Jump to content

bjd9e1

Members
  • Posts

    12
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi, I was able to reset Internet Explorer, but it still did not work. I then downloaded the Windows Repair program onto a stick drive from another computer and tried to run it on my affected computer. The installation process seemed to work fine, but right towards the end I got an error message stating that it could not create a uninstall shortcut, and then the program closed out. When I click on the Windows button to view my programs, I see a folder for "Tweaking.com" and a subfolder called "Windows Repair (All in One)," but the folders are empty, and there are no programs contained in the folders. I tried Internet Explorer again, and it still does not work. Thanks for your continued help!
  2. Hi, My computer is still having the same problems -- Internet Explorer still cannot open, and now I'm also noticing that I can't get sound to work on web sites I visit, even though when I go to the Control Panel and press "Test," the sounds work just fine. I would appreciate any help!
  3. Hello, I ran the Dr. CureIt program after saving to my desktop, but it said no threats found after scanning 33,847 objects. There was no green link to click on to open a log.
  4. I tried to install the Windows Repair All in One file (I had to download it on to a USB stick drive on another computer first), but I went to install it, I got an error message towards the end of the installation process that says "Could not create uninstall shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com\Windows Repair (All in One)\Uninstall Tweaking.com - Windows Repair (All in One).lnk" I clicked "Ok" and then nothing else happened. I went to the Start menu and found a new folder under Programs called "Tweaking.com," but within that folder, there was only a subfolder called "Windows Repair (All in One)" and then that subfolder was empty. Regardless I went back to Google Chrome and tried to attach the log using the "Choose File" option but it still did not work. Do you want me to go ahead and try to run the Dr. Web Cure It antivirus scan?
  5. Hello, I was able to run TCF after downloading the program onto a USB stick drive and it seemed to work fine. I then re-ran a clean copy of ComboFix that I downloaded onto a USB stick drive, and the log is attached. My Internet Explorer is still not working, and I still can't choose the "Attach File" option on this forum to attach files, and so I guess I'm still having problems with my computer. Google Chrome seems to be working fine. Any suggestions on how to get IE working again would be much appreciated. I tried re-setting my IE settings again, but that didn't seem to do any good. Thank you.
  6. Hi, I couldn't get the TFC to work, and I'm not even sure I was able to reset the Internet Explorer settings. As far as resetting Internet Explorer, my IE browser doesn't work (when I click on Internet Explorer, I get a window with a blue bar at the top and nothing else that opens for about 5-10 seconds and then closes automatically), so I tried to reset the settings manually by typing "inetcpl.cpl" in the Search window after pressing the Windows button. That brought up the Internet Explorer options window, and I then clicked on the Advanced tab and then clicked Reset settings. I got a message saying settings had been reset, but IE still wasn't working. I then tried to download and run TFC, but it's not working. A new tab in Google Chrome opens when I click on the link from this forum, but then nothing else happens -- no download starts, etc. It just says "about:blank" in the address bar, and the tab is completely blank (I tried clicking on the link from a different computer and it worked fine, and so it's definitely a problem with my infected computer). When I type the address (oldtimer.geekstogo.com/TFC.exe) directly into the address bar, the tab very briefly changes to "Loading" but then changes back to whatever it was before ("Untitled," "Google," etc.) in less than a second. I wonder if my inability to click on the TFC link is the same reason I can't attach files to my responses to this forum? Blake
  7. Hello, Both logs from TDSSKiller are attached (the second log was too long to copy and paste, and so I e-mailed it to my other computer and created my own .txt file so that I could use the "Attach File" option -- hope that works out). 5 threats were found, which I skipped. Thank you for your help so far, Blake TDSSKiller.2.8.180.0_17.07.2013_22.32.49_log.tx.txt TDSSKiller.2.8.180.0_17.07.2013_22.35.26_log.tx.txt
  8. Below is a copy and paste of Fixlog.txt (again, I could not get the "Choose File" option to work). Thank you. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-07-2013 02Ran by blakeandjen at 2013-07-17 22:07:51 Run:1Running from C:\Users\blakeandjen\DesktopBoot Mode: Normal============================================== "C:\Users\BLAKEA~1\AppData\Local\Temp\launchie.vbs" => File/Directory not found.HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\AROReminder => Value deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93eb137a-e766-11e0-9583-806e6f6e6963} => Key deleted successfully.HKCR\CLSID\{93eb137a-e766-11e0-9583-806e6f6e6963} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.CHR DefaultSearchURL: (Conduit) - http://search.condui...Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN77359230525433118&ctid=CT3287378&UM=2 ==> The Chrome "Settings" can be used to fix the entry.CHR DefaultSuggestURL: (Conduit) - http://suggest.searc...on.ashx?prefix={searchTerms}&CUI=UN77359230525433118&UM=2 ==> The Chrome "Settings" can be used to fix the entry.C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Moved successfully.C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Moved successfully.C:\Users\blakeandjen\Downloads\InternetExplorer78and9repairscript32bit_downloader_by_FileTrip (1).exe => Moved successfully.C:\AdwCleaner[s1].txt => Moved successfully.C:\Users\blakeandjen\Downloads\AdwCleaner (1).exe => Moved successfully.C:\Windows\System32\Tasks\{714F9E99-B56D-44C0-9DFD-2E093B96FA95} => Moved successfully.C:\Users\blakeandjen\Downloads\JRT (3).exe => Moved successfully.C:\Users\blakeandjen\Downloads\JRT (2).exe => Moved successfully.C:\Users\blakeandjen\Downloads\JRT (1).exe => Moved successfully.C:\Users\blakeandjen\Downloads\JRT.exe => Moved successfully.C:\Windows\System32\Tasks\{1F5191D5-3FB1-4572-A6FF-957C4B97AB7D} => Moved successfully.C:\Program Files (x86)\GUT40CD.tmp => Moved successfully.C:\Program Files (x86)\GUM40CC.tmp => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{21FFD600-3336-418A-AB9A-83324DB2950B} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21FFD600-3336-418A-AB9A-83324DB2950B} => Key deleted successfully.C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-118250649-317752561-2107411411-1000 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeLogonTaskS-1-5-21-118250649-317752561-2107411411-1000 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2819FF77-1D77-4F4F-813F-3D09BA5D9481} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2819FF77-1D77-4F4F-813F-3D09BA5D9481} => Key deleted successfully.C:\Windows\System32\Tasks\JavaUpdateSched => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JavaUpdateSched => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{288BC7AE-BA94-4E9F-B736-351C45EEFEAB} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{288BC7AE-BA94-4E9F-B736-351C45EEFEAB} => Key deleted successfully.C:\Windows\System32\Tasks\4772 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4772 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36E853E4-4F55-4F98-9C8E-F6487FBD861D} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36E853E4-4F55-4F98-9C8E-F6487FBD861D} => Key deleted successfully.C:\Windows\System32\Tasks\PCDEventLauncher => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDEventLauncher => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4365178E-A5C1-4B20-8C9F-DB2D428AA382} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4365178E-A5C1-4B20-8C9F-DB2D428AA382} => Key deleted successfully.C:\Windows\System32\Tasks\0 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{47DFF923-C264-41D8-934B-9BEDC10206F2} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47DFF923-C264-41D8-934B-9BEDC10206F2} => Key deleted successfully.C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCDoctorBackgroundMonitorTask => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C604A56-7C6E-4E40-98B1-350A7DF34EDB} => Key not found.C:\Windows\System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MP Scheduled Scan => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6AA1D0C-EF08-4E23-9C01-DB69E8135BE1} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AA1D0C-EF08-4E23-9C01-DB69E8135BE1} => Key deleted successfully.C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A7A844FD-5AAB-42B1-9135-2AA9FFE1E05A} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A7A844FD-5AAB-42B1-9135-2AA9FFE1E05A} => Key deleted successfully.C:\Windows\System32\Tasks\SystemToolsDailyTest => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemToolsDailyTest => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0170AFA-3ED6-4F58-B629-CA4A093FFD81} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0170AFA-3ED6-4F58-B629-CA4A093FFD81} => Key deleted successfully.C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-118250649-317752561-2107411411-1000 => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealUpgradeScheduledTaskS-1-5-21-118250649-317752561-2107411411-1000 => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9900F2A-6282-41FA-8BCE-5B50B0A3A74E} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9900F2A-6282-41FA-8BCE-5B50B0A3A74E} => Key deleted successfully.C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB384AA9-D421-4CA4-97DB-C7E615FD375D} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB384AA9-D421-4CA4-97DB-C7E615FD375D} => Key deleted successfully.C:\Windows\System32\Tasks\PC Optimizer Pro64 startups => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Optimizer Pro64 startups => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2EFE612-F000-441A-89C0-BE50F573EB40} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2EFE612-F000-441A-89C0-BE50F573EB40} => Key deleted successfully.C:\Windows\System32\Tasks\{47BFB1AE-8B94-45D4-8DA2-228782763CCF} => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{47BFB1AE-8B94-45D4-8DA2-228782763CCF} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EBE94063-7161-4556-8C0A-EF819E78D9FE} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBE94063-7161-4556-8C0A-EF819E78D9FE} => Key deleted successfully.C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => Moved successfully.HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => Key deleted successfully.C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.C:\Windows\Tasks\PC Optimizer Pro64 startups.job => Moved successfully. ==== End of Fixlog ====
  9. Here are the 2 logs for the Farbar Recovery Scan Tool: #7: Farbar Recovery Scan ToolFRST.txt:Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-07-2013 02Ran by blakeandjen (administrator) on 17-07-2013 17:30:00Running from C:\Users\blakeandjen\DownloadsWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 10Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Windows\system32\WLANExt.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe(PlantSense, INC) C:\Program Files (x86)\EasyBloom\EasyBloom.exe(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe(Nikon Corporation) C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6611048 2011-02-18] (Realtek Semiconductor)HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)HKLM\...\Run: [intelPAN] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-06-16] (Intel® Corporation)HKLM\...\Run: [bTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10222080 2010-12-14] (Intel Corporation)HKCU\...\Run: [PlantSenseSysAgent] - C:\Program Files (x86)\EasyBloom\EasyBloom.exe [996704 2010-03-24] (PlantSense, INC)HKCU\...\Run: [AROReminder] - [x]MountPoints2: {93eb137a-e766-11e0-9583-806e6f6e6963} - D:\autorun.exeHKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [35736 2011-09-05] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [937920 2011-03-30] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Dell Webcam Central] - "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [503942 2011-04-13] (Creative Technology Ltd)HKLM-x32\...\Run: [Nikon Transfer Monitor] - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [479232 2009-09-15] (Nikon Corporation)HKLM-x32\...\Run: [ConnectionCenter] - "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup [300472 2010-05-12] (Citrix Systems, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.comSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {B0C1D5EE-3239-47D1-AF11-0E44E448BA25} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {B0C1D5EE-3239-47D1-AF11-0E44E448BA25} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - No FileBHO-x32: No Name - {3049C3E9-B461-4BC5-8870-4C09146192CA} - No FileBHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No FileBHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} - No FileBHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No FileToolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No FileHandler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - No FileHandler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - No FileHandler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - No FileHandler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No FileHandler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No FileHandler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - No FileHandler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - No FileHandler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - No FileHandler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - No FileHandler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - No FileHandler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No FileHandler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - No FileHandler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - No FileFilter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No FileFilter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No FileFilter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - No FileFilter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileTcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.112.12 Chrome: =======CHR DefaultSearchURL: (Conduit) - http://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN77359230525433118&ctid=CT3287378&UM=2CHR DefaultSuggestURL: (Conduit) - http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=UN77359230525433118&UM=2CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\pdf.dll ()CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)CHR Plugin: (Java Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)CHR Plugin: (Google Talk Plugin) - C:\Users\blakeandjen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\blakeandjen\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\blakeandjen\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)CHR Plugin: (RealPlayer HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()CHR Extension: (Google Drive) - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0CHR Extension: (YouTube) - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0CHR Extension: (Google Search) - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0CHR Extension: (Gmail) - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0CHR Extension: () - C:\Users\BLAKEA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir_3640_2287 ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-16] ()S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x] ==================== Drivers (Whitelisted) ==================== S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2011-11-12] (LeapFrog)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-07-17 17:29 - 2013-07-17 17:29 - 01778209 _____ (Farbar) C:\Users\blakeandjen\Downloads\FRST64.exe2013-07-17 17:29 - 2013-07-17 17:29 - 00000000 ____D C:\FRST2013-07-17 17:28 - 2013-07-17 17:28 - 00002227 _____ C:\Users\blakeandjen\Desktop\ESET results.txt2013-07-17 15:16 - 2013-07-17 15:16 - 02347384 _____ (ESET) C:\Users\blakeandjen\Downloads\esetsmartinstaller_enu (1).exe2013-07-17 11:39 - 2013-07-17 11:39 - 00000000 ____D C:\Program Files (x86)\ESET2013-07-17 11:17 - 2013-07-17 11:24 - 02347384 _____ (ESET) C:\Users\blakeandjen\Downloads\esetsmartinstaller_enu.exe2013-07-17 11:10 - 2013-07-17 11:10 - 00007935 _____ C:\Users\blakeandjen\Desktop\AdwCleaner[s1].txt2013-07-17 11:08 - 2013-07-17 11:08 - 00007935 _____ C:\AdwCleaner[s1].txt2013-07-17 11:08 - 2013-07-17 11:08 - 00001717 _____ C:\Windows\DeleteOnReboot.bat2013-07-17 11:04 - 2013-07-17 11:06 - 00662345 _____ C:\Users\blakeandjen\Downloads\AdwCleaner (1).exe2013-07-17 11:03 - 2013-07-17 11:04 - 00662345 _____ C:\Users\blakeandjen\Downloads\AdwCleaner.exe2013-07-17 11:01 - 2013-07-17 11:01 - 00003174 _____ C:\Windows\System32\Tasks\{714F9E99-B56D-44C0-9DFD-2E093B96FA95}2013-07-17 10:59 - 2013-07-17 11:00 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (3).exe2013-07-17 10:57 - 2013-07-17 10:58 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (2).exe2013-07-17 10:50 - 2013-07-17 10:55 - 00288131 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (1).exe2013-07-17 10:50 - 2013-07-17 10:50 - 00003162 _____ C:\Windows\System32\Tasks\{1F5191D5-3FB1-4572-A6FF-957C4B97AB7D}2013-07-17 10:41 - 2013-07-17 10:44 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT.exe2013-07-17 07:40 - 2013-07-17 07:40 - 00000000 ____D C:\Users\blakeandjen\Downloads\mbar-1.06.0.10042013-07-17 07:39 - 2013-07-17 07:39 - 13399154 _____ C:\Users\blakeandjen\Downloads\mbar-1.06.0.1004.zip2013-07-17 07:38 - 2013-07-17 07:38 - 00001669 _____ C:\Users\blakeandjen\Desktop\RKreport[0]_S_07172013_073830.txt2013-07-17 07:36 - 2013-07-17 07:38 - 00000000 ____D C:\Users\blakeandjen\Desktop\RK_Quarantine2013-07-17 07:36 - 2013-07-17 07:36 - 03778560 _____ C:\Users\blakeandjen\Downloads\RogueKillerX64.exe2013-07-17 07:28 - 2013-07-17 07:28 - 00000000 ____D C:\Windows\ERDNT2013-07-17 07:26 - 2013-07-17 07:27 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-07-17 07:25 - 2013-07-17 07:25 - 00791393 _____ (Lars Hederer ) C:\Users\blakeandjen\Downloads\erunt-setup.exe2013-07-16 23:20 - 2013-07-16 23:20 - 00688992 ____R (Swearware) C:\Users\blakeandjen\Downloads\dds.scr2013-07-16 23:20 - 2013-07-16 23:20 - 00018063 _____ C:\Users\blakeandjen\Desktop\dds.txt2013-07-16 23:20 - 2013-07-16 23:20 - 00013241 _____ C:\Users\blakeandjen\Desktop\attach.txt2013-07-16 23:13 - 2011-09-25 06:21 - 00000204 _____ C:\Users\Public\Desktop\My Identity Protection.url2013-07-16 23:04 - 2013-07-16 23:13 - 00001964 _____ C:\Users\blakeandjen\Desktop\unhide.txt2013-07-16 23:04 - 2013-07-16 23:04 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\blakeandjen\Downloads\unhide.exe2013-07-16 23:02 - 2013-07-16 23:04 - 00002502 _____ C:\Users\blakeandjen\Desktop\Rkill.txt2013-07-16 23:02 - 2013-07-16 23:02 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\blakeandjen\Downloads\rkill.exe2013-07-16 23:02 - 2013-07-16 23:02 - 00000000 ____D C:\Users\blakeandjen\Desktop\rkill2013-07-16 23:00 - 2013-07-16 23:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (3).exe2013-07-16 22:58 - 2013-07-16 22:58 - 01440846 _____ C:\Users\blakeandjen\Downloads\mbam-chameleon-1.62.1.1000.zip2013-07-16 22:39 - 2013-07-16 22:39 - 00001375 _____ C:\Users\blakeandjen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-07-16 22:26 - 2013-07-16 22:26 - 00002188 _____ C:\Users\blakeandjen\Downloads\28919-ie8-rereg.zip2013-07-16 22:24 - 2013-07-16 22:24 - 01624136 _____ (Bandoo Media Inc) C:\Users\blakeandjen\Downloads\iLividSetup-r394-n-bc (1).exe2013-07-16 22:22 - 2013-07-16 22:22 - 01624136 _____ (Bandoo Media Inc) C:\Users\blakeandjen\Downloads\iLividSetup-r394-n-bc.exe2013-07-16 22:21 - 2013-07-16 22:21 - 00163408 _____ () C:\Users\blakeandjen\Downloads\InternetExplorer78and9repairscript32bit_downloader_by_FileTrip (1).exe2013-07-16 22:20 - 2013-07-16 22:20 - 00163408 _____ () C:\Users\blakeandjen\Downloads\InternetExplorer78and9repairscript32bit_downloader_by_FileTrip.exe2013-07-16 22:16 - 2013-07-16 22:16 - 00000229 _____ C:\Users\blakeandjen\Desktop\Enabie3.reg2013-07-16 21:32 - 2013-07-16 21:32 - 01110478 _____ C:\Users\blakeandjen\Downloads\ProcessMonitor.zip2013-07-16 20:42 - 2013-07-16 20:42 - 00000000 ____D C:\Program Files (x86)\ARO 20132013-07-16 20:41 - 2013-07-16 20:41 - 04887880 _____ (Support.com ) C:\Users\blakeandjen\Downloads\ARO2013_tbt.exe2013-07-16 20:41 - 2013-07-16 20:41 - 04887880 _____ (Support.com ) C:\Users\blakeandjen\Downloads\ARO2013_tbt (1).exe2013-07-16 20:40 - 2013-07-16 20:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (2).exe2013-07-16 20:25 - 2013-07-16 20:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (1).exe2013-07-16 20:12 - 2013-07-16 20:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300.exe2013-07-14 14:32 - 2013-07-14 14:32 - 00675988 _____ C:\Users\blakeandjen\Desktop\Minecraft.exe2013-07-14 14:14 - 2013-07-15 20:24 - 00000000 ___RD C:\Users\blakeandjen\Desktop\Minecraft Server2013-07-14 09:54 - 2013-07-14 09:54 - 00089836 _____ C:\Users\blakeandjen\Documents\fish hawk.skp2013-07-13 06:36 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2013-07-13 06:36 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2013-07-13 06:36 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2013-07-13 06:36 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2013-07-13 06:36 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2013-07-13 06:36 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2013-07-13 06:36 - 2013-06-11 19:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2013-07-13 06:36 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2013-07-13 06:36 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2013-07-13 06:36 - 2013-06-11 19:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2013-07-13 06:36 - 2013-06-11 19:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll2013-07-13 06:36 - 2013-06-11 19:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2013-07-13 06:36 - 2013-06-11 19:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2013-07-13 06:36 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2013-07-13 06:36 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2013-07-13 06:36 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2013-07-13 06:36 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2013-07-13 06:36 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2013-07-13 06:36 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2013-07-13 06:36 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2013-07-13 06:36 - 2013-06-11 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2013-07-13 06:36 - 2013-06-11 18:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-07-13 06:36 - 2013-06-11 18:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe2013-07-13 06:36 - 2013-06-06 23:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2013-07-13 06:36 - 2013-06-06 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2013-07-12 22:02 - 2013-07-12 22:02 - 02221471 _____ C:\Users\blakeandjen\Documents\donavan.skp2013-07-12 21:56 - 2013-06-04 23:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2013-07-12 21:56 - 2013-06-04 02:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll2013-07-12 21:56 - 2013-06-04 00:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll2013-07-12 21:56 - 2013-05-27 11:11 - 08553892 _____ C:\Users\blakeandjen\Documents\man.skb2013-07-12 21:56 - 2013-05-06 02:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL2013-07-12 21:56 - 2013-05-06 00:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL2013-07-12 21:55 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll2013-07-12 21:55 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll2013-07-10 22:59 - 2013-07-10 22:59 - 00000000 ____D C:\Users\blakeandjen\AppData\Roaming\Mozilla2013-07-10 07:53 - 2013-07-10 07:53 - 04249600 _____ C:\Program Files (x86)\GUT40CD.tmp2013-07-10 07:53 - 2013-07-10 07:53 - 00000000 ____D C:\Program Files (x86)\GUM40CC.tmp2013-07-06 19:50 - 2013-07-06 19:50 - 00024514 _____ C:\Users\blakeandjen\Documents\JGNJBGMCJMFCMG,FK,.skp2013-07-04 08:09 - 2013-07-04 08:09 - 00014542 _____ C:\Users\blakeandjen\Downloads\hs_err_pid2448.log2013-07-02 09:42 - 2013-07-02 09:42 - 00014399 _____ C:\Users\blakeandjen\Downloads\hs_err_pid6476.log2013-07-02 07:01 - 2013-07-02 07:01 - 00015473 _____ C:\Users\blakeandjen\Downloads\hs_err_pid2856.log2013-06-26 20:50 - 2013-06-26 20:50 - 06953496 _____ (Microsoft Corporation) C:\Users\blakeandjen\Downloads\Silverlight.exe2013-06-26 09:11 - 2013-06-26 09:11 - 00014413 _____ C:\Users\blakeandjen\Downloads\hs_err_pid3996.log2013-06-22 14:32 - 2013-06-22 14:32 - 02129302 _____ C:\Users\blakeandjen\Documents\jyitlu5dhr4se6twt4r5yiu=o78p[9oiuhrgtedryiugoyi.skp2013-06-22 11:35 - 2013-06-22 11:37 - 00015595 _____ C:\Users\blakeandjen\Downloads\hs_err_pid6820.log2013-06-21 10:15 - 2013-06-21 10:29 - 00000000 ____D C:\Users\blakeandjen\Desktop\2013-06-21 iPhone June 21 20132013-06-21 07:56 - 2013-06-21 07:56 - 10303127 _____ C:\Users\blakeandjen\Documents\685+9478+64.skp ==================== One Month Modified Files and Folders ======= 2013-07-17 17:29 - 2013-07-17 17:29 - 01778209 _____ (Farbar) C:\Users\blakeandjen\Downloads\FRST64.exe2013-07-17 17:29 - 2013-07-17 17:29 - 00000000 ____D C:\FRST2013-07-17 17:28 - 2013-07-17 17:28 - 00002227 _____ C:\Users\blakeandjen\Desktop\ESET results.txt2013-07-17 17:12 - 2012-01-07 22:50 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2013-07-17 16:15 - 2009-07-14 01:13 - 00779788 _____ C:\Windows\system32\PerfStringBackup.INI2013-07-17 16:12 - 2011-09-25 07:10 - 01444417 _____ C:\Windows\WindowsUpdate.log2013-07-17 15:16 - 2013-07-17 15:16 - 02347384 _____ (ESET) C:\Users\blakeandjen\Downloads\esetsmartinstaller_enu (1).exe2013-07-17 11:39 - 2013-07-17 11:39 - 00000000 ____D C:\Program Files (x86)\ESET2013-07-17 11:24 - 2013-07-17 11:17 - 02347384 _____ (ESET) C:\Users\blakeandjen\Downloads\esetsmartinstaller_enu.exe2013-07-17 11:16 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02013-07-17 11:16 - 2009-07-14 00:45 - 00021296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02013-07-17 11:10 - 2013-07-17 11:10 - 00007935 _____ C:\Users\blakeandjen\Desktop\AdwCleaner[s1].txt2013-07-17 11:09 - 2012-11-17 14:26 - 00000426 _____ C:\Windows\Tasks\PC Optimizer Pro64 startups.job2013-07-17 11:09 - 2012-01-07 22:50 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2013-07-17 11:09 - 2011-09-25 05:50 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup2013-07-17 11:09 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2013-07-17 11:09 - 2009-07-14 00:51 - 00057141 _____ C:\Windows\setupact.log2013-07-17 11:08 - 2013-07-17 11:08 - 00007935 _____ C:\AdwCleaner[s1].txt2013-07-17 11:08 - 2013-07-17 11:08 - 00001717 _____ C:\Windows\DeleteOnReboot.bat2013-07-17 11:06 - 2013-07-17 11:04 - 00662345 _____ C:\Users\blakeandjen\Downloads\AdwCleaner (1).exe2013-07-17 11:04 - 2013-07-17 11:03 - 00662345 _____ C:\Users\blakeandjen\Downloads\AdwCleaner.exe2013-07-17 11:01 - 2013-07-17 11:01 - 00003174 _____ C:\Windows\System32\Tasks\{714F9E99-B56D-44C0-9DFD-2E093B96FA95}2013-07-17 11:00 - 2013-07-17 10:59 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (3).exe2013-07-17 10:58 - 2013-07-17 10:57 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (2).exe2013-07-17 10:55 - 2013-07-17 10:50 - 00288131 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT (1).exe2013-07-17 10:50 - 2013-07-17 10:50 - 00003162 _____ C:\Windows\System32\Tasks\{1F5191D5-3FB1-4572-A6FF-957C4B97AB7D}2013-07-17 10:44 - 2013-07-17 10:41 - 00558958 _____ (Oleg N. Scherbakov) C:\Users\blakeandjen\Downloads\JRT.exe2013-07-17 09:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF2013-07-17 08:04 - 2010-11-20 23:47 - 00032206 _____ C:\Windows\PFRO.log2013-07-17 07:40 - 2013-07-17 07:40 - 00000000 ____D C:\Users\blakeandjen\Downloads\mbar-1.06.0.10042013-07-17 07:39 - 2013-07-17 07:39 - 13399154 _____ C:\Users\blakeandjen\Downloads\mbar-1.06.0.1004.zip2013-07-17 07:38 - 2013-07-17 07:38 - 00001669 _____ C:\Users\blakeandjen\Desktop\RKreport[0]_S_07172013_073830.txt2013-07-17 07:38 - 2013-07-17 07:36 - 00000000 ____D C:\Users\blakeandjen\Desktop\RK_Quarantine2013-07-17 07:36 - 2013-07-17 07:36 - 03778560 _____ C:\Users\blakeandjen\Downloads\RogueKillerX64.exe2013-07-17 07:28 - 2013-07-17 07:28 - 00000000 ____D C:\Windows\ERDNT2013-07-17 07:27 - 2013-07-17 07:26 - 00000000 ____D C:\Program Files (x86)\ERUNT2013-07-17 07:25 - 2013-07-17 07:25 - 00791393 _____ (Lars Hederer ) C:\Users\blakeandjen\Downloads\erunt-setup.exe2013-07-16 23:20 - 2013-07-16 23:20 - 00688992 ____R (Swearware) C:\Users\blakeandjen\Downloads\dds.scr2013-07-16 23:20 - 2013-07-16 23:20 - 00018063 _____ C:\Users\blakeandjen\Desktop\dds.txt2013-07-16 23:20 - 2013-07-16 23:20 - 00013241 _____ C:\Users\blakeandjen\Desktop\attach.txt2013-07-16 23:13 - 2013-07-16 23:04 - 00001964 _____ C:\Users\blakeandjen\Desktop\unhide.txt2013-07-16 23:04 - 2013-07-16 23:04 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\blakeandjen\Downloads\unhide.exe2013-07-16 23:04 - 2013-07-16 23:02 - 00002502 _____ C:\Users\blakeandjen\Desktop\Rkill.txt2013-07-16 23:02 - 2013-07-16 23:02 - 01836672 _____ (Bleeping Computer, LLC) C:\Users\blakeandjen\Downloads\rkill.exe2013-07-16 23:02 - 2013-07-16 23:02 - 00000000 ____D C:\Users\blakeandjen\Desktop\rkill2013-07-16 23:01 - 2012-12-21 00:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-07-16 23:00 - 2013-07-16 23:00 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (3).exe2013-07-16 22:58 - 2013-07-16 22:58 - 01440846 _____ C:\Users\blakeandjen\Downloads\mbam-chameleon-1.62.1.1000.zip2013-07-16 22:39 - 2013-07-16 22:39 - 00001375 _____ C:\Users\blakeandjen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2013-07-16 22:26 - 2013-07-16 22:26 - 00002188 _____ C:\Users\blakeandjen\Downloads\28919-ie8-rereg.zip2013-07-16 22:24 - 2013-07-16 22:24 - 01624136 _____ (Bandoo Media Inc) C:\Users\blakeandjen\Downloads\iLividSetup-r394-n-bc (1).exe2013-07-16 22:22 - 2013-07-16 22:22 - 01624136 _____ (Bandoo Media Inc) C:\Users\blakeandjen\Downloads\iLividSetup-r394-n-bc.exe2013-07-16 22:21 - 2013-07-16 22:21 - 00163408 _____ () C:\Users\blakeandjen\Downloads\InternetExplorer78and9repairscript32bit_downloader_by_FileTrip (1).exe2013-07-16 22:20 - 2013-07-16 22:20 - 00163408 _____ () C:\Users\blakeandjen\Downloads\InternetExplorer78and9repairscript32bit_downloader_by_FileTrip.exe2013-07-16 22:16 - 2013-07-16 22:16 - 00000229 _____ C:\Users\blakeandjen\Desktop\Enabie3.reg2013-07-16 21:32 - 2013-07-16 21:32 - 01110478 _____ C:\Users\blakeandjen\Downloads\ProcessMonitor.zip2013-07-16 20:42 - 2013-07-16 20:42 - 00000000 ____D C:\Program Files (x86)\ARO 20132013-07-16 20:41 - 2013-07-16 20:41 - 04887880 _____ (Support.com ) C:\Users\blakeandjen\Downloads\ARO2013_tbt.exe2013-07-16 20:41 - 2013-07-16 20:41 - 04887880 _____ (Support.com ) C:\Users\blakeandjen\Downloads\ARO2013_tbt (1).exe2013-07-16 20:40 - 2013-07-16 20:40 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (2).exe2013-07-16 20:25 - 2013-07-16 20:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300 (1).exe2013-07-16 20:12 - 2013-07-16 20:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\blakeandjen\Downloads\mbam-setup-1.75.0.1300.exe2013-07-15 20:24 - 2013-07-14 14:14 - 00000000 ___RD C:\Users\blakeandjen\Desktop\Minecraft Server2013-07-15 20:24 - 2012-11-28 21:48 - 00000000 ____D C:\Users\blakeandjen\AppData\Roaming\.minecraft2013-07-15 18:07 - 2012-01-07 22:50 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2013-07-15 18:07 - 2012-01-07 22:50 - 00003652 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2013-07-14 15:26 - 2011-09-25 06:00 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks2013-07-14 15:26 - 2011-09-25 06:00 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks2013-07-14 14:32 - 2013-07-14 14:32 - 00675988 _____ C:\Users\blakeandjen\Desktop\Minecraft.exe2013-07-14 09:54 - 2013-07-14 09:54 - 00089836 _____ C:\Users\blakeandjen\Documents\fish hawk.skp2013-07-13 11:19 - 2009-07-14 00:45 - 00268856 _____ C:\Windows\system32\FNTCACHE.DAT2013-07-13 11:17 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal2013-07-13 11:17 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files\Windows Defender2013-07-13 11:17 - 2009-07-14 01:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender2013-07-13 06:29 - 2012-01-07 22:50 - 00000000 ____D C:\Users\BLAKEA~1\AppData\Local\Google2013-07-12 22:02 - 2013-07-12 22:02 - 02221471 _____ C:\Users\blakeandjen\Documents\donavan.skp2013-07-12 21:56 - 2013-05-27 11:11 - 09436783 _____ C:\Users\blakeandjen\Documents\man.skp2013-07-10 22:59 - 2013-07-10 22:59 - 00000000 ____D C:\Users\blakeandjen\AppData\Roaming\Mozilla2013-07-10 07:53 - 2013-07-10 07:53 - 04249600 _____ C:\Program Files (x86)\GUT40CD.tmp2013-07-10 07:53 - 2013-07-10 07:53 - 00000000 ____D C:\Program Files (x86)\GUM40CC.tmp2013-07-06 19:50 - 2013-07-06 19:50 - 00024514 _____ C:\Users\blakeandjen\Documents\JGNJBGMCJMFCMG,FK,.skp2013-07-05 15:05 - 2011-02-10 12:10 - 00774004 _____ C:\Windows\SysWOW64\PerfStringBackup.INI2013-07-04 08:09 - 2013-07-04 08:09 - 00014542 _____ C:\Users\blakeandjen\Downloads\hs_err_pid2448.log2013-07-02 09:42 - 2013-07-02 09:42 - 00014399 _____ C:\Users\blakeandjen\Downloads\hs_err_pid6476.log2013-07-02 07:01 - 2013-07-02 07:01 - 00015473 _____ C:\Users\blakeandjen\Downloads\hs_err_pid2856.log2013-06-26 20:50 - 2013-06-26 20:50 - 06953496 _____ (Microsoft Corporation) C:\Users\blakeandjen\Downloads\Silverlight.exe2013-06-26 09:11 - 2013-06-26 09:11 - 00014413 _____ C:\Users\blakeandjen\Downloads\hs_err_pid3996.log2013-06-22 14:32 - 2013-06-22 14:32 - 02129302 _____ C:\Users\blakeandjen\Documents\jyitlu5dhr4se6twt4r5yiu=o78p[9oiuhrgtedryiugoyi.skp2013-06-22 11:37 - 2013-06-22 11:35 - 00015595 _____ C:\Users\blakeandjen\Downloads\hs_err_pid6820.log2013-06-21 10:29 - 2013-06-21 10:15 - 00000000 ____D C:\Users\blakeandjen\Desktop\2013-06-21 iPhone June 21 20132013-06-21 07:56 - 2013-06-21 07:56 - 10303127 _____ C:\Users\blakeandjen\Documents\685+9478+64.skp2013-06-17 20:48 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-07-13 10:58 ==================== End Of Log ============================ --------------------------------------------#7: Farbar Recovery Scan ToolAddition.txt:Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2013 02Ran by blakeandjen at 2013-07-17 17:31:29Running from C:\Users\blakeandjen\DownloadsBoot Mode: Normal========================================================== ==================== Installed Programs ======================= 2013 (Version: 8.0)Adobe AIR (x32 Version: 2.6.0.19120)Adobe Digital Editions 2.0 (x32 Version: 2.0)Adobe Flash Player 10 ActiveX (x32 Version: 10.3.181.34)Adobe Flash Player 11 Plugin (x32 Version: 11.1.102.55)Adobe Reader X (10.1.1) MUI (x32 Version: 10.1.1)Advanced Audio FX Engine (x32 Version: 1.12.05)Banctec Service Agreement (x32 Version: 2.0.0)Bing Rewards Client Installer (x32 Version: 16.0.345.0)Citrix online plug-in - web (x32 Version: 12.0.3.6)Citrix online plug-in (DV) (x32 Version: 12.0.3.6)Citrix online plug-in (HDX) (x32 Version: 12.0.3.6)Citrix online plug-in (USB) (x32 Version: 12.0.3.6)Citrix online plug-in (Web) (x32 Version: 12.0.3.6)Complete Care Business Service Agreement (x32 Version: 2.0.0)D3DX10 (x32 Version: 15.4.2368.0902)Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.60)Dell DataSafe Local Backup (x32 Version: 9.4.60)Dell Digital Delivery (x32 Version: 1.5.1249.0)Dell Edoc Viewer (Version: 1.0.0)Dell Touchpad (Version: 7.1209.101.204)Dell VideoStage (x32 Version: 1.2.0.1712)Dell Webcam Central (x32 Version: 2.00.44)EasyBloom Companion (x32)eBay (x32 Version: 1.4.0)ERUNT 1.1j (x32)ESET Online Scanner v3 (x32)FASTT Math (x32 Version: 1.2.0.12)File Uploader (x32 Version: 1.2.5)Google Chrome (x32 Version: 28.0.1500.72)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4209.2358)Google Update Helper (x32 Version: 1.3.21.145)H&R Block Basic + Efile 2011 (x32 Version: 11.02.7102)H&R Block Basic + Efile 2012 (x32 Version: 12.02.7803)Intel PROSet WirelessIntel PROSet Wireless (x32)Intel® Control Center (x32 Version: 1.2.1.1007)Intel® Management Engine Components (x32 Version: 7.0.0.1144)Intel® Processor Graphics (x32 Version: 8.15.10.2345)Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.0.1.0489)Intel® PROSet/Wireless WiFi Software (Version: 14.1.2000)Intel® WiDi (x32 Version: 2.1.38.0)Intel® Wireless DisplayJava Auto Updater (x32 Version: 2.0.3.1)Java 6 Update 24 (64-bit) (Version: 6.0.240)Java 6 Update 24 (x32 Version: 6.0.240)Junk Mail filter update (x32 Version: 15.4.3502.0922)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Mesh Runtime (x32 Version: 15.4.5722.2)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Office 2010 (x32 Version: 14.0.4763.1000)Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT_amd64 (x32 Version: 15.4.2862.0708)Nikon Message Center (x32 Version: 0.92.000)Nikon Transfer (x32 Version: 1.5.3)Picture Control Utility (x32 Version: 1.1.9)Realtek High Definition Audio Driver (x32 Version: 6.0.1.6312)Samsung ML-1740 Series (x32)SketchUp 8 (x32 Version: 3.0.15158)Skype Toolbars (x32 Version: 1.0.4051)Skype™ 5.10 (x32 Version: 5.10.116)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)Update Installer for WildTangent Games App (x32)ViewNX (x32 Version: 1.5.2)Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3508.1109)Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)Windows Live Installer (x32 Version: 15.4.3502.0922)Windows Live Language Selector (Version: 15.4.3508.1109)Windows Live Mail (x32 Version: 15.4.3502.0922)Windows Live Mesh (x32 Version: 15.4.3502.0922)Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)Windows Live Messenger (x32 Version: 15.4.3502.0922)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Windows Live Photo Common (x32 Version: 15.4.3502.0922)Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)Windows Live Remote Client (Version: 15.4.5722.2)Windows Live Remote Client Resources (Version: 15.4.5722.2)Windows Live Remote Service (Version: 15.4.5722.2)Windows Live Remote Service Resources (Version: 15.4.5722.2)Windows Live SOXE (x32 Version: 15.4.3502.0922)Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Windows Live UX Platform (x32 Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)Windows Live Writer (x32 Version: 15.4.3502.0922)Windows Live Writer Resources (x32 Version: 15.4.3502.0922)Zinio Reader 4 (x32 Version: 4.2.4164)Zoo Tycoon 2 - Zookeeper Collection (x32 Version: 1.00.0000)Zoo Tycoon2 - Marine Mania Demo (x32 Version: 1.00.0000) ==================== Restore Points ========================= 25-06-2013 11:32:16 Windows Update28-06-2013 23:09:41 Windows Update02-07-2013 11:11:13 Windows Update05-07-2013 18:58:43 Windows Update13-07-2013 01:55:52 Windows Update13-07-2013 10:28:21 Windows Update16-07-2013 23:13:34 Windows Update17-07-2013 00:14:08 Restore Operation17-07-2013 02:29:59 Windows Modules Installer17-07-2013 02:37:12 Windows Modules Installer ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {21FFD600-3336-418A-AB9A-83324DB2950B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-118250649-317752561-2107411411-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No FileTask: {2819FF77-1D77-4F4F-813F-3D09BA5D9481} - System32\Tasks\JavaUpdateSched => %COMMONPROGRAMFILES(x86)%\Java\Java Update\jusched.exe No FileTask: {288BC7AE-BA94-4E9F-B736-351C45EEFEAB} - System32\Tasks\4772 => C:\Windows\System32\wscript.exe [2009-07-13] (Microsoft Corporation)Task: {36E853E4-4F55-4F98-9C8E-F6487FBD861D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe No FileTask: {4365178E-A5C1-4B20-8C9F-DB2D428AA382} - System32\Tasks\0 => C:\program files\internet explorer\iexplore.exe [2013-06-11] (Microsoft Corporation)Task: {47DFF923-C264-41D8-934B-9BEDC10206F2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe No FileTask: {6C604A56-7C6E-4E40-98B1-350A7DF34EDB} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)Task: {A6AA1D0C-EF08-4E23-9C01-DB69E8135BE1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07] (Google Inc.)Task: {A7A844FD-5AAB-42B1-9135-2AA9FFE1E05A} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe No FileTask: {B0170AFA-3ED6-4F58-B629-CA4A093FFD81} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-118250649-317752561-2107411411-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe No FileTask: {C9900F2A-6282-41FA-8BCE-5B50B0A3A74E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-07] (Google Inc.)Task: {DB384AA9-D421-4CA4-97DB-C7E615FD375D} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe No FileTask: {E2EFE612-F000-441A-89C0-BE50F573EB40} - System32\Tasks\{47BFB1AE-8B94-45D4-8DA2-228782763CCF} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)Task: {EBE94063-7161-4556-8C0A-EF819E78D9FE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update TaskTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (07/17/2013 03:16:59 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2013 03:16:49 PM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2013 11:38:57 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2013 11:24:57 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.A component version required by the application conflicts with another component version already active.Conflicting components are:.Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2013 11:19:39 AM) (Source: CVHSVC) (User: )Description: Information only.The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (07/17/2013 11:10:14 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC) (User: )Description: Information only.The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC) (User: )Description: Information only.Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0 Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC) (User: )Description: Information only.Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE} Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC) (User: )Description: Information only.Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping... System errors:=============Error: (07/17/2013 11:11:42 AM) (Source: Service Control Manager) (User: )Description: The Dell Digital Delivery Service service failed to start due to the following error: %%1053 Error: (07/17/2013 11:11:42 AM) (Source: Service Control Manager) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (07/17/2013 11:09:29 AM) (Source: Service Control Manager) (User: )Description: The DgiVecp service failed to start due to the following error: %%20 Error: (07/17/2013 09:40:15 AM) (Source: Service Control Manager) (User: )Description: The Dell Digital Delivery Service service failed to start due to the following error: %%1053 Error: (07/17/2013 09:40:15 AM) (Source: Service Control Manager) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (07/17/2013 09:38:03 AM) (Source: Service Control Manager) (User: )Description: The DgiVecp service failed to start due to the following error: %%20 Error: (07/17/2013 08:07:02 AM) (Source: Service Control Manager) (User: )Description: The Dell Digital Delivery Service service failed to start due to the following error: %%1053 Error: (07/17/2013 08:07:02 AM) (Source: Service Control Manager) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect. Error: (07/17/2013 08:04:48 AM) (Source: Service Control Manager) (User: )Description: The DgiVecp service failed to start due to the following error: %%20 Error: (07/16/2013 10:41:36 PM) (Source: Service Control Manager) (User: )Description: The Dell Digital Delivery Service service failed to start due to the following error: %%1053 Microsoft Office Sessions:=========================Error: (07/17/2013 03:16:59 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\blakeandjen\Downloads\esetsmartinstaller_enu (1).exe Error: (07/17/2013 03:16:49 PM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\blakeandjen\Downloads\esetsmartinstaller_enu (1).exe Error: (07/17/2013 11:38:57 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\blakeandjen\Downloads\esetsmartinstaller_enu.exe Error: (07/17/2013 11:24:57 AM) (Source: SideBySide)(User: )Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\blakeandjen\Downloads\esetsmartinstaller_enu.exe Error: (07/17/2013 11:19:39 AM) (Source: CVHSVC)(User: )Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (07/17/2013 11:10:14 AM) (Source: SideBySide)(User: )Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC)(User: )Description: The action cannot be completed. Try the action again. If the problem continues, contact Microsoft Product Support. Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC)(User: )Description: Error: exception in main loop CoCreateInstance failed : HR: 0x80040154 ErrorCode: 0x0 Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC)(User: )Description: Product registration is corrupted for {90140011-0066-0409-0000-0000000FF1CE} Error: (07/17/2013 11:09:39 AM) (Source: CVHSVC)(User: )Description: Error: Product {90140011-0066-0409-0000-0000000FF1CE} found in the registry but SoftGrid doesn't know about it, skipping... ==================== Memory info =========================== Percentage of memory in use: 45%Total physical RAM: 4010.17 MBAvailable physical RAM: 2166.22 MBTotal Pagefile: 8018.53 MBAvailable Pagefile: 6081.01 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:576.54 GB) (Free:484.57 GB) NTFS (Disk=0 Partition=3)Drive d: (ZT2ZCD1) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 07F2837E)Partition 1: (Not Active) - (Size=102 MB) - (Type=DE)Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=577 GB) - (Type=07 NTFS) ==================== End Of Log ============================
  10. Hi and thank you for your help. I was able to do most of what you asked, but I could not get the Junkware Removal Tool to download and run. Also, I can't seem to get the "Choose File" attachment feature working, and so I've copied and pasted all of the text files instead of attaching them. If there is a way for me to send you the .txt files other than attaching them, please let me know. Also, because all of the copy and pasting made my reply too long, I've copied and pasted the 2 Farbar Recovery Scan Tool logs to my next reply instead of pasting them below. I also encountered some error messages during some of the steps, which I've outlined below: #1: ERUNT: This worked, but I got the following message during the download process: CoCreateInstance failed; code 0x80040154 #2: RogueKiller: Worked fine - log copied and pasted below #3: Malwarebytes Anti-Rootkit: This eventually worked, but I got the following message when I first tried to run the program: C:\Users\blakeandjen\Downloads\mbar-1.06.0.1004.zip Class not registered This "Class not registered" message is a common message I have been receiving lately when I try to download things. I did a search for the mbar.exe file and was able to find it on my computer, and so I was eventually able to get this to work. 2 threats were found on the first scan, which I cleaned up, and then I ran a second scan, which was clean. 2 logs copied and pasted below. #4: Junkware Removal Tool: I could not get this to work. I got a message "Non 7-Zip archive" after my first download. When I tried to run the .exe, a black DOS box would open and quickly shut, and nothing happened. I tried to download the file 3 times but got the same vanishing DOS box each time. #5: AdwCleaner: Worked fine - log copied and pasted below #6: ESET Online Scanner: Had to download an extra .exe file to get this to run in Google Chrome because my Internet Explorer is not working for some reason. 30 threats were found, but when I tried to click on the link to export them to a text file, the link did not work. I therefore re-typed the list on the attached ESET Results.txt file. All 30 of the threats were identified as "variant of ___ application," with the 2 exceptions noted in brackets on the ESET Results.txt file (one trojan, one "multiple threats") #7: Farbar Recovery Scan Tool: Worked fine - FRST.txt and Addition.txt are copied and pasted in my next reply ---------------------- #2: Rogue Killer: RK Report.Txt: RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : blakeandjen [Admin rights] Mode : Scan -- Date : 07/17/2013 07:38:30 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤ [V2][ROGUE ST] 4772 : wscript.exe - C:\Users\BLAKEA~1\AppData\Local\Temp\launchie.vbs //B -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD6400BPVT-75HXZT3 +++++ --- User --- [MBR] 766f35feb751050c1141c93f447de2a9 [bSP] dea9defa67a18cc486b8c709b2ee22f0 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 101 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 212992 | Size: 20000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41172992 | Size: 590375 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_07172013_073830.txt >> ------------------------------------- #3: Malwarebytes Anti-Rootkit mbar-log.txt: Malwarebytes Anti-Rootkit BETA 1.06.0.1004 www.malwarebytes.org Database version: v2013.07.17.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16635 blakeandjen :: BLAKEANDJEN-PC [administrator] 7/17/2013 7:41:54 AM mbar-log-2013-07-17 (07-41-54).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P Scan options disabled: PUP Objects scanned: 237484 Time elapsed: 21 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 2 c:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_036\google-sketchup_V.157926468a.exe (Adware.DomaIQ) -> Delete on reboot. c:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_037\google-sketchup_keyword=google sketchup&source=48956-2001.exe (Adware.DomaIQ) -> Delete on reboot. Physical Sectors Detected: 0 (No malicious items detected) (end) -------------------------------- #3: Malwarebytes Anti-Rootkit system-log.txt: --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16635 Java version: 1.6.0_24 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 2.192000 GHz Memory total: 4204969984, free: 2331623424 Downloaded database version: v2013.07.17.04 Downloaded database version: v2013.07.15.01 Initializing... ------------ Kernel report ------------ 07/17/2013 07:41:50 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ctxusbm.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\wmiacpi.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\NETwNs64.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\nusb3xhc.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\Apfiltr.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\iwdbus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\nusb3hub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\system32\DRIVERS\iBtFltCoex.sys \SystemRoot\system32\DRIVERS\btmhsf.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btmaux.sys \SystemRoot\system32\DRIVERS\Sftvollh.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\system32\DRIVERS\Sftfslh.sys \SystemRoot\system32\DRIVERS\Sftplaylh.sys \SystemRoot\System32\DRIVERS\srvnet.sys \??\C:\Windows\system32\Drivers\SSPORT.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\Sftredirlh.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\Drivers\fastfat.SYS \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\monitor.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\advapi32.dll \Windows\System32\msvcrt.dll \Windows\System32\gdi32.dll \Windows\System32\msctf.dll \Windows\System32\wininet.dll \Windows\System32\imm32.dll \Windows\System32\nsi.dll \Windows\System32\rpcrt4.dll \Windows\System32\difxapi.dll \Windows\System32\comdlg32.dll \Windows\System32\clbcatq.dll \Windows\System32\ws2_32.dll \Windows\System32\sechost.dll \Windows\System32\setupapi.dll \Windows\System32\kernel32.dll \Windows\System32\shlwapi.dll \Windows\System32\urlmon.dll \Windows\System32\ole32.dll \Windows\System32\usp10.dll \Windows\System32\psapi.dll \Windows\System32\imagehlp.dll \Windows\System32\shell32.dll \Windows\System32\oleaut32.dll \Windows\System32\lpk.dll \Windows\System32\normaliz.dll \Windows\System32\user32.dll \Windows\System32\Wldap32.dll \Windows\System32\iertutil.dll \Windows\System32\comctl32.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\wintrust.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\devobj.dll \Windows\System32\msasn1.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa80065ff060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa800474b050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Device number: 0, partition: 3 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa80065ff060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80065ffb90, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80065ff060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa800474b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> Device number: 0, partition: 3 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 3 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7F2837E Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 208782 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 212992 Numsec = 40960000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 41172992 Numsec = 1209088688 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 640135028736 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)... Done! Infected: c:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_036\google-sketchup_V.157926468a.exe --> [Adware.DomaIQ] Infected: c:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_037\google-sketchup_keyword=google sketchup&source=48956-2001.exe --> [Adware.DomaIQ] Scan finished Creating System Restore point... Could not create restore point... Cleaning up... Removal scheduling successful. System shutdown needed. System shutdown occurred ======================================= Removal queue found; removal started Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam... Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_212992_i.mbam... Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Removal finished --------------------------------------- Malwarebytes Anti-Rootkit BETA 1.06.0.1004 © Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 10.0.9200.16635 Java version: 1.6.0_24 File system is: NTFS Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED CPU speed: 2.192000 GHz Memory total: 4204969984, free: 2905841664 Initializing... ------------ Kernel report ------------ 07/17/2013 08:08:18 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\WMILIB.SYS \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\iaStor.sys \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\drivers\disk.sys \SystemRoot\system32\drivers\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\drivers\afd.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\DRIVERS\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\DRIVERS\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\ctxusbm.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\wmiacpi.sys \SystemRoot\system32\DRIVERS\igdkmd64.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\DRIVERS\HECIx64.sys \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\HDAudBus.sys \SystemRoot\system32\DRIVERS\NETwNs64.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\nusb3xhc.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\DRIVERS\Rt64win7.sys \SystemRoot\system32\DRIVERS\i8042prt.sys \SystemRoot\system32\DRIVERS\kbdclass.sys \SystemRoot\system32\DRIVERS\Apfiltr.sys \SystemRoot\system32\DRIVERS\mouclass.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\DRIVERS\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\DRIVERS\swenum.sys \SystemRoot\system32\DRIVERS\ks.sys \SystemRoot\system32\DRIVERS\iwdbus.sys \SystemRoot\system32\DRIVERS\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\system32\DRIVERS\nusb3hub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\RTKVHD64.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\DRIVERS\IntcDAud.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\system32\DRIVERS\cdfs.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\system32\DRIVERS\iBtFltCoex.sys \SystemRoot\system32\DRIVERS\btmhsf.sys \SystemRoot\System32\Drivers\BTHUSB.sys \SystemRoot\System32\Drivers\bthport.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_iaStor.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\system32\DRIVERS\rfcomm.sys \SystemRoot\system32\drivers\BthEnum.sys \SystemRoot\system32\DRIVERS\bthpan.sys \SystemRoot\system32\DRIVERS\btmaux.sys \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \??\C:\Windows\system32\drivers\mbam.sys \SystemRoot\system32\DRIVERS\Sftvollh.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\system32\DRIVERS\Sftfslh.sys \SystemRoot\system32\DRIVERS\Sftplaylh.sys \SystemRoot\System32\DRIVERS\srvnet.sys \??\C:\Windows\system32\Drivers\SSPORT.sys \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\system32\DRIVERS\Sftredirlh.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\System32\Drivers\fastfat.SYS \SystemRoot\system32\drivers\spsys.sys \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll \Windows\System32\autochk.exe \Windows\System32\Wldap32.dll \Windows\System32\shell32.dll \Windows\System32\ole32.dll \Windows\System32\sechost.dll \Windows\System32\user32.dll \Windows\System32\urlmon.dll \Windows\System32\usp10.dll \Windows\System32\setupapi.dll \Windows\System32\iertutil.dll \Windows\System32\shlwapi.dll \Windows\System32\lpk.dll \Windows\System32\kernel32.dll \Windows\System32\gdi32.dll \Windows\System32\rpcrt4.dll \Windows\System32\psapi.dll \Windows\System32\clbcatq.dll \Windows\System32\advapi32.dll \Windows\System32\imm32.dll \Windows\System32\comdlg32.dll \Windows\System32\difxapi.dll \Windows\System32\msctf.dll \Windows\System32\msvcrt.dll \Windows\System32\imagehlp.dll \Windows\System32\wininet.dll \Windows\System32\normaliz.dll \Windows\System32\ws2_32.dll \Windows\System32\nsi.dll \Windows\System32\oleaut32.dll \Windows\System32\crypt32.dll \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll \Windows\System32\comctl32.dll \Windows\System32\wintrust.dll \Windows\System32\cfgmgr32.dll \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll \Windows\System32\devobj.dll \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll \Windows\System32\KernelBase.dll \Windows\System32\msasn1.dll ----------- End ----------- Done! <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa80065e1060 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IAAStorageDevice-1\ Lower Device Object: 0xfffffa8004713050 Lower Device Driver Name: \Driver\iaStor\ <<<2>>> Device number: 0, partition: 3 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa80065e1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa80065e1ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa80065e1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004713050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0x0, 0x0, 0x0 Lower DeviceData: 0x0, 0x0, 0x0 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes <<<2>>> Device number: 0, partition: 3 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning drivers directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 3 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7F2837E Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 208782 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 212992 Numsec = 40960000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 41172992 Numsec = 1209088688 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 640135028736 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-1250243728-1250263728)... Done! Scan finished ======================================= Removal queue found; removal started Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam... Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_212992_i.mbam... Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam... Removal finished ----------------------------- #5: AdwCleaner[s1].txt: # AdwCleaner v2.305 - Logfile created 07/17/2013 at 11:08:24 # Updated 11/07/2013 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : blakeandjen - BLAKEANDJEN-PC # Boot Mode : Normal # Running from : C:\Users\blakeandjen\Downloads\AdwCleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files (x86)\BabylonToolbar Deleted on reboot : C:\Program Files (x86)\Conduit Deleted on reboot : C:\Program Files (x86)\Giant Savings Deleted on reboot : C:\Program Files (x86)\SpecialSavings Deleted on reboot : C:\ProgramData\Babylon Deleted on reboot : C:\ProgramData\PC Optimizer Pro Deleted on reboot : C:\ProgramData\Sidekick Manager Deleted on reboot : C:\ProgramData\Tarma Installer Deleted on reboot : C:\Users\BLAKEA~1\AppData\Local\Temp\{f34c9277-6577-4dff-b2d7-7d58092f272f} Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Conduit Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Giant Savings Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kencldgjnaahnmjacapepbaikkkipojm Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kencldgjnaahnmjacapepbaikkkipojm Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kencldgjnaahnmjacapepbaikkkipojm Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kencldgjnaahnmjacapepbaikkkipojm Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Ilivid Deleted on reboot : C:\Users\blakeandjen\AppData\Local\Savings Sidekick Deleted on reboot : C:\Users\blakeandjen\AppData\Local\SwvUpdater Deleted on reboot : C:\Users\blakeandjen\AppData\LocalLow\BabylonToolbar Deleted on reboot : C:\Users\blakeandjen\AppData\LocalLow\Conduit Deleted on reboot : C:\Users\blakeandjen\AppData\LocalLow\PriceGong Deleted on reboot : C:\Users\blakeandjen\AppData\Roaming\Babylon Deleted on reboot : C:\Users\blakeandjen\AppData\Roaming\BabylonToolbar Deleted on reboot : C:\Users\blakeandjen\AppData\Roaming\OpenCandy File Deleted : C:\END ***** [Registry] ***** Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Default Tab Key Deleted : HKCU\Software\Google\Chrome\Extensions\kencldgjnaahnmjacapepbaikkkipojm Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\pc optimizer pro Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3287378 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Default Tab Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kencldgjnaahnmjacapepbaikkkipojm Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Key Deleted : HKLM\SOFTWARE\DataMngr Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Tarma Installer Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16635 -\\ Google Chrome v28.0.1500.72 File : C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted [l.31] : keyword = "search.conduit.com", ************************* AdwCleaner[s1].txt - [7820 octets] - [17/07/2013 11:08:24] ########## EOF - C:\AdwCleaner[s1].txt - [7880 octets] ########## ---------------------------------------------------- #6: ESET results (I created this myself because I could not export results to a text file): C:\$RECYCLE.BIN\S-1-5-21-118250649-317752561-2107411411-1000\$R94KAJD.exe C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe C:\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll C:\Users\All Users\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll C:\Users\blakeandjen\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000414 C:\Users\blakeandjen\AppData\Local\Temp\CReinstall_FLVPlayerSetup (1).exe C:\Users\blakeandjen\AppData\Local\Temp\Main.class [Java/Exploit.CVE-2011-3544.BF trojan] C:\Users\blakeandjen\AppData\Local\Temp\SingAlong.exe C:\Users\blakeandjen\AppData\Local\Temp\YontooSetup-Silent.exe C:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_036\setup__120.exe C:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_036\software\setup__1185.exe C:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_037\setup__120.exe C:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_037\software\Addlyrics.exe C:\Users\blakeandjen\AppData\Local\Temp\DIQM\google-sketchup_037\software\OptimizerPro.exe C:\Users\blakeandjen\AppData\Local\Temp\ibtmpf564504\component_555.decrpt C:\Users\blakeandjen\AppData\Local\Temp\ICReinstall\cnet2_zoo2trial_exe.exe C:\Users\blakeandjen\AppData\Local\Temp\is1598539481\BuzzdockSetup-Silent.exe [multiple threats] C:\Users\blakeandjen\AppData\Local\Temp\is87173921\MyBabylonTB.exe C:\Users\blakeandjen\Downloads\ARO2013_tbt(1).exe C:\Users\blakeandjen\Downloads\ARO2013_tbt.exe C:\Users\blakeandjen\Downloads\cdbxp_setup_4.4.0.2905.exe C:\Users\blakeandjen\Downloads\cnet2_zoo2trial_exe.exe C:\Users\blakeandjen\Downloads\FLVPlayerSetup(1).exe C:\Users\blakeandjen\Downloads\FLVPlayerSetup.exe C:\Users\blakeandjen\Downloads\InternetExplore78and9repairscript32bit_downloader_byFileTrip (1).exe C:\Users\blakeandjen\Downloads\InternetExplore78and9repairscript32bit_downloader_byFileTrip.exe C:\Users\blakeandjen\Downloads\mplayer_tuguu_d1021461(1).exe C:\Users\blakeandjen\Downloads\mplayer_tuguu_d1021461.exe C:\Users\blakeandjen\Downloads\SoftonicDownloader_for_google-sketchup.exe -------------------------------------------
  11. I first noticed my computer was having problems when I couldn't open Internet Explorer (the browser would open and remain blank for a few seconds and then close). I am still able to use Google Chrome. When I went to download the malwarebytes free software, I encountered errors saying there was some sort of Class Registry error and then giving me a couple of Run-time errors. DDS and Attach logs are copied and pasted. Thank you in advance for any help. Blake DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635Run by blakeandjen at 23:20:24 on 2013-07-16Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4010.2116 [GMT -4:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Realtek\Audio\HDA\AERTSr64.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXEC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\rundll32.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\system32\taskeng.exeC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exeC:\Windows\System32\rundll32.exeC:\Program Files (x86)\EasyBloom\EasyBloom.exeC:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exeC:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\DellTPad\HidFind.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreservemWinlogon: Userinit = userinit.exe,BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - <orphaned>BHO: {3049C3E9-B461-4BC5-8870-4C09146192CA} - <orphaned>BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - <orphaned>BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - <orphaned>BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>uRun: [PlantSenseSysAgent] "C:\Program Files (x86)\EasyBloom\EasyBloom.exe"uRun: [AROReminder] <no file>mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2mRun: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exemRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startupmRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - <orphaned>IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>TCP: NameServer = 192.168.1.1 68.238.112.12TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF} : DHCPNameServer = 192.168.1.1 68.238.112.12TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\2416E616E61613F58747 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\2425553454 : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\2427F6F6B63747F6E6567457563747 : DHCPNameServer = 64.89.70.2 64.89.74.2 4.2.2.1TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\2494053475946494 : DHCPNameServer = 4.2.2.1 4.2.2.2TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\34963736F61313337393 : DHCPNameServer = 192.168.1.1 75.75.75.75 75.75.76.76TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\4456C616E65697 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{FD6FF594-D7F9-4B81-8708-9BD24F2EE6CF}\4716D6160777563747 : DHCPNameServer = 192.168.1.1 192.168.1.1Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>SSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromeCLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dllx64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -sx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exex64-Run: [intelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Trayx64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayAppx64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2009-9-8 87600]R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-9-25 98208]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2010-12-14 901184]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2010-12-14 974912]R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-21 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-21 701512]R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-25 1692480]R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-12-9 11576]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-25 2656280]R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2010-12-14 58128]R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2010-12-14 274432]R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-9-25 176096]R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2010-12-14 59904]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-25 317440]R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2011-4-26 25496]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-12-21 25928]R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-9-25 82432]R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-9-25 181760]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-9-25 412264]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2011-3-24 148360]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2010-12-14 1298496]S3 FlyUsb;FLY Fusion;C:\Windows\System32\drivers\FlyUsb.sys [2011-11-12 24576]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-9-25 158976]S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2011-4-26 34200]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-6-16 340240]S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2011-9-25 250984]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-27 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-07-17 02:22:27 -------- d-----w- C:\Users\blakeandjen\AppData\Local\iLivid2013-07-17 00:42:03 -------- d-----w- C:\Program Files (x86)\ARO 20132013-07-16 23:14:40 9460976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F974DE05-D62B-44F1-91D0-AFCF6931FCB3}\mpengine.dll2013-07-13 01:56:11 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll2013-07-13 01:55:49 1643520 ----a-w- C:\Windows\System32\DWrite.dll2013-07-13 01:55:49 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll2013-07-10 11:53:50 4249600 ----a-w- C:\Program Files (x86)\GUT40CD.tmp2013-07-10 11:53:50 -------- d-----w- C:\Program Files (x86)\GUM40CC.tmp.==================== Find3M ====================.2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll2013-06-01 18:21:16 260 ----a-w- C:\Windows\SysWow64\cmdVBS.vbs2013-06-01 18:21:16 256 ----a-w- C:\Windows\SysWow64\MSIevent.bat2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-05-06 11:29:18 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll.============= FINISH: 23:20:40.08 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2Install Date: 11/24/2011 2:53:50 PMSystem Uptime: 7/16/2013 10:39:02 PM (1 hours ago).Motherboard: Dell Inc. | | 0YH79YProcessor: Intel® Core i3-2330M CPU @ 2.20GHz | CPU | 2200/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 577 GiB total, 486.139 GiB free.D: is CDROM (CDFS).==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP164: 6/25/2013 7:32:16 AM - Windows UpdateRP165: 6/28/2013 7:09:41 PM - Windows UpdateRP166: 7/2/2013 7:11:13 AM - Windows UpdateRP167: 7/5/2013 2:58:43 PM - Windows UpdateRP168: 7/12/2013 9:55:52 PM - Windows UpdateRP169: 7/13/2013 6:28:21 AM - Windows UpdateRP170: 7/16/2013 7:13:34 PM - Windows UpdateRP171: 7/16/2013 8:14:08 PM - Restore OperationRP172: 7/16/2013 10:29:59 PM - Windows Modules InstallerRP173: 7/16/2013 10:37:12 PM - Windows Modules Installer.==== Installed Programs ======================.Adobe AIRAdobe Digital Editions 2.0Adobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.1) MUIAdvanced Audio FX EngineARO 2013Banctec Service AgreementBing Rewards Client InstallerCitrix online plug-in - webCitrix online plug-in (DV)Citrix online plug-in (HDX)Citrix online plug-in (USB)Citrix online plug-in (Web)Complete Care Business Service AgreementD3DX10Dell DataSafe Local BackupDell DataSafe Local Backup - Support SoftwareDell Digital DeliveryDell Edoc ViewerDell TouchpadDell VideoStage Dell Webcam CentralEasyBloom CompanioneBayFASTT MathFile UploaderGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperH&R Block Basic + Efile 2011H&R Block Basic + Efile 2012Intel PROSet WirelessIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® PROSet/Wireless Software for Bluetooth® TechnologyIntel® PROSet/Wireless WiFi SoftwareIntel® WiDiIntel® Wireless DisplayJava Auto UpdaterJava 6 Update 24Java 6 Update 24 (64-bit)Junk Mail filter updateMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Office 2010Microsoft Office Click-to-Run 2010Microsoft Office Starter 2010 - EnglishMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161MSVCRTMSVCRT_amd64Nikon Message CenterNikon TransferPicture Control UtilityRealtek High Definition Audio DriverSamsung ML-1740 SeriesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Extended (KB2416472)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)SketchUp 8Skype ToolbarsSkype™ 5.10Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2473228)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update Installer for WildTangent Games AppViewNXWindows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZinio Reader 4Zoo Tycoon 2 - Zookeeper CollectionZoo Tycoon2 - Marine Mania Demo.==== Event Viewer Messages From Past Week ========.7/16/2013 9:25:32 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\Volume{93eb1377-e766-11e0-9583-806e6f6e6963}\System Volume Information\SystemRestore\New-software' was corrupted and it has been recovered. Some data might have been lost.7/16/2013 9:25:05 PM, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).7/16/2013 9:25:05 PM, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.7/16/2013 9:25:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}7/16/2013 9:01:22 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: %%-21470248827/16/2013 9:00:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}7/16/2013 8:59:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}7/16/2013 8:59:34 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}7/16/2013 8:59:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}7/16/2013 8:59:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}7/16/2013 8:59:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}7/16/2013 8:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}7/16/2013 8:59:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.7/16/2013 8:59:13 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start.7/16/2013 10:41:36 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.7/16/2013 10:41:36 PM, Error: Service Control Manager [7000] - The Dell Digital Delivery Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.7/16/2013 10:39:20 PM, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.7/14/2013 3:28:07 PM, Error: Service Control Manager [7034] - The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).7/14/2013 3:26:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service..==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.