c5family

Followed the instructions as requested and all is well. However I have over 70,000 setting files that are McAfee Setting files. I found them when I did a search for McAfee of the C: It seems that there are 69 files that repeat over and over and over again. I do not have McAfee as my antivirus. I use Kaspersky. Can I delete these?

I deleted both Smart Fortress and Spy Hunter from the ALL PROGRAMS drop down menu and rebooted the computer. They are gone! Thank you! I have two questions... My desktop is taking much longer tha usual to populate which began when the system restore thing happened. Also, I mentioned that there are well over 70000 McAfee setting files that are the same 69 files repeating over and over. How and why are they here and can these be deleted? Thanks again.

Ran Kaspersky Virus Removal Tool in Safe Mode. It scanned 1275615 objects and detected no threats. When I turn the computer back on it ran again in regular mode. It scanned 1303353 objects and again detected no threats. Smart Fortress 2012 and Spy Hunter is still on the ALL PROGRAMS list. Please advise next steps. Thank you.

Forgot to add that the repair process gave this report: Problem signature Problem Event Name StartUp Repair Offline Problem signature 01 6.1.7600.16385 Problem signature 02 6.1.7600.16385 Problem signature 03 unknown Problem signature 04 21200480 Problem signature 05 AutoFailover Problem signature 06 2 Problem signature 07 0X50 OS Version 6.1.7601.2.1.0.2561 LocaleID 1033 Thank you

My attempt at using the Kaspersky Virus Removal Tool was a huge failure. I downloaded it to the desktop and clicked on it. It tried to install but then i got the Blue Screen. It restored the system to a restore point. I am afraid to try again without confirmation that that is what I should do. Please advise.

Please see ESETScan report C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined C:\Users\Irene\Downloads\Avery Wizard 4.01 - US 20111209.exe a variant of Win32/Bundled.Toolbar.Ask application deleted - quarantined Please advise next steps. Thank you

Please see below for Combofix report. My son tried to x-out and it ran the program. As far as I know there were no ill effects. Smart Hunter still on All Programs and I am wondering about the 70,000 plus McAfee setting files. Thank you for your help ComboFix 13-10-15.02 - Irene 10/17/2013 21:10:52.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8106.5032 [GMT -5:00] Running from: c:\users\Irene\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\PCDr\6308\AddOnDownloaded\0779eca6-695c-444d-8ef3-6621f5a112ee.dll c:\programdata\PCDr\6308\AddOnDownloaded\244ec244-34e7-4b04-85aa-c16ea08f2533.dll c:\programdata\PCDr\6308\AddOnDownloaded\394b144a-f70e-44ff-a1ce-7fed69d15b12.dll c:\programdata\PCDr\6308\AddOnDownloaded\3cc3b539-b998-4728-8055-1201221a38d4.dll c:\programdata\PCDr\6308\AddOnDownloaded\3df85ce4-1732-4e9b-9fee-111cf95d7191.dll c:\programdata\PCDr\6308\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll c:\programdata\PCDr\6308\AddOnDownloaded\5ec8c7eb-8ac7-4252-bb47-87f22e27e4a9.dll c:\programdata\PCDr\6308\AddOnDownloaded\646d4422-eb1f-4e32-8b16-f32fc711fbc0.dll c:\programdata\PCDr\6308\AddOnDownloaded\751275e0-9b7c-49a7-b6d8-eaf73a4eac58.dll c:\programdata\PCDr\6308\AddOnDownloaded\7ec00d71-b236-42d5-b7d2-aab97a4a1f3d.dll c:\programdata\PCDr\6308\AddOnDownloaded\8658165e-a29d-4eca-a939-35aff3e05f62.dll c:\programdata\PCDr\6308\AddOnDownloaded\a7c185b3-39a9-4aaf-9506-7726c68d6350.dll c:\programdata\PCDr\6308\AddOnDownloaded\aa7c4756-0f94-474f-8589-eb1b0e71c93b.dll c:\programdata\PCDr\6308\AddOnDownloaded\ad245130-e9e2-4a7e-8912-a540560daf66.dll c:\programdata\PCDr\6308\AddOnDownloaded\b96b7bbd-964e-47f1-9323-f48f460042bf.dll c:\programdata\PCDr\6308\AddOnDownloaded\be543d7a-9241-474e-9567-a20b994760c0.dll c:\programdata\PCDr\6308\AddOnDownloaded\c0c54ea3-e58e-438a-9c4c-778b0979180a.dll c:\programdata\PCDr\6308\AddOnDownloaded\f12de547-df4d-4236-9129-baac054f90ab.dll c:\programdata\PCDr\6308\AddOnDownloaded\f39d056b-fbf9-40c5-806d-7d93eacdc251.dll c:\programdata\Roaming c:\users\Irene\AppData\Local\assembly\tmp . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_UniversalCommunicationServer . . ((((((((((((((((((((((((( Files Created from 2013-09-18 to 2013-10-18 ))))))))))))))))))))))))))))))) . . 2013-10-15 04:36 . 2013-10-15 04:38 -------- d-----w- C:\AdwCleaner 2013-10-15 04:18 . 2013-10-15 04:18 -------- d-----w- c:\windows\ERUNT 2013-10-15 02:38 . 2013-10-15 02:38 -------- d-----w- C:\Acordex 2013-10-13 03:30 . 2013-10-13 03:30 -------- d-----w- c:\programdata\Rosetta Stone Backups 2013-10-13 03:30 . 2013-10-13 03:30 -------- d-----w- c:\programdata\RosettaStoneLtdServices 2013-10-13 03:30 . 2013-10-13 03:30 -------- d-----w- c:\program files (x86)\RosettaStoneLtdServices 2013-10-10 04:23 . 2013-10-10 04:23 -------- d-----w- c:\users\Irene\AppData\Roaming\MSNInstaller 2013-09-21 21:25 . 2013-09-21 21:25 -------- d-----w- c:\users\Irene\AppData\Local\4183E8D2-AA67-418B-AEFF-F6DD465DD1C7.aplzod 2013-09-20 22:13 . 2013-09-20 22:13 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 22:13 . 2013-09-20 22:13 -------- d-----w- c:\program files\iTunes 2013-09-20 22:13 . 2013-09-20 22:13 -------- d-----w- c:\program files (x86)\iTunes 2013-09-20 22:13 . 2013-09-20 22:13 -------- d-----w- c:\program files\iPod 2013-09-20 22:07 . 2013-09-20 22:07 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2013-09-20 22:07 . 2013-09-20 22:07 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2013-09-20 22:07 . 2013-09-20 22:07 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2013-09-20 22:07 . 2013-09-20 22:07 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2013-09-20 22:07 . 2013-09-20 22:07 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll 2013-09-20 22:07 . 2013-09-20 22:07 -------- d-----w- c:\program files (x86)\QuickTime . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-12 22:19 . 2012-10-25 23:23 626272 ----a-w- c:\windows\system32\drivers\klif.sys 2013-10-12 22:19 . 2012-10-25 23:23 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2013-10-12 22:19 . 2012-10-25 23:23 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys 2013-10-12 22:19 . 2012-06-19 23:28 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys 2013-10-09 21:57 . 2012-04-08 15:48 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-09 21:57 . 2011-08-05 14:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-10-21 39408] "DymoQuickPrint"="c:\program files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" [2011-01-28 1825360] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024] "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-09-14 59720] "ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720] "AppleIEDAV"="c:\program files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe" [2013-09-04 1315144] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "WD_SRT"="c:\program files (x86)\Western Digital Technologies\WD Win98 SE USB Disk Driver" [X] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562] "Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048] "lxdimon.exe"="c:\program files (x86) (x86)\Lexmark 3500-4500 Series\lxdimon.exe" [2009-04-27 434856] "lxdiamon"="c:\program files (x86) (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" [2009-04-27 25256] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720] "AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048] "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2013-10-12 356128] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "ControlCenter4"="c:\program files (x86)\ControlCenter4\BrCcBoot.exe" [2010-10-28 139264] "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440] "CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2012-09-27 1279120] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-18 152392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616] "Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2011-08-01 165184] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024] . c:\users\Irene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel® Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/06/11 12:11;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x] R3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys;c:\windows\SYSNATIVE\DRIVERS\bthprint.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x] R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\drivers\nvstusb.sys;c:\windows\SYSNATIVE\drivers\nvstusb.sys [x] R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x] R3 WINFLASH64;WINFLASH64;c:\users\Irene\AppData\Local\Temp\WinFlash\WinFlash64.sys;c:\users\Irene\AppData\Local\Temp\WinFlash\WinFlash64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x] S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x] S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x] S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x] S2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 nlsx86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x] S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x] S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys;c:\windows\SYSNATIVE\DRIVERS\Accelern.sys [x] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x] S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x] S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x] S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x] S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys;c:\windows\SYSNATIVE\DRIVERS\qicflt.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_9EC60124 . Contents of the 'Scheduled Tasks' folder . 2013-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 21:57] . 2013-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-22 20:49] . 2013-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-06-22 20:49] . 2013-10-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124068646-2454299991-3112993485-1001Core.job - c:\users\Irene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 23:38] . 2013-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-124068646-2454299991-3112993485-1001UA.job - c:\users\Irene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 23:38] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2011-02-18 6611048] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2011-02-18 312936] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-12 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-12 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-12 418840] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] "DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 FF - ProfilePath - c:\users\Irene\AppData\Roaming\Mozilla\Firefox\Profiles\dtjfdneq.default\ . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) Toolbar-Locked - (no file) Toolbar-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\BFE] "ImagePath"="." . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\MpsSvc] "ImagePath"="." . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe . ************************************************************************** . Completion time: 2013-10-17 21:24:30 - machine was rebooted ComboFix-quarantined-files.txt 2013-10-18 02:24 . Pre-Run: 389,004,898,304 bytes free Post-Run: 389,078,908,928 bytes free . - - End Of File - - 7913584600651EEE7ED79CD77AAA018A

Those setting files... Got to over 70,000 items! Still looking at the ComboFix warning. Please advise soonest!!!

YIKES! I turned off Kaspersky to run ComboFix. ComboFix says that McAfee Anti-virus and mcAfee Anti-Spyware is active but I removed this when I installed Kaspersky. It does not appear as a shortcut on my desktop, in All Programs or in the control panel under Add/remove programs. I ran a search in All Programs and it found nothing. I ran a search of OS (C:) and it came up up 69 files that appear over and over and over again for a total of over 21,321 items (search still running as I type this) None are application or .exe files. Three are folders- McAfee Vaults (empty); McAfee Anti-Theft (vault info 50 bytes); and McAfee (mclogs 121 bytes). The others are settings files such as mcafee_ssp_30250 and mcafee_siteadv2008 and mcafeevs_ent80patch10. Given the warnings from ComboFix I tried to x-out of ComboFix but when I did it said the scanners are active but ComboFix shall continue to run...at my own risk. It has only an 'OK' button and I'm afraid to click the X out button. I am sending this via my iPad as I'm afraid to touch my computer. Please advise!

I noticed that Smart Fortress is still there when I click on the window icon and go to ALL PROGRAMS.

I was flipping through some of the other people that you have helped and noticed that you told them to continue through steps so I did too. Here are the txt files: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.4 (10.06.2013:1) OS: Windows 7 Professional x64 Ran by Irene on Mon 10/14/2013 at 23:18:56.98 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettings Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-124068646-2454299991-3112993485-1001\Software\Wajam Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\solid savings Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\utorrentcontrol2 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\wajam Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajam_install_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\wajamupdater_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskSLib_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\Irene\appdata\local\conduit" Successfully deleted: [Folder] "C:\Users\Irene\appdata\local\swvupdater" Successfully deleted: [Folder] "C:\Users\Irene\appdata\locallow\conduit" Successfully deleted: [Folder] "C:\Users\Irene\appdata\locallow\utorrentcontrol2" Successfully deleted: [Folder] "C:\Program Files (x86)\conduit" Successfully deleted: [Folder] "C:\Program Files (x86)\utorrentcontrol2" Successfully deleted: [Folder] "C:\Users\Irene\AppData\Roaming\microsoft\windows\start menu\programs\wajam" Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{0090CD2B-1170-4430-9F1F-5E0D7B42B23B} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{014CBD68-AD64-4521-9BF1-05C88BB35D04} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{028503C8-455D-4902-A82F-5AE29AA547CF} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{058393EA-7B57-4889-89D0-7AF327B7DB64} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{072CDAEE-8F02-4D21-92F9-63FB5E644EAC} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{0811AA6A-A68A-4992-B93D-A3FD2B42C6FF} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{0DD3F4C8-AA1C-47C7-A13E-56A6E6E22977} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{11286E64-74B8-48DC-93F8-4B1166137DD0} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{14872508-9B3C-47AE-8C05-723871CD3C7E} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{14A5FA91-543E-4E11-94C8-416B7E1F0B60} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{15DE1714-8A6F-429F-8D75-D2589700DD85} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{192695C3-AE92-4517-8E0A-D3B055649ABA} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{1B08A0EC-8CA8-45A3-8EBE-2581F4F3BF68} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{1B9FE318-5C53-456D-8CF8-095BBD40B2EE} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{1D25B8D7-13B1-401F-9A67-FFB0BFA1CA40} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{1F8935B0-511C-4655-BBDB-271BC4540A70} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{248A8CD4-512A-41B3-9FBC-F3AD163C4C69} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{26ECF0EF-C5D8-4F4A-85AD-0AA6C6E927DE} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{2EBB84B8-FD19-4DF9-9A7D-62BD16004B9B} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{3935A1C6-0613-4F78-91FE-E3E16D38CFB1} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{396CB702-6CA6-4EF0-ABC4-7AEE4F519C7B} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{3ACB634E-8877-4CDD-A57B-4E70114AB9BC} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{3B1B101C-2170-417C-9979-9FF72E35B163} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{3D37E4AA-361E-4713-B71C-E61E3FD1FB84} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{3DD75980-7C0D-481A-B1C9-11CD9B1B9434} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{44438602-B848-4B1B-A026-27276C836E64} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{456CFA70-1FCF-4A63-9ACB-963975CFD4C7} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{4C31977D-A3ED-493C-9FDE-EF0C21536C18} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{506F4D59-29BB-47B5-B9A4-ED297F3E30FA} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{550DA559-29C2-4D23-B858-33A2FF8EAAFB} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{56959BF5-12C2-4ADD-8352-092396EA411F} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{57AF57A0-EAD7-4DA2-AA2C-170BA1922CDB} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{58157102-6262-431F-889E-A94D439D6CBB} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{58C1E8CD-4BA7-42A1-9A31-D584F423E4A5} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{58EEE835-7D13-422B-B039-A43EA5EA19EB} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{5A508291-E068-40EE-9088-8DD39C7E8E4E} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{5A82EBE9-DF1F-46EA-A90C-2A705F2978C7} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{5FC044C9-5ED4-4DC3-B6CD-CDB791A9711F} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{603A64B1-9E98-4F18-8CBB-9346FDB3D518} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{61BD0CC1-2426-49D8-BCA9-0091E03A6745} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{62307DB5-F323-4CE2-A831-3543F8598E42} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{68F0D982-B9A1-4C14-9D20-028C5153DA30} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{6E28137B-BF3C-4AFD-B2E0-585CA77DC525} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{6F00211A-9223-4DF7-B470-D2353440137B} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7844889E-EDB3-4714-B852-1A0D08C328B7} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7886A385-B0CF-4555-9C22-72727632409C} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7940F52A-1D6D-45F9-86A5-5E89B4D044C7} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7A00FD49-50EF-4CFB-80DF-40461FC5B277} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7B448ED1-258A-49DC-B3D7-9A7F337B3B3F} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7DFB37A2-B759-4357-B26D-B089C1E36FD7} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{7E305D57-A587-4DCA-8E3B-053BB0A84666} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{82FAFEC7-2585-4F81-8B0F-7EFD4A467483} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{85F08BBE-B178-4412-8F5E-A2979427D60A} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{920E634B-45F1-4AD5-8AE8-F6ADECC1941B} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{986F95C6-6C8E-45F8-8BDD-0F2D8894BD55} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{9ACC83C4-1C88-43A5-BFA2-A95FEC372A5F} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{9E460C5E-90F6-4134-8FF3-937E57B0A8FA} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{AABA7623-7A18-4C03-B489-6DEB75350772} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{B387E307-CB52-407C-8C28-2824E2E539C2} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{B5D26A8A-582B-42F1-A717-DA26FCFAD743} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{BC74CC46-6283-4D23-89AB-ED522872709C} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{C063A887-F161-4694-BA0D-5781BFDB21D1} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{C0C4F03B-7333-4A56-9DFB-6D4128259B69} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{C49EC07C-7A91-4342-890C-42346C511601} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{C7ABE86B-517D-4BD2-8070-5D1EA5941D43} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{C844B339-4A42-43A6-AE44-B3B816729130} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{CBF8D46D-1CF9-49E0-93BD-9CDE1D30DDDE} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{CDE4CB02-DB3F-40A4-BF0E-D245D26C6D42} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{D5C7EFA9-6D11-4C99-BA3D-AD9F0D94B780} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{D80A63A0-FD91-4A2E-B7AB-CC7B7C627462} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{DAACAA0A-5237-4064-BB00-2762E5401083} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{DB2378F2-E015-4676-9A86-0732569308BA} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{DDDAF4D9-04AE-45DC-BE7E-F5B9656DDC0A} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{EBBEEEE4-F70A-469B-B545-84B14B7FA3C3} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{F1557EFC-AA2C-4F51-8C1E-4DFE5E915BFB} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{F1F3ACAA-E31D-4126-A5C9-19C92A4AFCAC} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{F29A0311-08CF-4BA0-8E33-F4C2815F0646} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{F7F4F38F-12E6-40DA-98B8-D5680F2FDED8} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{F95B7F6C-F562-42CD-AD7F-6A212D71B044} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{FB493A29-4E6F-464E-AC66-F6136709C832} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{FBFC616D-B1CB-4230-B908-0246D672D0F5} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{FEBF45F8-1101-48B5-94BF-411FC4850B6C} Successfully deleted: [Empty Folder] C:\Users\Irene\appdata\local\{FF172B51-51FB-4195-9B64-984FACD6DEEC} Successfully deleted: [Folder] "C:\ProgramData\ask" ~~~ FireFox Successfully deleted: [File] C:\Users\Irene\AppData\Roaming\mozilla\firefox\profiles\dtjfdneq.default\user.js Successfully deleted: [File] C:\Users\Irene\AppData\Roaming\mozilla\firefox\profiles\dtjfdneq.default\searchplugins\askcom.xml Successfully deleted: [Folder] C:\Users\Irene\AppData\Roaming\mozilla\firefox\profiles\dtjfdneq.default\extensions\9518042e-7ad6-4dac-b377-056e28d00c8f@f1cc0a13-4df1-4d66-938f-088db8838882.com Successfully deleted the following from C:\Users\Irene\AppData\Roaming\mozilla\firefox\profiles\dtjfdneq.default\prefs.js user_pref("extensions.crossriderapp26278.adsOldValue", -1); user_pref("extensions.wajam.affiliate_id", "3224"); user_pref("extensions.wajam.firstrun", "false"); user_pref("extensions.wajam.log_send_info", "false"); user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\ user_pref("extensions.wajam.no_trace", "false"); user_pref("extensions.wajam.server_current_mapping_version", "0.21087"); user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_ user_pref("extensions.wajam.trace_log", "1375035371073 - onFlagInfoReceived - Unique ID saved\n"); user_pref("extensions.wajam.unique_id", "4F09BF84A47A629F2B6AD740A03A0D80"); user_pref("extensions.wajam.user_current_mapping_version", "0"); user_pref("extensions.wajam.version", "1.26"); Emptied folder: C:\Users\Irene\AppData\Roaming\mozilla\firefox\profiles\dtjfdneq.default\minidumps [1 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 10/14/2013 at 23:27:54.56 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v3.007 - Report created 14/10/2013 at 23:38:19 # Updated 09/10/2013 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : Irene - HOME-LAPTOP # Running from : C:\Users\Irene\Downloads\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Irene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo File Deleted : C:\Users\Irene\AppData\Local\Temp\Uninstall.exe ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16421 -\\ Mozilla Firefox v16.0.2 (en-US) [ File : C:\Users\Irene\AppData\Roaming\Mozilla\Firefox\Profiles\dtjfdneq.default\prefs.js ] Line Deleted : user_pref("browser.search.order.1", "Ask.com"); Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com"); Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...] Line Deleted : user_pref("extensions.wajam.supported_sites.ask.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['WA[...] Line Deleted : user_pref("extensions.wajam.trace_log", "1375035371073 - onFlagInfoReceived - Unique ID saved\n"); -\\ Google Chrome v [ File : C:\Users\Irene\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : icon_url Deleted : search_url Deleted : suggest_url Deleted : keyword ************************* AdwCleaner[R0].txt - [2867 octets] - [14/10/2013 23:36:58] AdwCleaner[s0].txt - [2662 octets] - [14/10/2013 23:38:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2722 octets] ########## Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.15.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Irene :: HOME-LAPTOP [administrator] Protection: Enabled 10/14/2013 11:54:43 PM mbam-log-2013-10-14 (23-54-43).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 230968 Time elapsed: 2 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end I really appreciate your help and await further instruction. Thank you

Stuck on the first step! I tried to unistall the application but nothing happens when I click "Unistall/Change" Please advise. Thank you

Help! I have Kaspersky antivirus AND Pro Malwarebytes but somehow I have these three programs on my computer. I have no idea how they got on here but I do have kids so who knows what they have done! In any case I have followed the instructions in "I'm Infected" and have the following reports. Your help is GREATLY appreciated! Also, please note that my computer skills lay somewhere just below NOVICE so be gentle! Thank you! DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Irene at 0:39:37 on 2013-10-14 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8106.4905 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\SysWOW64\nlssrv32.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86) (x86)\Lexmark 3500-4500 Series\lxdiamon.exe C:\Program Files (x86)\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.exe C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe C:\Program Files (x86)\Browny02\BrYNSvc.exe C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> uURLSearchHooks: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - <orphaned> mURLSearchHooks: {687578b9-7132-4a7a-80e4-30ee31099e03} - <orphaned> mWinlogon: Userinit = userinit.exe, BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned> BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> EB: <No Name>: {555D4D79-4BD2-4094-A395-CFC534424A05} - LocalServer32 - <no file> uRun: [Google Update] "C:\Users\Irene\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [DymoQuickPrint] "C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe" /startup uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun: [lxdimon.exe] "C:\Program Files (x86) (x86)\Lexmark 3500-4500 Series\lxdimon.exe" mRun: [lxdiamon] "C:\Program Files (x86) (x86)\Lexmark 3500-4500 Series\lxdiamon.exe" mRun: [WD_SRT] "C:\Program Files (x86)\Western Digital Technologies\WD Win98 SE USB Disk Driver, v1.00.09\WD_SRT.EXE" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe dRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun StartupFolder: C:\Users\Irene\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe uPolicies-Explorer: HideSCAHealth = dword:1 mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll TCP: NameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0} : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0}\2375942554431393 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0}\2456967656341647 : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0}\24574736860223E243 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0}\4474836303144323 : DHCPNameServer = 209.18.47.61 209.18.47.62 TCP: Interfaces\{8524E17C-B40F-48D6-ADE8-053DB4E623E0}\7457563747 : DHCPNameServer = 8.8.8.8 8.8.4.4 TCP: Interfaces\{D7D7D5F0-5B20-4FC4-8DED-392289992740} : DHCPNameServer = 209.18.47.61 209.18.47.62 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned> Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned> Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned> Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned> x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 x64-Run: [NVHotkey] rundll32.exe C:\Windows\System32\nvHotkey.dll,Start x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe x64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp x64-Run: [intelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [intelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned> x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned> x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned> x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\822\G2AWinLogon_x64.dll x64-Notify: igfxcui - igfxdev.dll x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Irene\AppData\Roaming\Mozilla\Firefox\Profiles\dtjfdneq.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Irene\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll FF - plugin: C:\Users\Irene\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\Irene\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Users\Irene\AppData\Roaming\Mozilla\plugins\npo1d.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - BRI/1 . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2011-6-11 25960] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-6-11 21616] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 28504] R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2012-6-8 54368] R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2012-8-13 178448] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-11 98208] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-8-17 356128] R2 DymoPnpService;DYMO PnP Service;C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-1-28 32336] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-28 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-28 701512] R2 nlsx86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2013-8-19 71280] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-6-11 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-2-18 378472] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120] R2 UniversalCommunicationServer;Universal Communication Server;C:\Program Files (x86)\BERNINA\UCS\UniversalCommunicationServer.exe [2013-8-4 90112] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-11 2656280] R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-6-11 27760] R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-1-13 245760] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2011-1-24 58128] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2011-11-15 327168] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-6-11 175168] R3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2011-12-9 60416] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-6-11 317440] R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2012-10-25 29280] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2012-10-25 29280] R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-28 25928] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-11 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-11 181760] R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-6-11 29288] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-11 412264] R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/06/11 12:11:35;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] S3 BTHprint;Microsoft Bluetooth Printer Class;C:\Windows\System32\drivers\BTHPRINT.SYS [2009-7-13 67072] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2011-3-2 13088] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-6-11 158976] S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-6-11 172632] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\System32\drivers\nvstusb.sys [2011-6-11 121960] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136] S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-19 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-10-14 01:12:47 -------- d-----w- C:\Users\Irene\AppData\Local\{68F0D982-B9A1-4C14-9D20-028C5153DA30} 2013-10-13 03:30:32 -------- d-----w- C:\ProgramData\Rosetta Stone Backups 2013-10-13 03:30:17 -------- d-----w- C:\ProgramData\RosettaStoneLtdServices 2013-10-13 03:30:17 -------- d-----w- C:\Program Files (x86)\RosettaStoneLtdServices 2013-10-10 04:23:12 -------- d-----w- C:\Users\Irene\AppData\Roaming\MSNInstaller 2013-09-21 21:25:34 -------- d-----w- C:\Users\Irene\AppData\Local\4183E8D2-AA67-418B-AEFF-F6DD465DD1C7.aplzod 2013-09-20 22:13:01 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-20 22:13:01 -------- d-----w- C:\Program Files\iTunes 2013-09-20 22:13:01 -------- d-----w- C:\Program Files\iPod 2013-09-20 22:13:01 -------- d-----w- C:\Program Files (x86)\iTunes 2013-09-20 22:07:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll 2013-09-20 22:07:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll 2013-09-20 22:07:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll 2013-09-20 22:07:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll 2013-09-20 22:07:14 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll . ==================== Find3M ==================== . 2013-10-12 22:19:37 29280 ----a-w- C:\Windows\System32\drivers\klmouflt.sys 2013-10-12 22:19:37 29280 ----a-w- C:\Windows\System32\drivers\klkbdflt.sys 2013-10-12 22:19:32 7717984 ----a-w- C:\Windows\System32\drivers\kl1.sys 2013-10-09 21:57:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-09 21:57:19 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 0:40:08.15 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume2 Install Date: 6/18/2011 10:55:26 AM System Uptime: 10/13/2013 5:48:45 PM (7 hours ago) . Motherboard: Dell Inc. | | 0XN71K Processor: Intel® Core i7-2630QM CPU @ 2.00GHz | CPU | 2001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 451 GiB total, 358.212 GiB free. D: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . ==== System Restore Points =================== . RP158: 8/23/2013 7:04:08 PM - Scheduled Checkpoint RP159: 9/30/2013 6:42:27 PM - Scheduled Checkpoint RP160: 10/12/2013 10:28:42 PM - Removed Rosetta Stone TOTALe RP161: 10/12/2013 10:29:48 PM - Removed Rosetta Stone TOTALe RP162: 10/12/2013 10:29:58 PM - Installed Rosetta Stone Ltd Services RP163: 10/12/2013 10:30:21 PM - Installed Rosetta Stone TOTALe . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer AccelerometerP11 Adobe AIR Adobe Community Help Adobe Content Viewer Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.8) MUI Advanced Audio FX Engine Apple Application Support Apple Mobile Device Support Apple Software Update BERNINA ART Design BERNINA ART Design 1.0J BERNINA Universal Communication Server Bing Bar Bing Bar Platform Bing Rewards Client Installer Bonjour bpd_scan Brother MFL-Pro Suite MFC-J6710DW Canon IJ Scan Utility Canon MX920 series MP Drivers Canon MX920 series On-screen Manual Canon MX920 series User Registration Canon My Printer Canon Quick Menu Canon Speed Dial Utility CCleaner Consumer In-Home Service Agreement Cozi CyberLink PowerDVD 9.6 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Edoc Viewer Dell Getting Started Guide Dell MusicStage Dell PhotoStage Dell Stage Dell VideoStage Dell Webcam Central DYMO Label v.8 eBay Epson Copy Utility 3.5 EPSON Perf V700-V750 Guide EPSON Scan EQ6 eReg GMATPrep Google Earth Plug-in Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper GoToAssist Corporate HP Officejet Pro 8500 A910 Basic Device Software HP Officejet Pro 8500 A910 Help HP Product Detection HP Update I.R.I.S. OCR iCloud Intel PROSet Wireless Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® PROSet/Wireless Software for Bluetooth® Technology Intel® PROSet/Wireless WiFi Software Intel® Turbo Boost Technology Monitor 2.0 Internet Explorer Internet Explorer (Enable DEP) iTunes Java 7 Update 17 Java Auto Updater Java 6 Update 24 (64-bit) Java 6 Update 29 JavaFX 2.1.1 Junk Mail filter update Kaspersky Internet Security 2013 Logitech SetPoint 6.32 Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Default Manager Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 16.0.2 (x86 en-US) Mozilla Maintenance Service MSN MSVCRT MSVCRT_amd64 MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB973685) My Dell NVIDIA 3D Vision Driver 267.21 NVIDIA Control Panel 267.21 NVIDIA Graphics Driver 267.21 NVIDIA Install Application NVIDIA Optimus 1.0.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update Components Quickset64 QuickTime Realtek High Definition Audio Driver Rosetta Stone Ltd Services Rosetta Stone TOTALe Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition SES Driver Skype™ 6.3 Smart Fortress 2012 Synaptics Pointing Device Driver Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition uTorrentControl2 Toolbar Visual Studio 2008 x64 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) WD Win98 SE USB Disk Driver, v1.00.09 Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (01/19/2011 1.0.0009.0) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zero Assumption Recovery Version 9 . ==== Event Viewer Messages From Past Week ======== . 10/9/2013 4:43:56 PM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s). 10/7/2013 12:32:49 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user Home-Laptop\Irene SID (S-1-5-21-124068646-2454299991-3112993485-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/7/2013 12:32:49 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user Home-Laptop\Irene SID (S-1-5-21-124068646-2454299991-3112993485-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/13/2013 11:30:08 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/13/2013 11:29:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 10/13/2013 11:29:28 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 10/13/2013 11:28:36 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: luafv 10/13/2013 11:28:21 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 10/13/2013 11:28:19 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 10/13/2013 11:28:15 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 10/12/2013 10:30:19 PM, Error: Service Control Manager [7030] - The RosettaStoneDaemon service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. . ==== End Of File ===========================