Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cursor/Mouse Go out of Control Randomly On Laptop


  • This topic is locked This topic is locked
9 replies to this topic

#1 Krooz

Krooz

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 31 May 2015 - 11:37 AM

I've created this topic here on Aura's advice due to issues I'm having with my laptop. Attached below is the original thread I started under "Am I Infected".
 
http://www.bleepingcomputer.com/forums/t/576499/i-believe-my-laptop-has-a-virus/
 
I performed all of the suggestions by Drew1903 except for reinstalling the OS but to no avail.
 
Attached are the FRST logs....
 
Thanks for the help!
 

Attached File  FRST.txt   50.91KB   5 downloadsAttached File  Addition.txt   36.58KB   6 downloads

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Bill (administrator) on LAPTOP on 31-05-2015 12:16:32
Running from C:\Users\Bill\Downloads
Loaded Profiles: Bill (Available Profiles: Bill)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-01] (Synaptics Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Development Company, L.P.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1720584 2015-02-08] (CyberLink Corp.)
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Run: [Google Update] => C:\Users\Bill\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-05-03] (Google Inc.)
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-03-12]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3342821347-547829600-3130496350-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/en-us?cobrand=hp-desktop.msn.com&OCID=HPDHP&pc=HPDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3342821347-547829600-3130496350-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\mcr5390v.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-05-31] ()
FF Plugin HKU\S-1-5-21-3342821347-547829600-3130496350-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-3342821347-547829600-3130496350-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Bill\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-26]

Chrome:
=======
CHR Profile: C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-29]
CHR Extension: (Google Drive) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-29]
CHR Extension: (YouTube) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-29]
CHR Extension: (Google Cast) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-05-03]
CHR Extension: (Google Search) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-29]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-06-26]
CHR Extension: (*Split Screen*) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\eachfleknamlcepmplpdghagngjfjkin [2014-08-16]
CHR Extension: (Bookmark Manager) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Google Wallet) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-29]
CHR Extension: (Stylist) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2014-12-16]
CHR Extension: (Gmail) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-29]
CHR Profile: C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-27]
CHR Extension: (Google Docs) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-27]
CHR Extension: (Google Drive) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-27]
CHR Extension: (YouTube) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-27]
CHR Extension: (Google Search) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-27]
CHR Extension: (Google Sheets) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-27]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kjeghcllfecehndceplomkocgfbklffd [2015-01-27]
CHR Extension: (Google Wallet) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-27]
CHR Extension: (Webroot Password Manager) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2015-01-27]
CHR Extension: (Gmail) - C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-07-01] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-06-18] ()
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [32768 2013-08-01] (Validity Sensors, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816656 2014-06-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385784 2013-06-27] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [114632 2013-07-01] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3488744 2014-07-22] (Intel Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-01] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
U0 SR; No ImagePath
U2 srservice; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 12:16 - 2015-05-31 12:16 - 00030985 _____ () C:\Users\Bill\Downloads\FRST.txt
2015-05-31 12:15 - 2015-05-31 12:16 - 00000000 ____D () C:\FRST
2015-05-31 12:14 - 2015-05-31 12:15 - 02108928 _____ (Farbar) C:\Users\Bill\Downloads\FRST64.exe
2015-05-29 15:07 - 2015-05-29 15:07 - 00000236 _____ () C:\Windows\LkmdfCoInst.log
2015-05-27 15:04 - 2015-05-29 15:26 - 00001491 _____ () C:\Windows\setupact.log
2015-05-27 15:04 - 2015-05-27 15:04 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-26 16:55 - 2015-05-26 16:55 - 00000000 ____D () C:\Windows\LastGood.Tmp
2015-05-26 16:30 - 2015-05-29 05:56 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-26 16:30 - 2015-05-26 16:30 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-26 16:30 - 2015-05-26 16:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-26 16:30 - 2015-05-26 16:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-26 16:30 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-26 16:30 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-26 16:30 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-26 16:29 - 2015-05-26 16:29 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Bill\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-24 14:07 - 2015-05-31 12:12 - 01699639 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 10:45 - 2015-05-23 10:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-22 10:22 - 2015-05-22 10:22 - 00003154 _____ () C:\Windows\System32\Tasks\YCMServiceAgent
2015-05-22 10:22 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd.sys
2015-05-21 09:33 - 2015-05-21 09:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Bill\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-21 00:39 - 2015-03-03 09:17 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-05-20 16:33 - 2015-05-20 16:33 - 00000000 ____D () C:\Windows\%LOCALAPPDATA%
2015-05-20 16:31 - 2015-05-20 16:31 - 00003086 _____ () C:\Windows\System32\Tasks\{0BB89504-1010-4558-806D-C9E3A3597DA4}
2015-05-20 16:02 - 2015-04-30 16:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 16:02 - 2015-04-30 16:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-20 15:48 - 2015-05-20 15:48 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-20 15:48 - 2015-05-20 15:48 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-20 15:48 - 2015-05-20 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-20 15:48 - 2015-05-20 15:48 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-20 15:47 - 2015-05-20 15:47 - 06484352 _____ (Piriform Ltd) C:\Users\Bill\Downloads\ccsetup505.exe
2015-05-19 09:25 - 2015-05-19 09:25 - 06962912 _____ (Microsoft Corporation) C:\Users\Bill\Downloads\Silverlight.exe
2015-05-18 17:06 - 2015-04-30 19:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-18 17:06 - 2015-04-30 18:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-18 17:06 - 2015-04-13 18:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-18 17:06 - 2015-04-09 21:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-18 17:06 - 2015-04-09 20:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-18 17:06 - 2015-04-09 20:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-18 17:06 - 2015-04-09 20:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-18 17:06 - 2015-04-09 20:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-18 17:06 - 2015-04-08 18:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-18 17:06 - 2015-04-02 20:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-18 17:06 - 2015-04-02 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-18 17:06 - 2015-04-01 18:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-18 17:06 - 2015-04-01 18:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-18 17:06 - 2015-03-31 23:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-18 17:06 - 2015-03-31 22:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-18 17:06 - 2015-03-30 01:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-18 17:06 - 2015-03-26 23:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-18 17:06 - 2015-03-26 22:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-18 17:06 - 2015-03-26 22:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-18 17:06 - 2015-03-19 21:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-18 17:06 - 2015-03-17 13:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-18 17:06 - 2015-03-12 22:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-18 17:06 - 2015-03-12 21:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-18 17:06 - 2015-03-12 20:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-18 17:06 - 2015-03-12 20:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-18 17:06 - 2015-03-10 21:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-18 17:06 - 2015-03-10 21:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-18 17:06 - 2015-03-08 22:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-18 17:06 - 2015-03-05 22:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-18 17:06 - 2015-03-03 21:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-18 17:06 - 2015-03-03 21:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-18 17:06 - 2015-02-17 19:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-18 17:06 - 2015-01-29 20:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-18 17:06 - 2014-11-14 02:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-05-18 17:05 - 2015-04-21 13:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-18 17:05 - 2015-04-21 12:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-18 17:05 - 2015-04-21 12:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-18 17:05 - 2015-04-21 12:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-18 17:05 - 2015-04-21 12:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-18 17:05 - 2015-04-21 12:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-18 17:05 - 2015-04-21 12:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-18 17:05 - 2015-04-21 12:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-18 17:05 - 2015-04-21 12:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-18 17:05 - 2015-04-21 12:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-18 17:05 - 2015-04-21 12:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-18 17:05 - 2015-04-21 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-18 17:05 - 2015-04-21 12:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-18 17:05 - 2015-04-21 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-18 17:05 - 2015-04-21 12:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-18 17:05 - 2015-04-21 11:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-18 17:05 - 2015-04-21 11:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-18 17:05 - 2015-04-21 11:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-18 17:05 - 2015-04-21 11:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-18 17:05 - 2015-04-21 11:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-18 17:05 - 2015-04-21 11:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-18 17:05 - 2015-04-21 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-18 17:05 - 2015-04-21 11:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-18 17:05 - 2015-04-21 11:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-18 17:05 - 2015-04-21 11:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-18 17:05 - 2015-04-21 11:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-18 17:05 - 2015-04-21 11:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-18 17:05 - 2015-04-21 11:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-18 17:05 - 2015-04-21 11:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-18 17:05 - 2015-04-21 11:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-18 17:05 - 2015-04-21 11:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-18 17:05 - 2015-04-21 11:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-18 17:05 - 2015-04-21 11:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-18 17:05 - 2015-04-21 11:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-18 17:05 - 2015-04-21 11:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-18 17:05 - 2015-04-21 11:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-18 17:05 - 2015-04-21 11:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-18 17:05 - 2015-04-21 10:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-18 17:05 - 2015-04-21 10:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-18 17:05 - 2015-03-13 00:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-18 17:05 - 2015-03-13 00:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-18 17:05 - 2015-03-05 23:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-18 17:05 - 2015-03-05 22:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-17 17:52 - 2015-05-18 08:50 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2015-05-17 17:36 - 2015-05-17 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-17 17:09 - 2015-05-17 18:30 - 00000000 ____D () C:\ProgramData\SparkTrust
2015-05-17 17:09 - 2015-05-17 17:09 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\SparkTrust
2015-05-03 14:05 - 2015-05-31 12:15 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3342821347-547829600-3130496350-1001UA.job
2015-05-03 14:05 - 2015-05-30 22:15 - 00000866 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3342821347-547829600-3130496350-1001Core.job
2015-05-03 14:05 - 2015-05-18 22:10 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3342821347-547829600-3130496350-1001UA
2015-05-03 14:05 - 2015-05-18 22:10 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3342821347-547829600-3130496350-1001Core
2015-05-03 14:05 - 2015-05-03 14:05 - 00001222 _____ () C:\Users\Bill\Desktop\Chromecast.lnk
2015-05-03 14:05 - 2015-05-03 14:05 - 00000000 ____D () C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2015-05-03 14:04 - 2015-05-03 14:04 - 00880208 _____ (Google Inc.) C:\Users\Bill\Downloads\chromecastinstaller.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 12:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-31 11:24 - 2014-05-29 14:54 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-31 09:04 - 2014-05-29 12:15 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{014AD6BE-9EBF-4412-814C-88BB5D513FAB}
2015-05-30 22:24 - 2014-05-29 14:54 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 10:28 - 2014-06-07 16:47 - 00003154 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForBill
2015-05-30 10:28 - 2014-06-07 16:47 - 00000342 _____ () C:\Windows\Tasks\HPCeeScheduleForBill.job
2015-05-29 15:37 - 2014-05-29 12:20 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3342821347-547829600-3130496350-1001
2015-05-29 15:28 - 2014-05-29 12:16 - 00000000 ____D () C:\Users\Bill\Documents\Youcam
2015-05-29 15:27 - 2014-05-29 12:37 - 00000000 ___DO () C:\Users\Bill\SkyDrive
2015-05-29 15:25 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 15:13 - 2014-06-26 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-05-29 15:08 - 2014-05-30 14:32 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-05-29 15:08 - 2013-08-26 02:09 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 15:07 - 2014-06-26 17:36 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-05-28 05:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-27 15:19 - 2014-05-29 12:14 - 00000000 ____D () C:\Users\Bill
2015-05-27 15:04 - 2014-12-14 08:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-27 15:03 - 2013-08-22 09:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-25 19:25 - 2014-06-04 07:22 - 00002210 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 09:36 - 2014-05-29 13:59 - 00000000 ____D () C:\Users\Bill\AppData\Local\CrashDumps
2015-05-24 09:20 - 2013-08-22 10:44 - 00353952 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-23 03:50 - 2014-03-12 13:59 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2015-05-22 10:27 - 2014-05-29 12:16 - 00000000 ____D () C:\Users\Bill\AppData\Local\CyberLink
2015-05-22 10:27 - 2014-03-12 13:59 - 00000000 ____D () C:\Users\Public\CyberLink
2015-05-22 10:27 - 2014-03-12 13:56 - 00000000 ____D () C:\ProgramData\CyberLink
2015-05-22 10:27 - 2013-08-31 23:49 - 00000000 ____D () C:\SWSetup
2015-05-22 10:24 - 2014-01-11 15:45 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-05-22 10:23 - 2014-03-12 13:46 - 00000000 ____D () C:\Windows\Hewlett-Packard
2015-05-22 10:21 - 2014-01-11 15:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-05-22 10:20 - 2014-03-12 13:55 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2015-05-22 05:42 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-05-21 10:30 - 2014-05-31 11:58 - 00000503 _____ () C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\StockTwits.website
2015-05-20 17:24 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-20 16:37 - 2014-05-29 15:25 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-20 16:37 - 2014-05-29 15:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-20 16:37 - 2014-05-29 14:08 - 00000000 ____D () C:\Program Files\Webroot
2015-05-20 16:35 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-20 16:35 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-20 16:32 - 2014-05-29 14:09 - 00000000 ____D () C:\Users\Bill\AppData\Local\lptmp220791108
2015-05-20 16:03 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-20 16:02 - 2014-06-01 07:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-20 15:59 - 2015-04-04 09:32 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 15:59 - 2015-04-04 09:32 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 15:59 - 2014-06-01 07:30 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-20 15:58 - 2014-05-29 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-20 15:56 - 2013-08-22 15:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-20 15:49 - 2014-11-15 03:18 - 00000000 ____D () C:\Windows\Minidump
2015-05-20 15:49 - 2013-08-26 02:57 - 00000000 ____D () C:\Windows\Panther
2015-05-19 05:58 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-18 22:19 - 2014-05-29 14:54 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 22:19 - 2014-05-29 14:54 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-18 08:51 - 2014-07-17 05:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-18 08:51 - 2014-05-29 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-18 08:51 - 2014-03-12 13:55 - 00000000 ____D () C:\ProgramData\install_clap
2015-05-18 08:51 - 2013-08-22 15:12 - 00000000 ____D () C:\Windows\ShellNew
2015-05-18 08:51 - 2013-08-22 11:36 - 00000000 __RSD () C:\Windows\Media
2015-05-18 08:51 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-05-18 08:51 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-05-18 08:51 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-18 08:51 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-05-18 08:51 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-05-18 08:50 - 2014-05-29 13:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-05-18 08:50 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-18 08:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration
2015-05-18 08:30 - 2014-03-12 13:55 - 00000000 ____D () C:\ProgramData\Temp
2015-05-05 13:59 - 2013-08-22 11:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 13:59 - 2013-08-22 11:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 14:05 - 2014-05-29 14:54 - 00000000 ____D () C:\Users\Bill\AppData\Local\Google

==================== Files in the root of some directories =======

2015-05-17 17:09 - 2015-05-17 18:29 - 0000053 _____ () C:\Users\Bill\AppData\Roaming\LogFile.txt

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-27 06:09

==================== End of log ============================

Edited by nasdaq, 03 June 2015 - 07:30 AM.


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:43 AM

Posted 02 June 2015 - 08:04 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Your log is clean of malware.

===

If you want to check further run this.

Run an online scan with Eset (easiest with Internet Explorer): http://www.eset.com/onlinescan/
To shorten the scanning time disable your antivirus program while scanning.

Select Enable detection of potentially unwanted applications.
Click Advanced Settings.

Deselect Remove found threats.

Select:
Scan Archives
Scan for potentially unsafe applications
Enable Anti-Stealth Technology


Click Start.

When the scan is finished, click on List of found threats and then Export to text file. Copy the content of the text file and paste its content in your reply.
<<<>>>

p.s.
I suspect that your mouse is going bad.
I would replace it if I were you.

#3 Krooz

Krooz
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 02 June 2015 - 01:50 PM

Nasdaq, I ran the eset scan but may have forgotten to deselect  "Remove found threats".  Anyway, I've attached the log and I've also attached a screen shot of the laptop screen so you could see what I'm dealing with - I've circled in red 2 of the "touches". The shot is of my desktop screen - the "touches" bounce around there like fireworks going off  but don't hit anything as they're more concentrated in the middle of the screen. If my Windows 8.1 screen was up, everyone of those "touches" that happened to hit a tile would open it. When on the internet it's a nightmare because bookmarks etc all can randomly be touched and opened. I had to drag the scan off to the side so it wouldn't get messed up during it's run.

 

I uninstalled my mouse but it's still doing it, in fact, it took me about an hour of restarting the laptop before I got a break from it all and could send the log to my desktop to post. At a loss here, hopefully it's not a hardware issue.....

 

Thanks

 

Attached File  eset file.txt   250bytes   2 downloads

 

Attached File  Laptop Screen Shot.jpg   51.7KB   0 downloads


Edited by Krooz, 02 June 2015 - 02:55 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:43 AM

Posted 03 June 2015 - 07:46 AM

Very strange. Never seen this.

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======

#5 Krooz

Krooz
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 03 June 2015 - 12:52 PM

Thanks Nasdaq. Attached is the RK log.....

Attached Files



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:43 AM

Posted 03 June 2015 - 01:30 PM

Nothing found.

Please Download and run the ComboFix tool.

How to use ComboFix
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Follow the instructions on the page.

Post the content of the C:\ComboFix.txt file for my review.

p.s.
When all is well you can remove the tool by following the Uninstall instructions on the same page.

====

#7 Krooz

Krooz
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 03 June 2015 - 02:18 PM

Combofix won't run - says my operating system is not supported - I'm running Windows 8.1



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:43 AM

Posted 04 June 2015 - 07:51 AM

It's working on Windows 8 but not on 8.1 good to know.

If you remove you wallpaper can you get a better view of the icon?


While I check further on this issues you should start a new topic in the Windows 8 forum.
Some one may have seen this before.
http://www.bleepingcomputer.com/forums/f/209/windows-8-and-windows-81/

I do not own a Windows 8 and not familiar with it and I do not think it's caused by malware.

#9 Krooz

Krooz
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:43 AM

Posted 04 June 2015 - 09:52 AM

Thanks for your efforts! I will try posting on the Windows forum. This bug is quite frustrating . I tried deactivating the touch pad this morning just to see. Surfed for almost 2 hours and I thought that might have been the issue but when I got back from the store it's doing it's thing again - aagh!  Anyway, I made the background black to try to get a better picture of it in action but of course it's behaving at the moment. Video would really show it in action but the site won't let me upload one - only a still image.



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,246 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:04:43 AM

Posted 10 June 2015 - 12:14 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users