Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Entire Computer is Lagging, Please help


  • This topic is locked This topic is locked
6 replies to this topic

#1 lhilbert85

lhilbert85

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 10 February 2014 - 04:09 PM

At first I thought it was just the browser Chrome, but after I uninstalled it and reinstalled it I realized it was lagging on my entire computer. I have run CCCleaner Malaware, and disabled add-ons with no luck. Following is my DDS reports, Please help!! Thanks!

 

Install Date: 12/12/2008 6:20:36 PM
System Uptime: 2/10/2014 3:02:38 AM (11 hours ago)
.
Motherboard: Dell Inc. |  | 0DT492
Processor: Intel® Pentium® Dual  CPU  T2390  @ 1.86GHz | Microprocessor | 800/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 99 GiB total, 43.036 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.005 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 12.0
AOL Install
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Banctec Service Agreement
Bonjour
Broadcom Management Programs
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant HDA D330 MDC V.92 Modem
Dell-eBay
Dell Best of Web
Dell DataSafe Online
Dell Dock
Dell Getting Started Guide
Dell Remote Access
Dell Support Center (Support Software)
Dell Touchpad
Dell Wireless WLAN Card Utility
DELL0604
Digital Line Detect
EarthLink Setup Files
EDocs
Google Chrome
Google Desktop
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iCloud
iTunes
Java 7 Update 25
Java Auto Updater
Lexmark S310 Series Uninstaller
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee SecurityCenter
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
Move Media Player
Mozilla Firefox 27.0 (x86 en-US)
Mozilla Maintenance Service
NetWaiting
NetZeroInstallers
OGA Notifier 2.0.0048.0
OutlookAddinSetup
QuickSet
QuickTime
Revo Uninstaller 1.94
Rosetta Stone Ltd Services
Rosetta Stone TOTALe
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Spelling Dictionaries Support For Adobe Reader 9
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
.
==== End Of File ===========================
 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.19489  BrowserJavaVersion: 10.25.2
Run by Leighton at 14:27:15 on 2014-02-10
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3061.1459 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Lexmark S310 Series\LMADEmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Program Files\McAfee\VirusScan\McShield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\windows defender\MSASCui.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://xfinity.comcast.net/?cid=insDate10242012
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\program files\mcafee\msk\mcapbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
uRun: [LMab1err] "c:\program files\lexmark\errorapp\LMab1err.exe"
uRun: [LMADEmon] "c:\program files\lexmark s310 series\LMADEmon.exe"
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Dell DataSafe Online] "c:\program files\dell datasafe online\DataSafeOnline.exe" /m
mRun: [dellsupportcenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P dellsupportcenter
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [LMADEmon] "c:\program files\lexmark s310 series\LMADEmon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\DELLRE~1.LNK - 
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{F177CBF1-9AD6-40BF-AE0D-CBA7BF627377} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: ms-help - <Clsid value has no data>
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~1\google\google~3\GoogleDesktopNetwork3.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\32.0.1700.107\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\leighton\appdata\roaming\mozilla\firefox\profiles\6c0j2olm.default\
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\users\leighton\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_44.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-02-10 15:14:57 -------- d-----w- c:\users\leighton\appdata\local\Macromedia
2014-02-10 14:46:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-02-10 14:10:27 -------- d-----w- c:\users\leighton\appdata\local\Apps
2014-02-10 14:10:26 -------- d-----w- c:\users\leighton\appdata\local\Deployment
2014-02-10 06:36:49 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{549c0450-2037-4152-9946-60f225c49386}\mpengine.dll
2014-02-08 10:41:56 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
.
==================== Find3M  ====================
.
2014-02-10 15:25:31 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-10 15:25:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 14:35:35.74 ===============
 
 

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,375 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:09 PM

Posted 14 February 2014 - 02:29 PM

Greetings lhilbert85 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,375 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:09 PM

Posted 17 February 2014 - 04:10 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#4 lhilbert85

lhilbert85
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:09 PM

Posted 18 February 2014 - 06:22 PM

I ran the program. These are the results.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Leighton (administrator) on LEIGHTON-PC on 18-02-2014 15:37:38
Running from C:\Users\Leighton\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dell Inc.) c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McShield.exe
(McAfee, Inc.) C:\Program Files\McAfee\MPF\MPFSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSK\MskSrver.exe
(Rosetta Stone Ltd.) C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcsysmon.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
() C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Lexmark S310 Series\LMADEmon.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
() C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcuimgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\mcupdmgr.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [159744 2007-09-24] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [3563520 2008-07-03] (Dell Inc.)
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-17] (Google)
HKLM\...\Run: [mcagent_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [582992 2007-11-01] (McAfee, Inc.)
HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [184320 2007-12-21] (CyberLink Corp.)
HKLM\...\Run: [Dell DataSafe Online] - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [1742064 2008-10-03] ()
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-06-03] (SupportSoft, Inc.)
HKLM\...\Run: [Malwarebytes Anti-Malware (reboot)] - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [887432 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [LMADEmon] - C:\Program Files\Lexmark S310 Series\LMADEmon.exe [952496 2012-09-07] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2008-01-01] (IDT, Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-711502471-2455460847-459539102-1000\...\Run: [LMab1err] - C:\Program Files\Lexmark\ErrorApp\LMab1err.exe [645296 2012-08-07] ()
HKU\S-1-5-21-711502471-2455460847-459539102-1000\...\Run: [LMADEmon] - C:\Program Files\Lexmark S310 Series\LMADEmon.exe [952496 2012-09-07] ()
HKU\S-1-5-21-711502471-2455460847-459539102-1000\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-12-13] (Google Inc.)
HKU\S-1-5-21-711502471-2455460847-459539102-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-711502471-2455460847-459539102-1000\...\Policies\Explorer: [NoLogOff] 0
AppInit_DLLs: c:\PROGRA~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-17] (Google)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/?cid=insDate10242012
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: McAfee Phishing Filter - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll ()
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: ms-help - No CLSID Value - 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF ProfilePath: C:\Users\Leighton\AppData\Roaming\Mozilla\Firefox\Profiles\6c0j2olm.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/vbp;version=0.9.16 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.15 - C:\Program Files\Veetle\plugins\npVeetle.dll No File
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.15 - C:\Program Files\Veetle\Player\npvlc.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Leighton\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\googledesktop.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\xfinity.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [5106055d0d3ec@5106055d0d414.com] - C:\Users\Leighton\AppData\Roaming\Mozilla\Firefox\Profiles\6ei2tzs2.default\extensions\5106055d0d3ec@5106055d0d414.com
FF HKCU\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\Leighton\AppData\Roaming\Move Networks
FF Extension: Move Media Player - C:\Users\Leighton\AppData\Roaming\Move Networks [2009-11-24]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Move Streaming Media Player) - C:\Users\Leighton\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Entanglement Web App) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-02-10]
CHR Extension: (Shredder Chess Free) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelpbbhpcpelmnfablcbcianelefnnbg [2014-02-10]
CHR Extension: (Google Docs) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-10]
CHR Extension: (Google Drive) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-10]
CHR Extension: (Speed Scrabble) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjbkaklibbbgjmojdkijehpeccajdjbd [2014-02-10]
CHR Extension: (Google Search) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-10]
CHR Extension: (Atari - Asteroids) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkamaohjodmnhiehbogggcllkndklok [2014-02-10]
CHR Extension: (Poppit) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-02-10]
CHR Extension: (Letterblox) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlglhepakicghbgidbdkipfjpmpbcagc [2014-02-10]
CHR Extension: (Google Wallet) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10]
CHR Extension: (Learn Spanish - Qué Onda) - C:\Users\Leighton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj [2014-02-10]
CHR HKLM\...\Chrome\Extension: [ocoombckbcnabpaghmokhaapnbngahck] - C:\Users\Leighton\AppData\Local\CRE\ocoombckbcnabpaghmokhaapnbngahck.crx [2013-01-24]
CHR HKCU\...\Chrome\Extension: [ocoombckbcnabpaghmokhaapnbngahck] - C:\Users\Leighton\AppData\Local\CRE\ocoombckbcnabpaghmokhaapnbngahck.crx [2013-01-24]
 
========================== Services (Whitelisted) =================
 
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-17] (Google)
R2 hnmsvc; c:\ProgramData\SingleClick Systems\Advanced Networking Service\hnm_svc.exe [820464 2008-09-30] (Dell Inc.)
R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [767976 2008-01-09] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2458128 2008-01-25] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [378184 2007-11-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [358224 2007-12-11] (McAfee, Inc.)
R2 McShield; C:\Program Files\McAfee\VirusScan\McShield.exe [144704 2007-07-24] (McAfee, Inc.)
R3 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [695624 2007-12-05] (McAfee, Inc.)
R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [856864 2007-07-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [23880 2007-11-26] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 RosettaStoneDaemon; C:\Program Files\RosettaStoneLtdServices\RosettaStoneDaemon.exe [1646056 2011-03-31] (Rosetta Stone Ltd.)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2654208 2008-07-03] (Dell Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2008-07-03] (Broadcom Corporation)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [31560 2013-05-08] ()
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79304 2007-11-22] (McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35240 2007-11-22] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [201320 2007-11-22] (McAfee, Inc.)
R3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [33832 2007-11-22] (McAfee, Inc.)
R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40488 2007-12-02] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [125728 2007-07-13] (McAfee, Inc.)
R2 Packet; C:\Windows\System32\DRIVERS\packet.sys [22016 2008-06-17] (SingleClick Systems)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-18 15:37 - 2014-02-18 15:44 - 00021203 _____ () C:\Users\Leighton\Downloads\FRST.txt
2014-02-18 15:35 - 2014-02-18 15:37 - 00000000 ____D () C:\FRST
2014-02-18 15:33 - 2014-02-18 15:34 - 01141248 _____ (Farbar) C:\Users\Leighton\Downloads\FRST.exe
2014-02-17 00:50 - 2014-02-17 00:50 - 00110776 _____ () C:\Users\Leighton\Downloads\setup (6).exe
2014-02-12 01:58 - 2014-02-02 14:10 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 01:58 - 2014-02-02 14:10 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 01:57 - 2014-02-02 14:10 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 01:57 - 2014-02-02 14:10 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-02-12 01:57 - 2014-02-01 16:54 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-12 01:57 - 2014-02-01 16:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 01:57 - 2014-02-01 16:47 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 01:57 - 2014-02-01 16:46 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 01:57 - 2014-02-01 16:46 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-12 01:57 - 2013-12-22 09:42 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 01:56 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-10 14:36 - 2014-02-10 14:36 - 00007959 _____ () C:\Users\Leighton\Desktop\attach.txt
2014-02-10 14:36 - 2014-02-10 14:35 - 00011092 _____ () C:\Users\Leighton\Desktop\dds.txt
2014-02-10 14:24 - 2014-02-10 14:25 - 00688992 ____R (Swearware) C:\Users\Leighton\Downloads\dds.com
2014-02-10 09:24 - 2014-02-10 09:24 - 17298824 _____ (Adobe Systems Incorporated) C:\Users\Leighton\Downloads\install_flash_player_12_active_x.exe
2014-02-10 09:18 - 2014-02-10 09:18 - 00606080 _____ () C:\Users\Leighton\Downloads\adobe flash player ie setup.exe
2014-02-10 09:14 - 2014-02-10 09:14 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Macromedia
2014-02-10 08:46 - 2014-02-10 09:02 - 00000000 ____D () C:\Users\Leighton\AppData\Roaming\Mozilla
2014-02-10 08:46 - 2014-02-10 08:46 - 00000808 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-10 08:46 - 2014-02-10 08:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-10 08:46 - 2014-02-10 08:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-10 08:41 - 2014-02-10 08:41 - 00282960 _____ (Mozilla) C:\Users\Leighton\Downloads\Firefox Setup Stub 27.0.exe
2014-02-10 08:16 - 2014-02-10 08:16 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-10 08:12 - 2014-02-18 15:33 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 08:12 - 2014-02-18 02:16 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 08:10 - 2014-02-10 08:11 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Deployment
2014-02-10 08:10 - 2014-02-10 08:10 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Apps\2.0
2014-02-09 00:19 - 2014-02-09 00:19 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Leighton\Downloads\Shockwave_Installer_Slim (2).exe
 
==================== One Month Modified Files and Folders =======
 
2014-02-18 15:52 - 2013-02-23 10:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-18 15:44 - 2014-02-18 15:37 - 00021203 _____ () C:\Users\Leighton\Downloads\FRST.txt
2014-02-18 15:44 - 2008-12-12 18:18 - 01687805 _____ () C:\Windows\WindowsUpdate.log
2014-02-18 15:37 - 2014-02-18 15:35 - 00000000 ____D () C:\FRST
2014-02-18 15:34 - 2014-02-18 15:33 - 01141248 _____ (Farbar) C:\Users\Leighton\Downloads\FRST.exe
2014-02-18 15:33 - 2014-02-10 08:12 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-18 15:30 - 2008-12-13 00:51 - 00046151 _____ () C:\Windows\system32\Config.MPF
2014-02-18 02:16 - 2014-02-10 08:12 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 22:37 - 2006-11-02 06:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-17 22:37 - 2006-11-02 06:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-17 00:50 - 2014-02-17 00:50 - 00110776 _____ () C:\Users\Leighton\Downloads\setup (6).exe
2014-02-16 01:04 - 2008-12-13 00:49 - 00000356 _____ () C:\Windows\Tasks\McDefragTask.job
2014-02-13 00:11 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-12 05:34 - 2013-01-27 22:38 - 00000384 ____H () C:\Windows\Tasks\schedule!481551474.job
2014-02-12 05:29 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-12 05:26 - 2008-01-20 20:47 - 00115440 _____ () C:\Windows\PFRO.log
2014-02-12 05:24 - 2006-11-02 07:01 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-12 04:22 - 2006-11-02 04:33 - 00719076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-12 04:01 - 2013-08-14 02:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 03:38 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-10 14:36 - 2014-02-10 14:36 - 00007959 _____ () C:\Users\Leighton\Desktop\attach.txt
2014-02-10 14:35 - 2014-02-10 14:36 - 00011092 _____ () C:\Users\Leighton\Desktop\dds.txt
2014-02-10 14:25 - 2014-02-10 14:24 - 00688992 ____R (Swearware) C:\Users\Leighton\Downloads\dds.com
2014-02-10 14:12 - 2008-12-13 00:33 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-10 09:25 - 2013-02-23 10:14 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-10 09:25 - 2013-02-23 10:14 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-10 09:24 - 2014-02-10 09:24 - 17298824 _____ (Adobe Systems Incorporated) C:\Users\Leighton\Downloads\install_flash_player_12_active_x.exe
2014-02-10 09:18 - 2014-02-10 09:18 - 00606080 _____ () C:\Users\Leighton\Downloads\adobe flash player ie setup.exe
2014-02-10 09:14 - 2014-02-10 09:14 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Macromedia
2014-02-10 09:02 - 2014-02-10 08:46 - 00000000 ____D () C:\Users\Leighton\AppData\Roaming\Mozilla
2014-02-10 08:46 - 2014-02-10 08:46 - 00000808 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-10 08:46 - 2014-02-10 08:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-10 08:46 - 2014-02-10 08:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-10 08:46 - 2009-05-21 17:57 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-02-10 08:41 - 2014-02-10 08:41 - 00282960 _____ (Mozilla) C:\Users\Leighton\Downloads\Firefox Setup Stub 27.0.exe
2014-02-10 08:16 - 2014-02-10 08:16 - 00001933 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-10 08:16 - 2008-12-25 17:04 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Google
2014-02-10 08:14 - 2008-12-13 00:47 - 00000000 ____D () C:\Program Files\Google
2014-02-10 08:11 - 2014-02-10 08:10 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Deployment
2014-02-10 08:10 - 2014-02-10 08:10 - 00000000 ____D () C:\Users\Leighton\AppData\Local\Apps\2.0
2014-02-09 00:20 - 2010-09-07 13:42 - 00000000 ____D () C:\Windows\system32\Adobe
2014-02-09 00:19 - 2014-02-09 00:19 - 04901896 _____ (Adobe Systems Inc.) C:\Users\Leighton\Downloads\Shockwave_Installer_Slim (2).exe
2014-02-02 14:10 - 2014-02-12 01:58 - 06019584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-02 14:10 - 2014-02-12 01:58 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-02 14:10 - 2014-02-12 01:57 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-02 14:10 - 2014-02-12 01:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-02-01 16:54 - 2014-02-12 01:57 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-02-01 16:47 - 2014-02-12 01:57 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-01 16:47 - 2014-02-12 01:57 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-01 16:46 - 2014-02-12 01:57 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-01 16:46 - 2014-02-12 01:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-01 01:00 - 2008-12-13 00:49 - 00000348 _____ () C:\Windows\Tasks\McQcTask.job
 
Some content of TEMP:
====================
C:\Users\Leighton\AppData\Local\Temp\1391518197_BetterMarkIt_2040_2061_P.exe
C:\Users\Leighton\AppData\Local\Temp\execurl.exe
C:\Users\Leighton\AppData\Local\Temp\safeguard.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-12 05:34
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-02-2014
Ran by Leighton at 2014-02-18 16:04:23
Running from C:\Users\Leighton\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (Version:  - Microsoft)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.7.148 - Adobe Systems, Inc.)
AOL Install (Version: 1.0.0 - America Online, Inc)
Apple Application Support (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (Version: 2.0.0 - Dell Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom Management Programs (Version: 10.15.01 - Broadcom Corporation)
CCleaner (Version: 4.01 - Piriform)
Cisco EAP-FAST Module (Version: 2.1.3 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.0.13 - Cisco Systems, Inc.)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00 - Conexant)
Dell Best of Web (Version: 1.00.0000 - Dell)
Dell DataSafe Online (Version: 1.1.0019 - Dell, Inc.)
Dell Dock (Version: 1.0.0 - Dell)
Dell Getting Started Guide (Version: 1.00.0000 - Dell Inc.)
Dell Remote Access (Version: 1.0.0.0 - Dell Inc.)
Dell Support Center (Support Software) (Version: 2.2.09085 - Dell)
Dell Touchpad (Version: 7.1.102.7 - Alps Electric)
Dell Wireless WLAN Card Utility (Version: 4.170.77.13 - Dell Inc.)
DELL0604 (Version: 1.0.0 - WildTangent) Hidden
Dell-eBay (Version: 1.00.0000 - Dell)
Digital Line Detect (Version: 1.21 - BVRP Software, Inc)
EarthLink Setup Files (Version: 2008.1.18.0 - EarthLink, Inc.)
EDocs (Version:  - )
Google Chrome (Version: 32.0.1700.107 - Google Inc.)
Google Desktop (Version: 5.9.1005.12335 - Google)
Google Toolbar for Internet Explorer (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (Version:  - )
iCloud (Version: 2.1.2.8 - Apple Inc.)
iTunes (Version: 10.7.0.21 - Apple Inc.)
Java 7 Update 25 (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Lexmark S310 Series Uninstaller (Version:  - Lexmark International, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SecurityCenter (Version:  - McAfee, Inc.)
MediaDirect (Version: 3.5 - Dell)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Modem Diagnostic Tool (Version: 1.0.24.0 - Dell)
Move Media Player (HKCU Version:  - Move Networks)
Mozilla Firefox 27.0 (x86 en-US) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (Version: 27.0 - Mozilla)
NetWaiting (Version: 2.5.53 - BVRP Software, Inc)
NetZeroInstallers (Version: 1.0.0 - NetZero, Inc.)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OutlookAddinSetup (Version: 1.0.0 - CyberLink)
QuickSet (Version: 8.2.20 - Dell Inc.)
QuickTime (Version: 7.73.80.64 - Apple Inc.)
Revo Uninstaller 1.94 (Version: 1.94 - VS Revo Group)
Rosetta Stone Ltd Services (Version: 3.2.17 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (Version: 4.1.15.1 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (Version: 10.1 - Roxio)
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)
 
==================== Restore Points  =========================
 
12-02-2014 09:00:23 Windows Update
13-02-2014 06:56:23 Scheduled Checkpoint
14-02-2014 06:11:59 Scheduled Checkpoint
16-02-2014 08:08:31 Windows Update
17-02-2014 22:53:46 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
2006-11-02 04:23 - 2013-05-22 22:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {0F0AF582-B269-4F33-9F21-2AD53638D44A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {118727EC-591D-4520-808C-F30822A80AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {386B8DE0-0F3A-45A4-B2D5-843CBB484CCD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-10] (Adobe Systems Incorporated)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {4914B51E-8FDA-4E61-97A8-52BEDB70C11F} - System32\Tasks\McQcTask => C:\Program Files\McAfee\MQC\QcConsol.exe [2007-12-04] (McAfee, Inc.)
Task: {59190585-4B6A-46A1-981A-B6147F7FEC5B} - System32\Tasks\LexmarkPUDCTask => C:\Program Files\Lexmark\ProductUpdate\LMprodupdate.exe [2012-09-11] ()
Task: {5FE71E3A-27F9-4AA8-80A8-2D5390E32CFA} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {CB7F94C6-7F6E-4179-A381-6E2F64CACC2F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: {D0A6F80B-44F6-4096-ABC8-D1104D23E9F8} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Leighton => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {D2BD5B47-BF92-4D61-A0E6-0FB5B59F2A06} - System32\Tasks\McDefragTask => C:\Program Files\McAfee\MQC\QcConsol.exe [2007-12-04] (McAfee, Inc.)
Task: {D96176B3-484D-4E3B-9568-756C717833DA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E79F8EC0-BE09-471A-8BCC-A11B2161DA5C} - System32\Tasks\Microsoft\Windows\RestartManager\{8DDC9DA2-3A1C-4aea-AB0B-2C5F631EAF34} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {F017F5A7-9C01-42ED-A849-77FE1601097D} - System32\Tasks\schedule!481551474 => C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe [2013-01-23] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\McDefragTask.job => C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe
Task: C:\Windows\Tasks\schedule!481551474.job => C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe
 
==================== Loaded Modules (whitelisted) =============
 
2008-10-03 10:19 - 2008-10-03 10:19 - 00017648 _____ () C:\Program Files\Dell DataSafe Online\cpputils.dll
2008-12-13 00:39 - 2008-07-03 07:42 - 00055808 _____ () C:\Windows\System32\bcmwlrmt.dll
2008-12-13 00:48 - 2010-06-17 19:00 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll
2008-10-03 10:19 - 2008-10-03 10:19 - 01742064 _____ () C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
2008-10-03 10:19 - 2008-10-03 10:19 - 00255728 _____ () C:\Program Files\Dell DataSafe Online\SdbShared.dll
2008-10-03 10:18 - 2008-10-03 10:18 - 00058608 _____ () C:\Program Files\Dell DataSafe Online\BalloonWindow.dll
2008-10-03 10:19 - 2008-10-03 10:19 - 00093936 _____ () C:\Program Files\Dell DataSafe Online\SdbUI.dll
2008-10-03 10:19 - 2008-10-03 10:19 - 00124144 _____ () C:\Program Files\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-09 20:46 - 2012-09-07 02:40 - 00952496 _____ () C:\Program Files\Lexmark S310 Series\LMADEmon.exe
2013-02-09 20:47 - 2012-08-22 06:05 - 01490944 _____ () C:\Program Files\Lexmark S310 Series\lmabdrs.dll
2013-02-09 20:46 - 2012-08-07 07:40 - 00645296 _____ () C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
2013-02-09 20:46 - 2012-08-07 07:37 - 00217088 _____ () C:\Program Files\Lexmark\ErrorApp\lmab1err.dll
2014-02-10 08:16 - 2014-02-01 17:42 - 04055368 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-10 08:16 - 2014-02-01 17:42 - 00399688 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-10 08:15 - 2014-02-01 17:41 - 01634632 _____ () C:\Program Files\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/18/2014 03:29:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45539609
 
Error: (02/18/2014 03:29:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45539609
 
Error: (02/18/2014 03:29:18 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/18/2014 03:29:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45528892
 
Error: (02/18/2014 03:29:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45528892
 
Error: (02/18/2014 03:29:07 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/18/2014 03:28:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45513619
 
Error: (02/18/2014 03:28:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 45513619
 
Error: (02/18/2014 03:28:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/18/2014 03:28:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 45482575
 
 
System errors:
=============
Error: (02/18/2014 03:30:12 PM) (Source: Service Control Manager) (User: )
Description: 30000stisvc
 
Error: (02/18/2014 00:54:58 AM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay
 
Error: (02/17/2014 10:38:26 AM) (Source: Service Control Manager) (User: )
Description: 30000
 
Error: (02/17/2014 10:37:26 AM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay
 
Error: (02/16/2014 11:02:37 PM) (Source: Service Control Manager) (User: )
Description: 30000stisvc
 
Error: (02/16/2014 01:04:12 AM) (Source: Service Control Manager) (User: )
Description: 30000stisvc
 
Error: (02/16/2014 01:02:22 AM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay
 
Error: (02/13/2014 07:55:28 AM) (Source: Service Control Manager) (User: )
Description: 30000NlaSvc
 
Error: (02/13/2014 00:19:15 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
 
Error: (02/12/2014 11:18:45 PM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay
 
 
Microsoft Office Sessions:
=========================
Error: (10/16/2013 01:43:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 8029 seconds with 4920 seconds of active time.  This session ended with a crash.
 
Error: (10/03/2013 11:11:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/03/2013 11:11:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/03/2013 11:11:09 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (10/03/2013 11:10:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/19/2013 02:21:11 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/17/2013 08:54:17 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 501 seconds with 480 seconds of active time.  This session ended with a crash.
 
Error: (09/17/2013 08:45:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/17/2013 08:44:27 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (09/16/2013 06:28:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 4517 seconds with 2340 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-18 15:41:46.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-18 15:41:33.481
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:03:39.038
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:03:36.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:03:34.537
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:03:31.930
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:02:47.749
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:02:45.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:02:43.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-11-19 03:02:41.045
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Microsoft Security Client\Drivers\Backup\NisDrv\NisDrvWFP.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 59%
Total physical RAM: 3061.31 MB
Available physical RAM: 1234.07 MB
Total Pagefile: 6332.79 MB
Available Pagefile: 4469.42 MB
Total Virtual: 2047.88 MB
Available Virtual: 1925.98 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:99.2 GB) (Free:44.81 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 112 GB) (Disk ID: 88000000)
Partition 1: (Not Active) - (Size=94 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=99 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)
 
==================== End Of Log ============================


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,375 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:09 PM

Posted 18 February 2014 - 08:40 PM

Greetings and welcome,

Lots to do in our first post.

Do you connect your computer to a docking station?

Do you use McAfee?

Please run these for me.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Temporary File Cleaner (TFC)

--------------------
  • Download TFC by OldTimer to your desktop.
  • Close any open windows
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run
  • Click the Start button to begin the process
  • Allow TFC to run uninterrupted
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine, if it doesn't, manually reboot to ensure a complete clean
NOTE: It's normal for the computer to boot more slowly the first time after running TFC

TFC will clear out all temporary folders for all user accounts (temp, IE temp, Java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. TFC only cleans temporary folders and will not clean URL history, prefetch, or cookies


===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
SearchScopes: HKLM - DefaultScope value is missing.
Handler: ms-help - No CLSID Value - 
FF Plugin: @veetle.com/vbp;version=0.9.16 - C:\Program Files\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.15 - C:\Program Files\Veetle\plugins\npVeetle.dll No File
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.15 - C:\Program Files\Veetle\Player\npvlc.dll No File
Task: {F017F5A7-9C01-42ED-A849-77FE1601097D} - System32\Tasks\schedule!481551474 => C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe [2013-01-23] () <==== ATTENTION
C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe
Task: C:\Windows\Tasks\schedule!481551474.job => C:\ProgramData\BetterSoft\VaudiX\VaudiX.exe
AlternateDataStreams: C:\ProgramData\TEMP:5D432CE3
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Questions
  • AdwCleaner log
  • Junkware log
  • Did TFC run properly?
  • Security Check log
  • Fixlog
  • How is your computer running?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,375 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:09 PM

Posted 21 February 2014 - 08:53 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,375 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:09 PM

Posted 23 February 2014 - 08:42 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"May you be richly rewarded by the Lord, the God of Israel, under whose wings you have come to take refuge."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users