a-w-   c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page =
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Çàêà÷àòü ÂÑÅ ïðè ïîìîùè Download Master
IE: Çàêà÷àòü ïðè ïîìîùè Download Master
IE: Ïåðåäàòü íà óäàëåííóþ çàêà÷êó DM
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\srcstcbstrd\AppData\Roaming\Mozilla\Firefox\Profiles\h7dij27t.default-1412713083351\
FF - prefs.js: browser.search.selectedEngine - Norton Safe Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-MacDrive volume icons - (no file)
AddRemove-dBpoweramp CD Writer - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Dalet Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp DSP Effects - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp FLAC Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Monkeys Audio Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Mp2 and BwfMp2 codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp mp3 (Fraunhofer IIS) Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Ogg Vorbis Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Real Audio (Helix) Encoder - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBPoweramp tooLame MP2 codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp Wave64 Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp WavPack Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Arrange Audio] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Audio Info] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Calculate Audio CRC] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Channel Split] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [ID Tag Update] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Length Split] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Multi Encoder] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [ReplayGain] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-dBpoweramp [Tag From Filename] Codec - c:\windows\system32\SpoonUninstall.exe
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MCLIENT]
"ImagePath"="\"c:\program files (x86)\Norton Management\Engine\3.2.2.12\ccSvcHst.exe\" /s \"MCLIENT\" /m \"c:\program files (x86)\Norton Management\Engine\3.2.2.12\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NCO]
"ImagePath"="\"c:\program files (x86)\Norton Identity Safe\Engine\2013.4.0.10\ccSvcHst.exe\" /s \"NCO\" /m \"c:\program files (x86)\Norton Identity Safe\Engine\2013.4.0.10\diMaster.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\NIS.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32\diMaster.dll\" /prefetch:1"
"ImagePath"="\SystemRoot\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS"
"TrustedImagePaths"="c:\program files (x86)\Norton Internet Security\Engine\21.6.0.32;c:\program files (x86)\Norton Internet Security\Engine64\21.6.0.32"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1654476252-2253211636-4181094436-1001_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7c,19,f4,ae,cc,a9,bb,cf,9a,6e,eb,c2,b3,d3,e5,fa,af,bb,fa,b7,ce,
2b,ae,2c,2a,bd,ad,bf,5b,89,16,da,53,f1,1a,cc,3f,43,f0,dd,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1654476252-2253211636-4181094436-1001_Classes\Wow6432Node\CLSID\{8b150649-cc18-437b-9165-4e92b58ecd5d}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000df
"Therad"=dword:00000015
"MData"=hex(0):57,89,20,3f,ac,21,f3,5c,31,e8,6e,19,c6,e6,97,b4,4d,b0,f2,24,68,
9f,d4,4e,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-24 04:57:10
ComboFix-quarantined-files.txt 2014-11-24 09:57
ComboFix2.txt 2014-09-30 20:59
.
Pre-Run: 273,062,338,560 bytes free
Post-Run: 272,623,067,136 bytes free
.
- - End Of File - - DDC7E0D6DF6C3DD0C4E3F3250E7A1D04
6D3EED386323636C4F6567A6FD927C9B

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 24, 2014, 04:15:53 AM

Still the same problems after a reboot.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 24, 2014, 12:57:21 PM

At this point about the only thing I can think of doing is saving your important documents, files, pictures, videos and music and run the Recovery Console and take your computer back to the day you purchased it.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: srcstcbstrd on November 24, 2014, 08:34:29 PM

Thanks. I was afraid of that. For some reason I still have a hinky feeling that it has to do with the Microsoft Updates.

Thanks for all your help and I'll certainly backup everything up and start from scratch.

Title: Re: Can't Play Any Video Media, Having Trouble Updating Windows 7
Post by: SuperDave on November 25, 2014, 10:43:10 AM

You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.