Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IE, Firefox, GoogleChrome Webpages Timing Out - Infection Suspected


  • This topic is locked This topic is locked
22 replies to this topic

#1 Nikki_2theSecond

Nikki_2theSecond

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 13 May 2014 - 11:07 AM

Hello!

 

I have been having issues accessing websites that I have previously had no trouble accessing. There seems to be no connection between the websites. For instance, while attempting to make a store credit payment at Amazon.com, I can login to my Amazon account and shop around the website, and get to the login screen for the credit account without any problems, but when I attempt to login to the credit account I receive a error message saying the website is taking too long to respond and has timed out. I attempt to access the page from a different browser and I receive the same message. Later, while accessing a culinary blog I've frequented (previously without issues) I will click on a link within a post that should access another recipe the same site and I will receive the same time out message. This is only an example of two websites. This has been happening repeatedly at different reasonably safe websites within minutes to the point it seems I can only access one or two webites without trouble in the same sitting. Widows trouble shooter never finds anything wrong with my system or internet connection. Another member of my household is having the same issue. We have the same laptops and antivirus software. She contacted Avast and they allegedly removed malware that was suppose to have fixed the problem but 6 weeks later it has returned. This is the first time I've attempted to fix the problem on my computer.

I realize that this could be a server problem for the websites, but it seems suspicious that 5 or 6 unrelated websites have the same problem within an hour or less of one another, multiple days in a row.

 

In researching how to fix the problem myself, most the tech support communities have used ComboFix in their directions for folks with similar problems. I am by no means a trained professional so I'm seeking help. I did run a program called Rkill before realizing that I should probably seek out help to fix this issue. I've attached Rkill report as well.

Thank you in advance for your time and patience!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Megan at 10:35:56 on 2014-05-13
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3895.1613 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\WUDFHost.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbengine.exe
C:\Windows\System32\vds.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.boundless.org/
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Octoshape Streaming Services] "C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
uRun: [Spotify Web Helper] "C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\Megan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Megan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\142445543484 : DHCPNameServer = 10.60.20.20 10.60.20.19 10.60.20.0
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\1557F647164796F6E637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C416155796E64716 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C416B656A457E616C65737B616 : DHCPNameServer = 192.168.1.10 205.152.37.23
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C4F6775637D27457563747D275966496 : DHCPNameServer = 4.2.2.2 4.2.2.5 8.8.8.8
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\Megan\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-5-6 447888]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-19 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-19 208416]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-15 55280]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-7-8 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-7-8 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-7-8 423240]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-9 89600]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-7-8 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-8 85328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-6 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-5-6 109048]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-22 2211000]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-9 13336]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-15 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-9 1692480]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-9 2320920]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe [2014-2-28 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-2-28 271728]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-9 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-9 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-9 172704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-9 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-4-9 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-9 289280]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-17 7680512]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-6 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-9 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-9 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-13 14:33:47    75888    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B3D281B-12D7-4F1A-933C-AA4BD95EC38D}\offreg.dll
2014-05-13 02:11:00    --------    d-----w-    C:\Users\Megan\AppData\Local\Western_Digital_Technolog
2014-05-13 02:00:22    --------    d-----w-    C:\Program Files\Common Files\Western Digital
2014-05-13 02:00:22    --------    d-----w-    C:\Program Files (x86)\Common Files\Western Digital
2014-05-13 01:57:06    --------    d-----w-    C:\ProgramData\Package Cache
2014-05-10 13:58:23    536576    ----a-w-    C:\Windows\SysWow64\sqlite3.dll
2014-05-09 22:03:31    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2B3D281B-12D7-4F1A-933C-AA4BD95EC38D}\mpengine.dll
2014-05-08 02:49:50    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-08 02:49:48    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-07 22:20:28    --------    d-----r-    C:\Users\Megan\Dropbox
2014-05-07 22:19:39    --------    d-----w-    C:\Users\Megan\AppData\Roaming\DropboxMaster
2014-05-07 22:16:58    --------    d-----w-    C:\Users\Megan\AppData\Roaming\Dropbox
2014-05-07 01:32:48    --------    d-s---w-    C:\Windows\System32\CompatTel
2014-05-07 01:09:56    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-05-07 01:09:49    43152    ----a-w-    C:\Windows\avastSS.scr
2014-05-07 01:09:33    447888    ----a-w-    C:\Windows\System32\drivers\aswNdisFlt.sys
2014-05-06 23:33:46    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-05-06 21:14:46    465408    ----a-w-    C:\Windows\System32\aepdu.dll
2014-05-06 21:14:45    424448    ----a-w-    C:\Windows\System32\aeinv.dll
.
==================== Find3M  ====================
.
2014-05-07 01:09:52    85328    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-05-07 01:09:52    208416    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-05-07 01:09:52    1039096    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-05-07 01:09:51    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-05-07 01:09:50    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-05-07 01:09:50    79184    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-04-29 22:59:18    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 22:59:18    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-08 01:19:32    28184    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2014-03-31 13:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-06 09:31:33    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21    243712    ----a-w-    C:\Windows\System32\wow64.dll
2014-03-04 09:44:21    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29    2048    ----a-w-    C:\Windows\SysWow64\user.exe
.
============= FINISH: 10:36:32.46 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:10 AM

Posted 18 May 2014 - 11:10 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/534189 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 18 May 2014 - 06:24 PM

Hello!

 

As requested by the HelpBot program I am replying. I don't think there's much for me to add to my original problem/post except that the issue has not been constant but within a day or two of posting in the forum it has seemed to abated for the time being. In a post on (a British, I think) tech help forum, I found someone with the same issue: websites suddenly timing out in all browsers with no known user connection issues; then suddenly the problem disappearing (websites no longer time out) for week(s) at a time only to return with a vengeance for a day or two longer than before and then suddenly clear up again for a time (usually multiple weeks).

 

The tech help at that forum had the user run a program called Rkill on their computer and then referred them to bleepingcomputer to download and run Combofix. I don't expect the exact same thing to be prescribed for my situation. I'm only relaying what I understood to happen or be the opinion of someone else fixing a similar problem.

 

I realize there's a chance I'm having randomly spread-out, wretched internet luck and am attempting to connect to very busy servers that time out. If that's the clearly the case, please relieve me of my ignorance. I am open to instruction and would be very happy to find out I don't have an infection/malware destroying my computer. :)

I apologize that the first time I posted the dds I failed to turn off my antivirus. The following dds results were obtained with Avast turned off. Windows firewall was not turned off but I wasn't sure how to turn off all of Windows' built-in security or if just the firewall needed turning off or if it didn't matter. I also apologize, I wasn't 100% how to zip a file before attaching it (re: attach.txt first time attaching it). I have since realized how easy it is, and can provide the most recent attach.txt as a zipped file upon request.

I do not have my original Windows CD/DVD.

Thanks again for your patience and consideration in helping me out!


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Megan at 18:29:05 on 2014-05-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3895.2219 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.boundless.org/
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Octoshape Streaming Services] "C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
uRun: [Spotify Web Helper] "C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
StartupFolder: C:\Users\Megan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Megan\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Megan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\142445543484 : DHCPNameServer = 10.60.20.20 10.60.20.19 10.60.20.0
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\1557F647164796F6E637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\2656C6B696E6534376 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C416155796E64716 : DHCPNameServer = 4.2.2.1
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C416B656A457E616C65737B616 : DHCPNameServer = 192.168.1.10 205.152.37.23
TCP: Interfaces\{5B998449-6FC9-4D55-B5C7-D17A756309CD}\C4F6775637D27457563747D275966496 : DHCPNameServer = 4.2.2.2 4.2.2.5 8.8.8.8
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101772.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\Megan\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswndisflt.sys [2014-5-6 447888]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-3-19 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-3-19 208416]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-4-15 55280]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2012-7-8 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2012-7-8 1039096]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2012-7-8 423240]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-4-9 89600]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-7-8 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-5-6 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-5-6 109048]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-4-22 2211000]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-4-9 13336]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-4-15 1153368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-9 1692480]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-9 2320920]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD Smartware\WDBackupEngine.exe [2014-5-9 1042808]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-5-9 295800]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2011-4-9 53800]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-9 35104]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-4-9 172704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-4-9 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-4-9 158976]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-4-9 289280]
R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-3-17 7680512]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-1-8 85328]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-5-6 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-3-5 340240]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-4-9 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-4-9 325152]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-27 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-18 17:42:55    --------    d-----w-    C:\Program Files\iPod
2014-05-18 17:42:53    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-18 17:42:53    --------    d-----w-    C:\Program Files\iTunes
2014-05-18 17:42:53    --------    d-----w-    C:\Program Files (x86)\iTunes
2014-05-16 20:13:25    --------    d-sh--w-    C:\Users\Megan\AppData\Local\EmieUserList
2014-05-16 20:13:25    --------    d-sh--w-    C:\Users\Megan\AppData\Local\EmieSiteList
2014-05-16 16:29:31    10651704    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B2A06EEE-73C5-4641-9C17-E2592D50036E}\mpengine.dll
2014-05-16 03:21:01    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-05-16 03:21:01    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-05-15 17:05:17    477184    ----a-w-    C:\Windows\System32\aepdu.dll
2014-05-15 17:05:16    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-05-15 17:00:09    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-15 17:00:09    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-05-15 17:00:08    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-15 17:00:08    455168    ----a-w-    C:\Windows\System32\winlogon.exe
2014-05-15 17:00:08    3969984    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2014-05-15 17:00:08    3914176    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2014-05-15 17:00:07    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-15 17:00:06    722944    ----a-w-    C:\Windows\System32\objsel.dll
2014-05-15 17:00:06    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-15 17:00:05    5550016    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-05-13 02:11:00    --------    d-----w-    C:\Users\Megan\AppData\Local\Western_Digital_Technolog
2014-05-13 02:00:22    --------    d-----w-    C:\Program Files\Common Files\Western Digital
2014-05-13 02:00:22    --------    d-----w-    C:\Program Files (x86)\Common Files\Western Digital
2014-05-13 01:57:06    --------    d-----w-    C:\ProgramData\Package Cache
2014-05-10 13:58:23    536576    ----a-w-    C:\Windows\SysWow64\sqlite3.dll
2014-05-08 13:48:42    227704    ----a-w-    C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-07 22:20:28    --------    d-----r-    C:\Users\Megan\Dropbox
2014-05-07 22:19:39    --------    d-----w-    C:\Users\Megan\AppData\Roaming\DropboxMaster
2014-05-07 22:16:58    --------    d-----w-    C:\Users\Megan\AppData\Roaming\Dropbox
2014-05-07 01:32:48    --------    d-s---w-    C:\Windows\System32\CompatTel
2014-05-07 01:09:56    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-05-07 01:09:49    43152    ----a-w-    C:\Windows\avastSS.scr
2014-05-07 01:09:33    447888    ----a-w-    C:\Windows\System32\drivers\aswndisflt.sys.1400172826709
2014-05-07 01:09:33    447888    ----a-w-    C:\Windows\System32\drivers\aswndisflt.sys
2014-05-06 23:33:46    108968    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
.
==================== Find3M  ====================
.
2014-05-15 16:53:48    85328    ----a-w-    C:\Windows\System32\drivers\aswstm.sys
2014-05-15 16:53:48    1039096    ----a-w-    C:\Windows\System32\drivers\aswsnx.sys
2014-05-15 00:59:37    70832    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-15 00:59:37    692400    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-05-07 01:09:52    208416    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-05-07 01:09:51    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-05-07 01:09:50    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-05-07 01:09:50    79184    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-04-15 06:34:10    1070232    ----a-w-    C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-12 02:22:05    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:22:05    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:19:38    29184    ----a-w-    C:\Windows\System32\sspisrv.dll
2014-04-12 02:19:38    136192    ----a-w-    C:\Windows\System32\sspicli.dll
2014-04-12 02:19:37    28160    ----a-w-    C:\Windows\System32\secur32.dll
2014-04-12 02:19:05    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-04-12 02:12:06    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-04-12 02:10:56    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-04-08 01:19:32    28184    ----a-w-    C:\Windows\System32\drivers\aswKbd.sys
2014-03-31 13:35:08    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-03-06 09:31:33    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34    548352    ----a-w-    C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15    752640    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41    5784064    ----a-w-    C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33    455168    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43    38400    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36    4254720    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40    592896    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43    32256    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15    2043904    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39    1967104    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40    2260480    ----a-w-    C:\Windows\System32\wininet.dll
2014-03-06 05:41:49    1789440    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21    362496    ----a-w-    C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21    243712    ----a-w-    C:\Windows\System32\wow64.dll
2014-03-04 09:44:21    13312    ----a-w-    C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:20    39936    ----a-w-    C:\Windows\System32\wincredprovider.dll
2014-03-04 09:44:10    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-03-04 09:44:08    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-03-04 09:44:06    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-03-04 09:44:03    16384    ----a-w-    C:\Windows\System32\ntvdm64.dll
2014-03-04 09:44:00    424960    ----a-w-    C:\Windows\System32\KernelBase.dll
2014-03-04 09:43:56    57344    ----a-w-    C:\Windows\System32\cngprovider.dll
2014-03-04 09:43:56    52736    ----a-w-    C:\Windows\System32\dpapiprovider.dll
2014-03-04 09:43:56    44544    ----a-w-    C:\Windows\System32\dimsroam.dll
2014-03-04 09:43:56    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-03-04 09:43:55    56832    ----a-w-    C:\Windows\System32\adprovider.dll
2014-03-04 09:43:55    53760    ----a-w-    C:\Windows\System32\capiprovider.dll
2014-03-04 09:16:54    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2014-03-04 09:16:18    274944    ----a-w-    C:\Windows\SysWow64\KernelBase.dll
2014-03-04 08:09:30    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29    2048    ----a-w-    C:\Windows\SysWow64\user.exe
.
============= FINISH: 18:30:02.98 ===============
 



#4 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 19 May 2014 - 04:52 AM

Hi Nikki_2theSecond,

Welcome to the BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum. :welcome:
My name is Mako and I will be helping you with your computer problems.

 
I'm sorry to keep you waiting so long. We get overwhelmed here at BleepingComputer's sometimes. :unsure:
 
Thank you for the clear description of your problems. I don't think your internet issues are strictly malware related, but we will sort that out to be 100% sure. I've experienced the same problems myself some time ago which would let me believe that your problems are also connection related, as was in my case the problem.
 
But... as I've said before I would like to start with a general malware check-up, after all this is an area we can't leave unattended. When finished we can take a closer look to your connection status, if still necessary.

Before we begin, please note the following:

  • Please stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • The instructions given are for your system only!
  • Please do not run any tools until requested! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • If you don't understand something don't hesitate to ask before running the tools.
  • I live in Belgium. Please take in mind that, given the time difference, it can take a while before I'll be able to get back to you. Normally you can expect a reply within 24h, if not please feel free to send me a PM!

Now let's get started...

:step1: ======Zoek.exe======

Take action to disable your antivirus and antispyware programs, as they may conflict with Zoek.exe
>> Info on how to disable your security applications > http://www.bleepingcomputer.com/forums/topic114351.html

Download 51a612a8b27e2-Zoek.pngzoek.exe to your desktop

  • If Internet Explorer, any other browser, or a security program issues a warning indicating the file is unsafe, please ignore, since it is a false warning.

Using Zoek.exe

  • On the Desktop, double-click Zoek.exe to start the tool.
    Windows Vista, 7 and 8 users right-click the file and select: Run as Administrator.
    Give the program a few seconds to appear.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this system only, do not use it on any other computer even if the problems are similar.
    filesrcm;
    startupall;
    chromelook;
    firefoxlook;
    skipfix-iedefaults;
    resethosts;
    emptyclsid;
    emptyfolderscheck;delete
    
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive.
  • Please post the logfile for further review in your next comment.

:step2: ======MalwareBytes Anti-Malware (MBAM)======

Please download Malwarebytes Anti-Malware photo.jpg?sz=48 and save it to your desktop.

  • Double-click on the setup file (mbam-setup.exe), then click on Run to install.
  • Malwarebytes will automatically open to it's Dashboard. If you have never run this version, you should see a red note at the top indicating "A scan has never been run on your system"

    malwarebytes-anti-malware-fix-now.jpg
    .
  • Click on Update Now to download the current database definitions, then click the Scan Now >> button.
    .
  • If you have run this version before, you should see a green note at the top indicating "Your system is fully protected".
  • You will be prompted to update Malwarebytes...click on the Update Now button.
  • The THREAT SCAN will automatically begin.
  • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.

    malwarebytes-anti-malware-potential-thre
    .
  • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
  • After rebooting the computer, copy and past the mbam.log in your next reply.

Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 


#5 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 19 May 2014 - 05:04 PM

Hi Mako!

Thank you so very much for your time and help!
 

Zoek.exe ran without problems. :thumbup2:

 

Malwarebytes Anti-Malware said it was unable to connect to the server to download updates. I did already have an older version installed but it didn't seem to have any problems installing the newer software. Otherwise Malwarebytes ran without problems and did not find any infections so did not prompt me to restart.

 

The reports follow and thanks again!

 

Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Megan on Mon 05/19/2014 at 16:57:28.96.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Megan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5/19/2014 5:02:34 PM Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host
 
# localhost name resolution is handle within DNS itself.
127.0.0.1       localhost
::1             localhost

==== Empty Folders Check ======================

C:\PROGRA~2\eMusic Download Manager deleted successfully
C:\PROGRA~2\MyShoppingGenie deleted successfully
C:\PROGRA~2\The Weather Channel FW deleted successfully
C:\PROGRA~3\Cozi deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Megan\AppData\Roaming\eMusic deleted successfully
C:\Users\Megan\AppData\Local\Powercinema deleted successfully
C:\Users\Megan\AppData\Local\VirtualStore deleted successfully

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\Windows\syswow64\appdata deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-05-07 01:09:49    0B5A0005C0BDF4A05174576AF80DEA04    43152    ----a-w-    C:\Windows\avastSS.scr
====== C:\Users\Megan\AppData\Local\Temp ====
2014-05-19 19:29:39    62AEB8305A12986E4901CC4860ED0382    41984    ----a-w-    C:\Users\Megan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphqdtfq.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-18 20:52:33    9F9538CE6BC62732C4A15D0264AEE989    8192    ----a-w-    C:\Windows\SysWOW64\WDPABKP.dat
2014-05-16 03:21:03    FBCF3F01177953EBF1E735643621CCF5    69632    ----a-w-    C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 03:21:02    EB5347F6149D3FF25F4D609A21A3BD67    17382912    ----a-w-    C:\Windows\SysWOW64\mshtml.dll
2014-05-16 03:21:01    10D531ADC7B8FB36C7361D44AF6E8AB6    2724864    ----a-w-    C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 17:05:17    E9D88493FBDB36D4B65C6F2F7F122C95    12874240    ----a-w-    C:\Windows\SysWOW64\shell32.dll
2014-05-15 17:00:08    9DE19EA21DF99AF15BA5A947E5317F9E    550912    ----a-w-    C:\Windows\SysWOW64\kerberos.dll
2014-05-15 17:00:08    4D59F470985D08139E42D15842816C47    3969984    ----a-w-    C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 17:00:08    31FA2485DFC773F1E718A4D19F443FA9    3914176    ----a-w-    C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 17:00:06    ED195AC76E10F17F6DD60C49666F2A83    259584    ----a-w-    C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 16:59:57    995B39A08421C7725D1DF8DACEBBFC89    538112    ----a-w-    C:\Windows\SysWOW64\objsel.dll
2014-05-15 16:59:57    461B713DE7F353C6447B744F1A049930    274944    ----a-w-    C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 16:59:56    FBC78B5D12A4F5A62D9C91E0E0E46D46    49664    ----a-w-    C:\Windows\SysWOW64\adprovider.dll
2014-05-15 16:59:56    834A859BB331B0B2CCAE25BB1986F80D    47616    ----a-w-    C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 16:59:56    828185688FDAAE6C7959B884ABED1766    247808    ----a-w-    C:\Windows\SysWOW64\schannel.dll
2014-05-15 16:59:56    62C0798CC68EBF42F29C92E6CD6DC3D6    36864    ----a-w-    C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 16:59:56    541BB9B4C899ADCC5D3DB89208C1F409    65536    ----a-w-    C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 16:59:56    3A1ABE045A3E30799576E83A2D012B43    172032    ----a-w-    C:\Windows\SysWOW64\wdigest.dll
2014-05-15 16:59:56    38A30B8E4216BE24D30F766EF3BAC2C7    48128    ----a-w-    C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 16:59:56    335FA669FC952BC4888CEDBDB42607E2    51200    ----a-w-    C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 16:59:54    5E11C55CC4D9330E55CCB22B1F20BB33    35328    ----a-w-    C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 16:59:52    C94CE65AE7701E9FDBA889045543E27C    22016    ----a-w-    C:\Windows\SysWOW64\secur32.dll
2014-05-15 16:59:52    75878492F2B33405EEF900F8C16C6D08    96768    ----a-w-    C:\Windows\SysWOW64\sspicli.dll
2014-05-15 16:59:52    2A86C18CE6869C77FCEB62F3B47D4D5B    17408    ----a-w-    C:\Windows\SysWOW64\credssp.dll
2014-05-10 13:58:23    0DC5AF80D059DEC792B665ED598C6567    536576    ----a-w-    C:\Windows\SysWOW64\sqlite3.dll
2014-05-07 01:33:47    AA12D7A960DB78DD9690AB5B5DAE6586    440832    ----a-w-    C:\Windows\SysWOW64\ieui.dll
2014-05-07 01:33:42    CE6921D33682C6C3DB8A45853CC69402    455168    ----a-w-    C:\Windows\SysWOW64\vbscript.dll
2014-05-07 01:33:23    EDACA6C44D9CE200F899B7DB0F201DFF    164864    ----a-w-    C:\Windows\SysWOW64\msrating.dll
2014-05-07 01:33:23    7E9FE7DB43BC204E44F159F843E35C15    367616    ----a-w-    C:\Windows\SysWOW64\dxtmsft.dll
2014-05-07 01:33:23    34FC79C948EE2C5FD0CD699E7D7F91B7    244224    ----a-w-    C:\Windows\SysWOW64\dxtrans.dll
2014-05-07 01:33:22    EBC35FE64056910A84485BEEB6DCCAC6    524288    ----a-w-    C:\Windows\SysWOW64\msfeeds.dll
2014-05-07 01:33:22    31385A6CAA31BE9D07B0B32E5AA99ABB    43008    ----a-w-    C:\Windows\SysWOW64\jsproxy.dll
2014-05-07 01:33:21    21BF6759685FD193715B483F2B3F21B1    112128    ----a-w-    C:\Windows\SysWOW64\ieUnatt.exe
2014-05-07 01:33:20    82287FCFFA4A2D60FD744E3FEB3192C5    61952    ----a-w-    C:\Windows\SysWOW64\iesetup.dll
2014-05-07 01:33:20    0FDC1A576A3F40420882C0F7C4A66EAD    32768    ----a-w-    C:\Windows\SysWOW64\iernonce.dll
2014-05-07 01:33:18    C9CA9803299EB6AFA34CB520BAAB083D    32256    ----a-w-    C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-07 01:33:14    6557B48D53D653CFCCE3CB1CFA53A8E1    51200    ----a-w-    C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-07 01:33:14    0F4A295516781897FFB09B4CCF2E8798    592896    ----a-w-    C:\Windows\SysWOW64\jscript9diag.dll
2014-05-07 01:33:13    BB185D4A9362AA17CBCEC0768CDBF249    704512    ----a-w-    C:\Windows\SysWOW64\ieapfltr.dll
2014-05-07 01:33:10    05BD47136DE62FAFE9F95B40E4100144    2178048    ----a-w-    C:\Windows\SysWOW64\iertutil.dll
2014-05-07 01:33:09    E4E829EE073E046B0EB19B5FECB19B8C    1789440    ----a-w-    C:\Windows\SysWOW64\wininet.dll
2014-05-07 01:33:09    76F58DB8F85C125E0D6B3AA42F3BF1D0    1143808    ----a-w-    C:\Windows\SysWOW64\urlmon.dll
2014-05-07 01:33:08    C4A383FD50FBD7E274DD41CF571DF898    1967104    ----a-w-    C:\Windows\SysWOW64\inetcpl.cpl
2014-05-07 01:33:06    2AFBB91BBD2378933B26E6D68C140D1B    11745792    ----a-w-    C:\Windows\SysWOW64\ieframe.dll
2014-05-07 01:33:03    8C46360D6EF9D4C563FE834C4F287DA3    4254720    ----a-w-    C:\Windows\SysWOW64\jscript9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-16 03:21:03    A920E1336F9FEA95477763E2CC15891B    84992    ----a-w-    C:\Windows\Sysnative\mshtmled.dll
2014-05-16 03:21:03    797E2E5C309AFF76990D5B7AF457EACA    23544320    ----a-w-    C:\Windows\Sysnative\mshtml.dll
2014-05-16 03:21:01    A45BFDCFD5864F658289A165E6E0227F    2724864    ----a-w-    C:\Windows\Sysnative\mshtml.tlb
2014-05-15 17:05:19    427015D56DF17241F634611557146C57    14175744    ----a-w-    C:\Windows\Sysnative\shell32.dll
2014-05-15 17:05:17    4A795989DF0043973711B666D36D2678    477184    ----a-w-    C:\Windows\Sysnative\aepdu.dll
2014-05-15 17:05:16    485FB1F3792FF7B5D5EBB99AB870E588    424448    ----a-w-    C:\Windows\Sysnative\aeinv.dll
2014-05-15 17:00:09    B19C8390A1D641B9AC4490D4828A7B5E    728064    ----a-w-    C:\Windows\Sysnative\kerberos.dll
2014-05-15 17:00:09    9358149234A4F3FE00CF5C2096DC1652    1460736    ----a-w-    C:\Windows\Sysnative\lsasrv.dll
2014-05-15 17:00:07    E2A483E796D5FC7E447725FD01D98FA0    314880    ----a-w-    C:\Windows\Sysnative\msv1_0.dll
2014-05-15 17:00:06    89EF1CE0CE43AB8F55247D746739A321    722944    ----a-w-    C:\Windows\Sysnative\objsel.dll
2014-05-15 17:00:05    6B47CF5C27865DDF6680E4D834FBE34F    5550016    ----a-w-    C:\Windows\Sysnative\ntoskrnl.exe
2014-05-15 16:59:57    B6D8C1202DACA028AD94BDA2795CBBE9    86528    ----a-w-    C:\Windows\Sysnative\TSpkg.dll
2014-05-15 16:59:57    851BB346CD59D9B3BC8854384C7DD5C3    424960    ----a-w-    C:\Windows\Sysnative\KernelBase.dll
2014-05-15 16:59:57    26AF184300C0868D854D5A3092234E24    210944    ----a-w-    C:\Windows\Sysnative\wdigest.dll
2014-05-15 16:59:56    CF13522172342AD8196B329C15D68E23    44544    ----a-w-    C:\Windows\Sysnative\dimsroam.dll
2014-05-15 16:59:56    BDA8B14AFE99A0C52BFEA64C5AC62171    52736    ----a-w-    C:\Windows\Sysnative\dpapiprovider.dll
2014-05-15 16:59:56    9D942180B5B6CE1C882B9CC54EA1F275    57344    ----a-w-    C:\Windows\Sysnative\cngprovider.dll
2014-05-15 16:59:56    692E9886B2A475684F7E3294BF66E97D    56832    ----a-w-    C:\Windows\Sysnative\adprovider.dll
2014-05-15 16:59:56    4959DE74643CBC4B83E5BC99486A4FC9    53760    ----a-w-    C:\Windows\Sysnative\capiprovider.dll
2014-05-15 16:59:56    481F70241D4EA038BB02590A30F15A23    340992    ----a-w-    C:\Windows\Sysnative\schannel.dll
2014-05-15 16:59:54    C072064F95579C0D6D86AF5B3DC53192    136192    ----a-w-    C:\Windows\Sysnative\sspicli.dll
2014-05-15 16:59:54    9A3C6D8593F29A9F66744A3D4E6309B2    39936    ----a-w-    C:\Windows\Sysnative\wincredprovider.dll
2014-05-15 16:59:54    204F3F58212B3E422C90BD9691A2DF28    31232    ----a-w-    C:\Windows\Sysnative\lsass.exe
2014-05-15 16:59:52    82A72E99AA1CF0B04D3B9843CBA3AEC1    22016    ----a-w-    C:\Windows\Sysnative\credssp.dll
2014-05-15 16:59:52    8098627D0AA1706D69C5AF3F74332ABB    29184    ----a-w-    C:\Windows\Sysnative\sspisrv.dll
2014-05-15 16:59:52    39312B37C5FE5138F99680A49ACD3AEA    28160    ----a-w-    C:\Windows\Sysnative\secur32.dll
2014-05-07 01:33:47    7446786E7092ABE122D372F95E6ED74B    574976    ----a-w-    C:\Windows\Sysnative\ieui.dll
2014-05-07 01:33:42    FFF555C177D9F2B79B5C3146BED09FB1    548352    ----a-w-    C:\Windows\Sysnative\vbscript.dll
2014-05-07 01:33:27    D6067F7EE060C5D6D79008AD591B4E3B    33792    ----a-w-    C:\Windows\Sysnative\iernonce.dll
2014-05-07 01:33:27    3F498856C68725717195C16568FE19D0    586240    ----a-w-    C:\Windows\Sysnative\ie4uinit.exe
2014-05-07 01:33:26    964C89BC8A52A260D68C90FDDEB862E2    38400    ----a-w-    C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-05-07 01:33:26    72116CC377FF4281B0132C397026D911    4096    ----a-w-    C:\Windows\Sysnative\ieetwcollectorres.dll
2014-05-07 01:33:23    E0D95345D1EBB54F28E958782B9C0CE0    453120    ----a-w-    C:\Windows\Sysnative\dxtmsft.dll
2014-05-07 01:33:23    CFBA793F678EB3855052ECF99357A9A1    296960    ----a-w-    C:\Windows\Sysnative\dxtrans.dll
2014-05-07 01:33:23    3F547245C78F4847B73EDDFD4A2F7E12    752640    ----a-w-    C:\Windows\Sysnative\jscript9diag.dll
2014-05-07 01:33:22    E7161E2C66FF9B1E87C30FC9D2497ABB    195584    ----a-w-    C:\Windows\Sysnative\msrating.dll
2014-05-07 01:33:22    CB57E934280D346AE0A9B053DAA284C5    51200    ----a-w-    C:\Windows\Sysnative\jsproxy.dll
2014-05-07 01:33:22    75AD355828187145A60E3DC7BAF7B0F3    628736    ----a-w-    C:\Windows\Sysnative\msfeeds.dll
2014-05-07 01:33:20    A3F9A9E46BDDBB8B20B7CF3EEDB990F2    66048    ----a-w-    C:\Windows\Sysnative\iesetup.dll
2014-05-07 01:33:20    1BF215FF4DF6DE10D2F81A2CE85157D2    139264    ----a-w-    C:\Windows\Sysnative\ieUnatt.exe
2014-05-07 01:33:13    EBAD8A4D048ED257E4A45F6356541F86    846336    ----a-w-    C:\Windows\Sysnative\ieapfltr.dll
2014-05-07 01:33:13    A3A132CBE48AF0324466469F2CAAE8A2    111616    ----a-w-    C:\Windows\Sysnative\ieetwcollector.exe
2014-05-07 01:33:13    915D8A9E112C97C90C654F792B6B28B9    48640    ----a-w-    C:\Windows\Sysnative\ieetwproxystub.dll
2014-05-07 01:33:12    710FD0E362A1A5C087DB90C1BAC46411    940032    ----a-w-    C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-05-07 01:33:09    F220BA78AB542C70211D73AE4729B2CD    2260480    ----a-w-    C:\Windows\Sysnative\wininet.dll
2014-05-07 01:33:09    32417AE8280276968E5C551ED85D3525    1400832    ----a-w-    C:\Windows\Sysnative\urlmon.dll
2014-05-07 01:33:09    1F8534A19A66275C863DE17645CB2A13    2767360    ----a-w-    C:\Windows\Sysnative\iertutil.dll
2014-05-07 01:33:08    1654093C8BD3342997D27B71684ACCE8    2043904    ----a-w-    C:\Windows\Sysnative\inetcpl.cpl
2014-05-07 01:33:07    A14BB2F5F6457738AAA11367F5172A05    13551104    ----a-w-    C:\Windows\Sysnative\ieframe.dll
2014-05-07 01:33:03    BF25489459C7A762DD7B3186C7E3984D    5784064    ----a-w-    C:\Windows\Sysnative\jscript9.dll
2014-05-06 23:34:06    0DED6DD34EC2877C72CC32624060019F    313256    ----a-w-    C:\Windows\Sysnative\javaws.exe
2014-05-06 23:33:46    EB01E2AB90C1B8966ED27A6AD57D5BCA    189352    ----a-w-    C:\Windows\Sysnative\javaw.exe
2014-05-06 23:33:46    363FF136AC2C9A02E310E6A5E98ADFC0    189352    ----a-w-    C:\Windows\Sysnative\java.exe
2014-05-06 23:33:46    176539F1D21C78D78D8C468413CFAF5A    108968    ----a-w-    C:\Windows\Sysnative\WindowsAccessBridge-64.dll
====== C:\Windows\Sysnative\drivers =====
2014-05-15 16:59:56    353009DEDF918B2A51414F330CF72DEC    95680    ----a-w-    C:\Windows\Sysnative\drivers\ksecdd.sys
2014-05-15 16:59:56    1C2D8E18AA8FD50CD04C15CC27F7F5AB    155072    ----a-w-    C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-05-07 01:09:56    340B0467E98A8C92697D73034DB4BCB7    29208    ----a-w-    C:\Windows\Sysnative\drivers\aswHwid.sys
2014-05-07 01:09:33    FE0B110550DCF3FD0615E14C550ADDAF    447888    ----a-w-    C:\Windows\Sysnative\drivers\aswndisflt.sys
2014-05-07 01:09:33    5209F2D0CC85FBCF7D00C2865B719EC3    447888    ----a-w-    C:\Windows\Sysnative\drivers\aswndisflt.sys.1400172826709
====== C:\Windows\Tasks ======
2014-05-13 02:16:15    --------    d-----w-    C:\Windows\Sysnative\Tasks\Western Digital
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-18 17:42:55    --------    d-----w-    C:\Program Files\iPod
2014-05-18 17:42:53    --------    d-----w-    C:\Program Files\iTunes
2014-05-13 02:00:22    --------    d-----w-    C:\Program Files\Common Files\Western Digital
======= C:\PROGRA~2 =====
2014-05-18 17:42:53    --------    d-----w-    C:\PROGRA~2\iTunes
2014-05-13 02:00:22    --------    d-----w-    C:\PROGRA~2\COMMON~1\Western Digital
======= C: =====
====== C:\Users\Megan\AppData\Roaming ======
2014-05-16 20:13:25    --------    d-sh--w-    C:\Users\Megan\AppData\Locallow\EmieUserList
2014-05-16 20:13:25    --------    d-sh--w-    C:\Users\Megan\AppData\Local\EmieUserList
2014-05-16 20:13:25    --------    d-sh--w-    C:\Users\Megan\AppData\Local\EmieSiteList
2014-05-10 13:31:31    --------    d-sh--w-    C:\Users\Megan\AppData\Locallow\EmieSiteList
2014-05-07 22:19:39    --------    d-----w-    C:\Users\Megan\AppData\Roaming\DropboxMaster
2014-05-07 22:19:27    --------    d-----w-    C:\Users\Megan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-07 22:16:58    --------    d-----w-    C:\Users\Megan\AppData\Roaming\Dropbox
====== C:\Users\Megan ======
2014-05-18 17:44:09    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-18 17:42:53    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-05-13 02:01:00    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-05-13 01:57:06    --------    d-----w-    C:\ProgramData\Package Cache
2014-05-12 22:16:40    --------    d-----r-    C:\Windows\SysNative\config\systemprofile\Searches
2014-05-07 22:20:28    --------    d-----r-    C:\Users\Megan\Dropbox
2014-05-06 23:33:46    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2014-05-18 17:33:51    CA23D2D9A390E40AD505C1D8E1884DA8    77136    ----a-w-    C:\Users\Megan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RNAJU96U\SetupAdmin[1].exe
2014-05-18 17:33:51    CA23D2D9A390E40AD505C1D8E1884DA8    77136    ----a-w-    C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.2.0.115\SetupAdmin.exe
2014-05-16 00:27:57    A742CCF738AEFEF3078683BD0E803215    739808    ----a-w-    C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.137\34.0.1847.137_34.0.1847.131_chrome_updater.exe
2014-05-15 21:39:22    6BF622C46721CF6E2B35E868F319E6EB    641352    ----a-w-    C:\Program Files\iPod\bin\iPodService.exe
2014-05-15 21:39:20    D9FAA5EFEB27DDBE99C720B9069A451E    152392    ----a-w-    C:\Program Files (x86)\iTunes\iTunesHelper.exe
2014-05-15 21:39:20    24F94280374EAA93CE1EA346D4A3DBD9    9789256    ----a-w-    C:\Program Files (x86)\iTunes\iTunes.exe
2014-05-15 17:28:26    6B5F809EA976892FFAFE5519EF8A9192    1263536    ------w-    C:\ProgramData\Package Cache\{9af08980-8d36-4304-a8d0-53dc0c7d93a5}\WD SmartWare Installer.exe
2014-05-15 17:05:17    94566D109585C5867B01B761276C2D1F    155136    ----a-w-    C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-05-15 17:05:16    6FF6FF2DD6B7CDD07049DCA1F7A18319    31232    ----a-w-    C:\Windows\System32\CompatTel\wicainventory.exe
2014-05-15 17:00:08    4D59F470985D08139E42D15842816C47    3969984    ----a-w-    C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 17:00:08    31FA2485DFC773F1E718A4D19F443FA9    3914176    ----a-w-    C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 17:00:05    6B47CF5C27865DDF6680E4D834FBE34F    5550016    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2014-05-15 16:59:54    204F3F58212B3E422C90BD9691A2DF28    31232    ----a-w-    C:\Windows\System32\lsass.exe
2014-05-15 00:21:52    C3E4419CD96A80693E52DCAC54F166B4    96768    ----a-w-    C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2014-05-15 00:21:52    ACEB3F702F3CC057C2894AB603785A52    59392    ----a-w-    C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2014-05-15 00:21:52    5D576B7CC0A128364B544389E497E89A    130208    ----a-w-    C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2014-05-15 00:21:52    3A78A7BE5EFC451F6CAE86254F575A3D    54432    ----a-w-    C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2014-05-15 00:21:52    3A78A7BE5EFC451F6CAE86254F575A3D    54432    ----a-w-    C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
=== C: other files ==
2014-05-18 23:10:00    4954ACB6076088DFDEF301315EC49A1A    3324    ----a-w-    C:\Users\Megan\Desktop\attach.zip
2014-05-18 23:09:30    DA362F87BC28FBC353AA6F2B9023913A    544    ----a-w-    C:\$RECYCLE.BIN\S-1-5-21-11567903-2615041565-2900439789-1000\$IU6OMGN.com
2014-05-18 22:24:17    8B968045D75783A09592C3105F2865DA    688992    ----a-r-    C:\$RECYCLE.BIN\S-1-5-21-11567903-2615041565-2900439789-1000\$RU6OMGN.com
2014-05-15 16:59:56    353009DEDF918B2A51414F330CF72DEC    95680    ----a-w-    C:\Windows\System32\drivers\ksecdd.sys
2014-05-15 16:59:56    1C2D8E18AA8FD50CD04C15CC27F7F5AB    155072    ----a-w-    C:\Windows\System32\drivers\ksecpkg.sys
2014-05-13 01:53:08    4A34802D7D065722727975ADC554752A    36862640    ----a-w-    C:\Users\Megan\Desktop\WD_SmartWare_Installer_2.3.0.20.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-11567903-2615041565-2900439789-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"Octoshape Streaming Services"="C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun"
"Spotify Web Helper"="C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"Dell Webcam Central"="C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2"
"Desktop Disc Tool"="C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"WD Quick View"="C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"AccuWeatherWidget"=""C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
"Launcher"="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"Octoshape Streaming Services"="C:\Users\Megan\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe -inv:bootrun"
"Spotify Web Helper"="C:\Users\Megan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2014-05-07 22:20:23    1056    ----a-w-    C:\Users\Megan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-11-10 14:50:59    1097    ----a-w-    C:\Users\Megan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
2011-04-09 13:45:37    834    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:@C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/22/2013 04:43 PM]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{07BBCCFF-5FC6-42A5-BED1-88AC59EF2AEA}" [msiexec.exe]
"C:\Windows\SysNative\tasks\{1AFF39AC-27A3-4539-B1E2-4E17BC19E435}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\Windows\SysNative\tasks\{52F3DF85-8CE5-4E95-AAF7-212A414B65FD}" [C:\Users\Megan\Downloads\EDRWI520EN\ENGLISH\setup.exe]
"C:\Windows\SysNative\tasks\{57E34733-7961-48F6-BFF5-4826352C6A86}" [C:\Users\Megan\Downloads\Sheepbrain Atlas (win).exe]
"C:\Windows\SysNative\tasks\{7502A1EB-E87C-4074-B477-9C3E0D43BB4C}" [C:\Users\Megan\Downloads\EDRWI520EN\ENGLISH\setup.exe]
"C:\Windows\SysNative\tasks\{DDA3C321-9F6B-4C06-A239-A60CA00F2725}" [C:\Users\Megan\Downloads\Sheepbrain Atlas (win).exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/06/2014 09:09 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802
- Pin It button - %ProfilePath%\extensions\pinterest@robertnyman.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802
A58DE0A570148AF5FF3512B2A340D09F    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -    Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132    - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013
EC401349BFA64BD6232C746046AEC0B5    - C:\Users\Megan\AppData\Roaming\Mozilla\plugins\npoctoshape.dll -    Octoshape Streaming Services


==== Chrome Look ======================

Google Docs - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Megan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.boundless.org/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{3B0D5025-BB86-44AF-B068-63024D36504B} Hulu  Url="http://www.hulu.com/search?query={searchTerms}&ref=os"
{6E29F650-BCCE-4EF7-B356-A086131D1FE9} Wikipedia (en) Url="http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}"
{71269A23-48FF-4927-BFE9-1A1A3B7697DA} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2 folders=4 16449 bytes)

==== EOF on Mon 05/19/2014 at 17:08:58.94 ======================
 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/19/2014
Scan Time: 5:40:43 PM
Logfile: Malwarebytes Anti-Malware(1).txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Megan

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 257898
Time Elapsed: 10 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)



#6 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 21 May 2014 - 11:05 AM

Greetings Nikki_2theSecond,
 
I've just noticed I hadn't subscribed to this topic yet. I was about to ask how you were doing when I saw you've replied already. My apologies for the late reply.
 
Logs look quite good in my opinion. I have some more tests for you...

:step1: ====Zoek.exe====

Start Zoek.exe 51a612a8b27e2-Zoek.png again.

Take action to disable your antivirus and antispyware programs, as they may conflict with Zoek.exe
>> Info on how to disable your security applications > http://www.bleepingcomputer.com/forums/topic114351.html

Using Zoek.exe

  • On the Desktop, double-click Zoek.exe to start the tool.
    Windows Vista, 7 and 8 users right-click the file and select: Run as Administrator.
    Give the program a few seconds to appear.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this system only, do not use it on any other computer even if the problems are similar.
    autoclean;
    emptyclsid;
    
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive.
  • Please post the logfile for further review in your next comment.

:step2: ====aswMBR====

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

:step3: ====ESET Online Scan====

Visit the 51a5de408905c-th_EsetLogo.pngESET Online Scanner website.

  • Click the ESET Online Scanner button
  • Check the box next to YES, I accept the Terms of Use
  • Click Start
  • When prompted, accept the installation of ActiveX Control
  • Now click "Advanced settings"
  • Make sure to check the following options:
    • Remove found threats
    • Scan archives
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start
  • Your computer is now being scanned. This can take a while so please wait patiently.
  • When finished you may close your internet browser.
  • Attach the file named "Log.txt" to your next reply (You can find the file in the following folder: "C:\Program Files\EsetOnlineScanner\log.txt")

 

Good luck! Should you have any questions, feel free to ask :)


Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 


#7 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 22 May 2014 - 10:45 PM

Hi Mako!
No worries about the response time! I appreciate your help. :)
 
Zoek.exe ran perfectly. AswMBR did not ask to update Avast, however I do have Avast set to update automatically. I don't know if that makes a difference, but I thought I should mention it. Otherwise aswMBR ran well.
 
ESET did not run completely from the browser, and required me to download and run the basic one-time use program. I was able to do so and it did give me the options to check the specified boxes so I did that as instructed. It says it found 6 infected files and it cleaned 6 infected files. I have the option to select "Uninstall" or "Delete Quarantined Files" or both before clicking a "Finish" button. For now I'm choosing to not shut down my computer, but put it in hibernate mode since I am uncertain whether I should simply click "Finish" or choose an option. I've attached the screen shot of the ESET window and attached the ESET log as requested. The other requested logs follow and thanks!


 
 
====== zoek.exe===========
 
Zoek.exe v5.0.0.0 Updated 21-05-2014
Tool run by Megan on Thu 05/22/2014 at 20:26:59.48.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Megan\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2014-05-19-210858.log    27509 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\The Weather Channel deleted
C:\Users\Megan\AppData\Local\APN deleted
C:\Windows\Syswow64\FAP4B1D.tmp deleted
C:\Windows\Syswow64\FAP4C7D.tmp deleted
C:\Windows\Syswow64\FAP4D99.tmp deleted
C:\Windows\Syswow64\FAP4EB5.tmp deleted
C:\Windows\Syswow64\FAP99AD.tmp deleted
C:\Windows\Syswow64\FAP9BD2.tmp deleted
"C:\PROGRA~3\Package Cache" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/06/2014 09:09 PM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802
- Pin It button - %ProfilePath%\extensions\pinterest@robertnyman.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Megan\AppData\Roaming\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802
A58DE0A570148AF5FF3512B2A340D09F    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -    Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132    - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013
EC401349BFA64BD6232C746046AEC0B5    - C:\Users\Megan\AppData\Roaming\Mozilla\plugins\npoctoshape.dll -    Octoshape Streaming Services


==== Chrome Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.boundless.org/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.boundless.org/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{3B0D5025-BB86-44AF-B068-63024D36504B} Hulu  Url="http://www.hulu.com/search?query={searchTerms}&ref=os"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{6E29F650-BCCE-4EF7-B356-A086131D1FE9} Wikipedia (en) Url="http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}"
{71269A23-48FF-4927-BFE9-1A1A3B7697DA} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Megan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Megan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Megan\AppData\Local\Mozilla\Firefox\Profiles\q8tod6dn.default-1392935944802\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Megan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14 folders=13 31004916 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Megan\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Megan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Thu 05/22/2014 at 20:49:00.86 ======================
 
 
======aswMBR=======
swMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-05-22 20:54:05
-----------------------------
20:54:05.430    OS Version: Windows x64 6.1.7601 Service Pack 1
20:54:05.430    Number of processors: 4 586 0x2505
20:54:05.431    ComputerName: MEGS_LAPTOP  UserName: Megan
20:54:08.019    Initialize success
20:54:11.781    AVAST engine defs: 14052200
20:54:46.441    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:54:46.443    Disk 0 Vendor: ST950032 D005 Size: 476940MB BusType: 3
20:54:46.570    Disk 0 MBR read successfully
20:54:46.574    Disk 0 MBR scan
20:54:46.578    Disk 0 Windows 7 default MBR code
20:54:46.592    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0      100 MB offset 2048
20:54:46.610    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15000 MB offset 206848
20:54:46.647    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       461838 MB offset 30926848
20:54:46.852    Disk 0 scanning C:\Windows\system32\drivers
20:55:02.938    Service scanning
20:55:32.247    Modules scanning
20:55:32.263    Disk 0 trace - called modules:
20:55:32.317    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
20:55:32.329    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bd6060]
20:55:32.340    3 CLASSPNP.SYS[fffff88001a5143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800497c050]
20:55:33.428    AVAST engine scan C:\Windows
20:55:38.194    AVAST engine scan C:\Windows\system32
21:00:21.211    AVAST engine scan C:\Windows\system32\drivers
21:00:39.803    AVAST engine scan C:\Users\Megan
21:02:57.287    Disk 0 MBR has been saved successfully to "C:\Users\Megan\Desktop\MBR.dat"
21:02:57.294    The log file has been saved successfully to "C:\Users\Megan\Desktop\aswMBR.txt"

Attached Files



#8 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 23 May 2014 - 03:09 AM

Hi Nikki_2theSecond,

 

Seems like your safe and sound! All the log files came back negative, including the ESET scan, so there isn't any malware present on your computer.  :thumbup2:

The threats ESET found are some false positives of Dell DataSafe Local Backup. I suggest we place the files back where they belong. To do so, please follow these instructions:

 

On the print screen you've attached to your previous post, click Manage quarantine.

Select all files in the quarantine (click the first and last while holding the shift key) and click Restore.

 

Please turn back on all of your protection software like firewall and antivirus if you haven't done so already.

 

______________________________________________________________________________________________________________

 

With this general malware check-up behind us I think we can move on to a more specific approach...

 

Let's start off with some (easy) general questions to help me locate the problem:

 

  • Do you have these problems with all internet browsers?
  • Is there a specifc time when they usually arise? Like in the evening or morning.
  • What company is your ISP (Internet Service Provider) and which "subscription" do you have? I'm sorry if subscription isn't the right word -probably isn't...- but I'm looking for a maximum download- and upload speed.

 

:step2: ====Speedtest.net====

 

Visit http://www.speedtest.net/ and perform a speed test.

To start the test, simply click Begin Test.

When finished, click Share This Result.

Click the Image tab and hit Copy.

 

When typing your next reply insert the image by clicking the Image button in the editor and pasting the image code.


Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 


#9 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 23 May 2014 - 09:00 PM

That's excellent news! I'm so glad to hear my computer doesn't have any serious infections. Thank you! To answer your questions:

  • Yes, once a page times out, I can't access it with any browser I have (IE, Firefox, or Chrome). Not long after a webpage times out (and it's never consistently any particular sort of webpage: blog, bank, social media, etc.) other pages start timing out. Usually the only website I can access after websites start timing out is Facebook.
  • There does not seem to be a specific time. I can happen any time of day.
  • I have AT&T FastAccess DSL Xtreme. Downstream speed: up to 3.0 Mbps    Upstream Speed:  up to 384 Kbps  I think subscription package might be the correct term? I'm not sure either to be honest. :)

    3519698243.png


#10 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 24 May 2014 - 04:56 AM

Greetings Nikki_2theSecond,

 

Thank you for the information!

 

I'm a bit worried by your speedtest results since they're a bit on the slow side. As you may have seen, the speedtest company claims that your current internet connection is slower than 89% of the US. 

Although these results may vary from time to time I think your subscription package (let's just call it that :wink:) is rather bottom line. I was truly surprised AT&T offers even lower packages because these download- and upload speeds are not even near modern standards. :huh:

 

Are you using a wireless WiFi connection or a hardwired connection since this may also influence the results?

 

Mako


Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 


#11 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 24 May 2014 - 07:56 PM

Hi Mako,

 

Yes, I am using a wireless connection. I did retry the speed test and while the download/upload speeds did not improve the ping speed was 55ms with no other household members accessing the internet.

Nikki



#12 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 24 May 2014 - 09:47 PM

3521524361.png

I've had several websites begin timing out on me this evening so I thought it would be interesting to try the speed test when the actual problem is occurring. I have no idea if this relevant, but it seemed worth trying. :) The result of the test is above.



#13 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 25 May 2014 - 04:12 AM

Hi Nikki,

 

Thanks again for the useful information!
 
It seems like -while you're having problems- the download- and upload speed remain quite consistent, which is a good sign of course.
Do you have any idea when these time-outs began to trouble you? Is this something that happened just recently, or are you struggling with this for a few months?
 
As I've said earlier: I think these speeds are not very spectacular when you want to use the internet intensively. They should be fine however for basic traffic.
I think we'll have to find out if these low speeds are causing your problems or something else. Perhaps there is a tiny drop in signal which could cause the time-outs or maybe some settings can be improved or restored.
 
I suggest we try to figure this out as much as we can  :)

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

 

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.


Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 


#14 Nikki_2theSecond

Nikki_2theSecond
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:10 AM

Posted 26 May 2014 - 08:23 AM

Hi Mako,

 

The time outs began earlier this year (January or February) and they'll happen for 1 to 3 days (I'll be able to access one or two websites in a sitting and then one website times out and they all seem to start timing out). The problem seems to resolve itself for 4 to 6 weeks before happening again.

 

Here's the report:

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Megan (administrator) on 26-05-2014 at 08:58:36
Running from "C:\Users\Megan\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================
 
::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Wireless Network Connection 2" address=192.168.16.2 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Megs_Laptop
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : gateway.2wire.net

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 8C-A9-82-4E-9D-B7
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 8C-A9-82-4E-9D-B7
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . : 8C-A9-82-4E-9D-B6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::950a:fe:aa6b:3bb5%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.117(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, May 26, 2014 8:43:17 AM
   Lease Expires . . . . . . . . . . : Tuesday, May 27, 2014 8:43:17 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 311208322
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-32-14-93-78-2B-CB-E7-43-77
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 90-00-4E-E8-4D-06
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BF3A1AF7-5AAA-40A4-BF8A-CDB4F8792718}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : gateway.2wire.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5BC09EA8-DD64-450D-BE7B-99378CC41103}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BA7D0016-A393-4582-AE66-2F2625198FAE}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 52:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #9
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 51:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3ca8:1080:9da1:2ee6(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3ca8:1080:9da1:2ee6%65(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  home
Address:  192.168.1.254

Name:    google.com
Addresses:  2607:f8b0:4002:801::1003
      173.194.37.35
      173.194.37.39
      173.194.37.38
      173.194.37.41
      173.194.37.40
      173.194.37.32
      173.194.37.34
      173.194.37.37
      173.194.37.36
      173.194.37.33
      173.194.37.46


Pinging google.com [173.194.37.46] with 32 bytes of data:
Reply from 173.194.37.46: bytes=32 time=70ms TTL=50
Reply from 173.194.37.46: bytes=32 time=44ms TTL=50

Ping statistics for 173.194.37.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 70ms, Average = 57ms
Server:  home
Address:  192.168.1.254

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=149ms TTL=43
Reply from 206.190.36.45: bytes=32 time=146ms TTL=43

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 146ms, Maximum = 149ms, Average = 147ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...8c a9 82 4e 9d b7 ......Microsoft Virtual WiFi Miniport Adapter #2
 14...8c a9 82 4e 9d b7 ......Microsoft Virtual WiFi Miniport Adapter
 13...8c a9 82 4e 9d b6 ......Intel® WiFi Link 1000 BGN
 11...90 00 4e e8 4d 06 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 62...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
 63...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
 64...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
 85...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #9
 65...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.117     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.117    281
    192.168.1.117  255.255.255.255         On-link     192.168.1.117    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.117    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.117    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.117    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 65     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 65     58 2001::/32                On-link
 65    306 2001:0:5ef5:79fd:3ca8:1080:9da1:2ee6/128
                                    On-link
 13    281 fe80::/64                On-link
 65    306 fe80::/64                On-link
 65    306 fe80::3ca8:1080:9da1:2ee6/128
                                    On-link
 13    281 fe80::950a:fe:aa6b:3bb5/128
                                    On-link
  1    306 ff00::/8                 On-link
 65    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/26/2014 08:53:12 AM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13322

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13322

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12214

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12214

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11216

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11216

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (05/26/2014 08:44:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (05/26/2014 08:43:59 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (05/25/2014 03:49:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.

Error: (05/25/2014 02:30:04 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%1053

Error: (05/25/2014 02:30:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.

Error: (05/24/2014 07:59:16 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (05/24/2014 07:59:16 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (05/24/2014 07:59:16 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/23/2014 09:12:05 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (05/23/2014 05:01:07 PM) (Source: BTHUSB) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.


Microsoft Office Sessions:
=========================
Error: (05/26/2014 08:53:12 AM) (Source: Windows Backup)(User: )
Description: G:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13322

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13322

Error: (05/23/2014 05:20:47 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12214

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12214

Error: (05/23/2014 05:20:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11216

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11216

Error: (05/23/2014 05:20:45 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


=========================== Installed Programs ============================

Adobe AIR (Version: 13.0.0.111)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
Adobe Reader XI (11.0.07) (Version: 11.0.07)
Advanced Audio FX Engine (Version: 1.12.05)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17)
Angry Birds Star Wars (Version: 1.1.0)
Apple Application Support (Version: 3.0.3)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
avast! Internet Security (Version: 9.0.2018)
Bonjour (Version: 3.0.0.10)
Canon RAW Codec (Version: 1.9.0.73)
CCleaner (Version: 4.13)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Home Systems Service Agreement (Version: 2.0.0)
Dell MusicStage (Version: 1.4.162.0)
Dell Perks Webslice IE8 (Version: 8.0)
Dell PhotoStage (Version: 1.5.0.30)
Dell Stage (Version: 1.5.420.0)
Dell Support Center (Version: 3.0.5621.01)
Dell VideoStage (Version: 1.2.0.1719)
Dell Webcam Central (Version: 1.40.05)
Dropbox (Version: 2.8.2)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 35.0.1916.114)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.24.7)
GoToAssist 8.0.0.514
IDT Audio (Version: 1.0.6289.0)
Intel PROSet Wireless
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2202)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.02.0000)
Intel® Rapid Storage Technology (Version: 9.6.4.1002)
Internet Explorer (Version: 8)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 11.2.0.115)
Java 7 Update 51 (Version: 7.0.510)
Java 7 Update 55 (64-bit) (Version: 7.0.550)
Junk Mail filter update (Version: 15.4.3502.0922)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Professional Plus 2013 - en-us (Version: 15.0.4615.1002)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MiKTeX 2.9 (Version: 2.9)
Mozilla Firefox 29.0.1 (x86 en-US) (Version: 29.0.1)
Mozilla Maintenance Service (Version: 29.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Octoshape Streaming Services
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4615.1002)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002)
Office 15 Click-to-Run Localization Component (Version: 15.0.4615.1002)
PrimoPDF -- brought to you by Nitro PDF Software (Version: 5)
Quickset64 (Version: 10.5.0)
QuickTime 7 (Version: 7.75.80.95)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30127)
Roxio Burn (Version: 1.01)
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Drive Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3 USB Driver Installer (Version: 3.2.0.70701)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SES Driver (Version: 1.0.0)
Skype Click to Call (Version: 5.9.9216)
Skype™ 6.11 (Version: 6.11.102)
Spotify (Version: 0.9.10.14.g578d350b)
Spybot - Search & Destroy (Version: 1.6.2)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
WD Quick View (Version: 2.4.0.39)
WD SmartWare (Version: 2.4.0.39)
WD SmartWare Installer (Version: 2.4.0.39)
WIDCOMM Bluetooth Software (Version: 6.2.1.1100)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth  (03/24/2010 6.3.0.2501) (Version: 03/24/2010 6.3.0.2501)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (Version: 03/06/2009 1.0.0008.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (Version: 4.1.2.0)

========================= Memory info: ===================================

Percentage of memory in use: 59%
Total physical RAM: 3894.68 MB
Available physical RAM: 1565.84 MB
Total Pagefile: 7787.55 MB
Available Pagefile: 4837.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.43 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:368.97 GB) NTFS

========================= Users: ========================================

User accounts for \\MEGS_LAPTOP

Administrator            Guest                    Megan                    


**** End of log ****
 



#15 Mako

Mako

  • Malware Response Team
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:09:10 AM

Posted 27 May 2014 - 07:22 AM

Hi Nikki,

 

I can't seem to find anything unusual in your logfile, although I would like to discuss this with some of my colleagues. Just to make sure I didn't miss anything.

I will get back to you as soon as I can :).

 

Should your connection be running more smoothly after running minitoolbox, please let me know.


Edited by Mako, 27 May 2014 - 07:29 AM.

Regards,

Mako

 

Member of UNITE Unified Network of Instructors and Trained Eliminators

Noticed any spelling or grammar errors in my reply? Please feel free to point them out to me, I'm always eager to learn. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users