Jump to content

johnstecchino

Members
 View Profile  See their activity

  • Posts

    15

  • Joined

  • Last visited

Reputation

0 Neutral
  1. johnstecchino
    Thank you so much, Mr. Charlie. I've taken the steps you recommended and I believe you can consider this issue resolved.
  2. johnstecchino

    You've been an absolutely fantastic help to me, and I can see I'm far from the only one. Thank you.

  3. johnstecchino
    Security Check log: Results of screen317's Security Check version 0.99.81 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG AntiVirus 2014 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Google Chrome 33.0.1750.146 Google Chrome 33.0.1750.154 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
  4. johnstecchino
    FRST64 logfile after running with fixlist.txt: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by Becky at 2014-03-25 14:48:45 Run:1 Running from C:\Users\Becky\Desktop\Antimalware Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] - [X] Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Task: {063583E5-72AE-43EF-9720-39378710F55A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation) Task: {D9F142B7-BB33-4FCD-9855-E2007DF562CE} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-03] (Symantec Corporation) Task: {E328A84B-04B4-4C9A-825A-28A0D6A3C6E0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation) ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully. HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=euc-jp => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=ISO-8859-1 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS936 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS949 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=MS950 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF-8 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica; charset=UTF8 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=euc-jp => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=ISO-8859-1 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS936 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS949 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=MS950 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF-8 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\application/x-ica;charset=UTF8 => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKCR\PROTOCOLS\Filter\ica => Key deleted successfully. HKCR\CLSID\{CFB6322E-CC85-4d1b-82C7-893888A236BC} => Key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{063583E5-72AE-43EF-9720-39378710F55A} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{063583E5-72AE-43EF-9720-39378710F55A} => Key deleted successfully. C:\Windows\System32\Tasks\Norton Internet Security\Norton Error Analyzer => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Analyzer => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9F142B7-BB33-4FCD-9855-E2007DF562CE} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9F142B7-BB33-4FCD-9855-E2007DF562CE} => Key deleted successfully. C:\Windows\System32\Tasks\Norton Internet Security\Norton Error Processor => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Internet Security\Norton Error Processor => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E328A84B-04B4-4C9A-825A-28A0D6A3C6E0} => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E328A84B-04B4-4C9A-825A-28A0D6A3C6E0} => Key deleted successfully. C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration => Key deleted successfully. ==== End of Fixlog ====
  5. johnstecchino
    It came preinstalled on this computer, which is primarily used by my wife.
  6. johnstecchino
    Lastly, the 2 logs from FAST64, attached as they are indeed rather large. FRST.txt Addition.txt
  7. johnstecchino
    Repeat Malwarebytes log, per your instructions: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.03.25.04 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16521Becky :: BECKY-HPDESKTOP [administrator] 3/25/2014 1:08:02 PMmbam-log-2014-03-25 (13-08-02).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 216847Time elapsed: 3 minute(s), 18 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 1C:\Users\Becky\AppData\Local\Temp\is357113909\33329073_stp\HomePageDLL.dll (PUP.Optional.Installcore) -> Quarantined and deleted successfully. (end)
  8. johnstecchino
    From JRT: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.3 (03.23.2014:1)OS: Windows 7 Home Premium x64Ran by Becky on Tue 03/25/2014 at 13:01:34.70~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 03/25/2014 at 13:06:17.72End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  9. johnstecchino
    Post-removal AdwCleaner log: # AdwCleaner v3.022 - Report created 25/03/2014 at 12:56:58# Updated 13/03/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Becky - BECKY-HPDESKTOP# Running from : C:\Users\Becky\Desktop\adwcleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** [x] Not Deleted : C:\ProgramData\AVG SafeGuard toolbarFolder Deleted : C:\ProgramData\AVG Secure SearchFolder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbarFolder Deleted : C:\Program Files (x86)\MyPC BackupFolder Deleted : C:\Program Files (x86)\Optimizer ProFolder Deleted : C:\Program Files (x86)\TornTV.comFolder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search[!] Folder Deleted : C:\Users\Becky\AppData\Local\AVG SafeGuard toolbarFolder Deleted : C:\Users\Becky\AppData\Local\SearchProtectFolder Deleted : C:\Users\Becky\AppData\LocalLow\AVG SafeGuard toolbarFolder Deleted : C:\Users\Becky\AppData\Roaming\Optimizer ProFolder Deleted : C:\Users\Becky\Documents\Optimizer ProFolder Deleted : C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblofKey Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLLKey Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPIKey Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObjKey Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocolKey Deleted : HKLM\SOFTWARE\Classes\SKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApiKey Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLEKey Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCSValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-pluginKey Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\AVG SafeGuard toolbarKey Deleted : HKLM\Software\AVG SafeGuard toolbarKey Deleted : HKLM\Software\AVG Security ToolbarKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16521 ************************* AdwCleaner[R0].txt - [7646 octets] - [25/03/2014 12:43:45]AdwCleaner[s0].txt - [6685 octets] - [25/03/2014 12:56:58] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [6745 octets] ##########
  10. johnstecchino
    From AdwCleaner. Is AVG really considered Malware? # AdwCleaner v3.022 - Report created 25/03/2014 at 12:43:45 # Updated 13/03/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Becky - BECKY-HPDESKTOP # Running from : C:\Users\Becky\Desktop\adwcleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Found : C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search Folder Found C:\Program Files (x86)\MyPC Backup Folder Found C:\Program Files (x86)\Optimizer Pro Folder Found C:\Program Files (x86)\TornTV.com Folder Found C:\ProgramData\AVG SafeGuard toolbar Folder Found C:\ProgramData\AVG Secure Search Folder Found C:\Users\Becky\AppData\Local\AVG SafeGuard toolbar Folder Found C:\Users\Becky\AppData\Local\SearchProtect Folder Found C:\Users\Becky\AppData\LocalLow\AVG SafeGuard toolbar Folder Found C:\Users\Becky\AppData\Roaming\Optimizer Pro Folder Found C:\Users\Becky\Documents\Optimizer Pro ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\AVG SafeGuard toolbar Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\Software\AVG SafeGuard toolbar Key Found : HKLM\Software\AVG Security Toolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1 Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1 Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Found : HKLM\SOFTWARE\Classes\S Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Google Chrome v33.0.1750.154 [ File : C:\Users\Becky\AppData\Local\Google\Chrome\User Data\Default\preferences ] Found : homepage Found : icon_url Found : search_url Found : suggest_url Found : keyword Found : icon_url Found : search_url Found : suggest_url Found : keyword Found : homepage Found : icon_url Found : search_url Found : suggest_url Found : keyword Found : homepage Found : icon_url Found : search_url Found : suggest_url Found : keyword Found : icon_url Found : search_url Found : suggest_url Found : keyword Found : icon_url Found : search_url Found : suggest_url Found : keyword ************************* AdwCleaner[R0].txt - [7462 octets] - [25/03/2014 12:43:45] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7522 octets] ##########
  11. johnstecchino
    Excellent, thank you for the link. RogueKiller Log, from the version you linked me to: RogueKiller V8.8.13 _x64_ [Mar 25 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Becky [Admin rights]Mode : Scan -- Date : 03/25/2014 11:40:08| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤[V2][sUSP PATH] Registration : "C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe" - Registration ShowMessageTask2D [7][-] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 1 ¤¤¤[CHR][PUP] Default : AVG SafeGuard ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : PUP ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST31000524AS +++++--- User ---[MBR] 80593208a96a598fa4dab88c1e048a13[bSP] 28fd91035205e53ab54e921da290669d : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206911 | Size: 942683 MB2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1930821632 | Size: 11084 MBUser = LL1 ... OK!User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) PNY USB 2.0 FD USB Device +++++--- User ---[MBR] 0564e03b3446ed879690f01e366fa264[bSP] b6d104faee52caaa5247b088fe99542c : MBR Code unknownPartition table:0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 2152 | Size: 30531 MBUser = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) +++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ USB) Generic- SD/MMC USB Device +++++Error reading User MBR! ([0x15] The device is not ready. )User = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) +++++ PhysicalDrive3: (\\.\PHYSICALDRIVE3 @ USB) Generic- Compact Flash USB Device +++++Error reading User MBR! ([0x15] The device is not ready. )User = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) +++++ PhysicalDrive4: (\\.\PHYSICALDRIVE4 @ USB) Generic- SM/xD-Picture USB Device +++++Error reading User MBR! ([0x15] The device is not ready. )User = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) +++++ PhysicalDrive5: (\\.\PHYSICALDRIVE5 @ USB) Generic- MS/MS-Pro USB Device +++++Error reading User MBR! ([0x15] The device is not ready. )User = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) +++++ PhysicalDrive6: (\\.\PHYSICALDRIVE6 @ USB) Kingston DataTraveler 2.0 USB Device +++++--- User ---[MBR] 81d38492ddc519066c05edf6327cbf2a[bSP] bafbcbf17002682ed38daa189f3c1219 : MBR Code unknownPartition table:0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 59006 MBUser = LL1 ... OK!Error reading LL2 MBR! ([0x32] The request is not supported. ) Finished : << RKreport[0]_S_03252014_114008.txt >>RKreport[0]_S_03252014_113622.txt
  12. johnstecchino
    MalwareBytes Log, with settings as per your instructions: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.03.25.04 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16521Becky :: BECKY-HPDESKTOP [administrator] 3/25/2014 11:22:23 AMmbam-log-2014-03-25 (11-22-23).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 217204Time elapsed: 3 minute(s), 54 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  13. johnstecchino
    The link you posted for the 64-bit version of RogueKiller doesn't seem to be working– I got the one here. I hope this is all right. Logs are forthcoming.
  14. johnstecchino
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/25/2013 8:28:19 PM System Uptime: 3/24/2014 1:25:31 PM (0 hours ago) . Motherboard: PEGATRON CORPORATION | | 2AC2 Processor: Intel® Core i5-2400 CPU @ 3.10GHz | CPU 1 | 3069/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 921 GiB total, 789.086 GiB free. D: is FIXED (NTFS) - 11 GiB total, 1.328 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP10: 12/29/2013 3:00:26 AM - Windows Update RP11: 1/16/2014 2:01:41 AM - Installed HP Support Assistant RP12: 1/16/2014 2:04:01 AM - Windows Modules Installer RP13: 1/16/2014 2:04:29 AM - Windows Modules Installer RP14: 1/16/2014 3:00:25 AM - Windows Update RP15: 2/16/2014 7:50:40 PM - Scheduled Checkpoint RP16: 2/17/2014 3:00:12 AM - Windows Update RP17: 3/5/2014 2:19:24 PM - Scheduled Checkpoint RP18: 3/5/2014 2:32:30 PM - Windows Update RP19: 3/6/2014 3:00:21 AM - Windows Update RP20: 3/24/2014 10:25:17 AM - Windows Update RP21: 3/24/2014 10:35:46 AM - Restore Operation RP22: 3/24/2014 11:43:50 AM - Windows Update . ==== Installed Programs ====================== . 802.11n Wireless LAN Card Adobe Flash Player 11 ActiveX (x64) Apple Application Support Apple Mobile Device Support Apple Software Update AVG SafeGuard toolbar Bing Bar Blio Bonjour Bubble Wrap Citrix Authentication Manager Citrix Receiver Citrix Receiver (HDX Flash Redirection) Citrix Receiver Inside Citrix Receiver Updater Citrix Receiver(Aero) Citrix Receiver(DV) Citrix Receiver(USB) D3DX10 DirectX for Managed Code Update (Summer 2004) doubleTwist Sync Facebook Google Chrome Google Update Helper Hewlett-Packard ACLM.NET v1.2.2.3 HP Application Assistant HP Auto HP Calendar HP Client Services HP Clock HP Customer Experience Enhancements HP LinkUp HP Magic Canvas HP Magic Canvas Tutorials HP Notes HP Odometer HP RSS HP Setup HP Setup Manager HP Support Assistant HP Support Information HP TouchSmart RecipeBox HP Update HP Vision Hardware Diagnostics HP Weather Intel® Identity Protection Technology 1.2.22.0 Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology iTunes Junk Mail filter update LabelPrint Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Metric Converter Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Mathematics Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 MSVCRT MSVCRT_amd64 Norton Internet Security Online Plug-in opensource PDF Complete Special Edition PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Power2Go Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2) Self-service Plug-in Spot Spotify Tap Tap Bear TSHostedAppLauncher Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) VIP Access VIP Access SDK (1.0.1.4) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== Event Viewer Messages From Past Week ======== . 3/24/2014 11:46:18 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2918077). 3/24/2014 11:46:18 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.169.394.0). 3/24/2014 11:45:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2929733). 3/24/2014 11:45:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2930275). 3/24/2014 11:45:20 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB2925418). 3/24/2014 11:45:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 for x64-based Systems (KB2929755). 3/24/2014 11:45:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x8024200d: Security Update for Windows 7 for x64-based Systems (KB2929961). 3/24/2014 11:45:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2932677). 3/24/2014 1:03:35 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/24/2014 1:03:35 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 3/24/2014 1:03:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 3/24/2014 1:03:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 3/24/2014 1:03:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/24/2014 1:03:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 3/24/2014 1:03:22 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD ctxusbm DfsC discache NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/24/2014 1:03:22 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. . ==== End Of File ===========================
  15. johnstecchino
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 Run by Becky at 13:29:03 on 2014-03-24 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8099.6447 [GMT -4:00] . AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Users\Becky\AppData\Roaming\Spotify\spotify.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Citrix\ICA Client\concentr.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Citrix\Receiver\Receiver.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Users\Becky\AppData\Roaming\Spotify\Data\SpotifyHelper.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.0.248\AVG SafeGuard toolbar_toolbar.dll TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll uRun: [spotify] "C:\Users\Becky\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk" mRun: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe TCP: NameServer = 192.168.1.1 TCP: Interfaces\{5E59289A-93D5-4B35-A2FB-CE1924F0458E} : DHCPNameServer = 192.168.1.1 Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn x64-BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll x64-TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-mASetup: {B34A07DD-C6F7-414A-AE63-01019482EAF0} - msiexec /fu {B34A07DD-C6F7-414A-AE63-01019482EAF0} /qn . ============= SERVICES / DRIVERS =============== . R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-12-25 50976] R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2012-12-5 98888] R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [2013-12-16 193696] R2 CalendarSynchService;CalendarSynchService;C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [2011-8-16 16384] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 821664] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160] R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 iPodDrv;iPodDrv;C:\Windows\System32\drivers\iPodDrv.sys [2013-10-14 14952] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-9-28 212944] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-12-27 138272] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-13 1128952] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-13 2656536] R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2012-12-2 81552] R2 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [2014-3-5 1759768] R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [2014-2-23 1526488] R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-12-27 167072] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-12-26 137648] R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20140221.002\IDSviA64.sys [2014-2-23 521944] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-13 1582144] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-13 533096] R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2009-12-2 721768] R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2009-12-2 269672] R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2009-12-2 25960] R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2009-12-2 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 209768] R3 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-12-27 451192] R3 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-12-27 1129120] R3 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-12-27 190072] R3 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-12-27 405624] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [2013-12-16 247968] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-17 111616] S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2012-3-13 158976] S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-13 31152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-12-27 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2014-03-24 16:25:31 -------- d-----w- C:\Users\Becky\AppData\Roaming\Malwarebytes 2014-03-24 16:25:24 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-03-24 16:25:24 -------- d-----w- C:\ProgramData\Malwarebytes 2014-03-24 16:25:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-24 15:46:05 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B8EF4F6-2569-4A7D-955F-C1EB4CD0DFF8}\mpengine.dll 2014-03-24 14:33:09 -------- d-----w- C:\Users\Becky\AppData\Roaming\Optimizer Pro 2014-03-24 14:27:52 -------- d-----w- C:\Users\Becky\AppData\Local\GCC 2014-03-24 14:27:40 -------- d-----w- C:\Program Files (x86)\Optimizer Pro 2014-03-24 14:27:37 -------- d-----w- C:\Users\Becky\AppData\Local\Programs 2014-03-24 14:27:32 -------- d-----w- C:\Program Files (x86)\MyPC Backup 2014-03-24 14:26:58 -------- d-----w- C:\Users\Becky\AppData\Local\SearchProtect 2014-03-24 14:26:41 -------- d-----w- C:\Program Files (x86)\PacFunction 2014-03-24 14:25:32 -------- d-----w- C:\Program Files (x86)\TornTV.com 2014-03-24 14:22:59 -------- d-----w- C:\Users\Becky\AppData\Local\qBittorrent 2014-03-24 14:20:38 -------- d-----w- C:\Program Files (x86)\qBittorrent 2014-03-06 08:10:11 -------- d-----w- C:\ProgramData\VirtualizedApplications 2014-03-05 19:32:47 8199504 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2014-03-05 19:20:57 -------- d-----w- C:\Users\Becky\AppData\Roaming\SoftGrid Client 2014-03-05 19:20:57 -------- d-----w- C:\Users\Becky\AppData\Local\SoftGrid Client 2014-03-05 19:20:26 -------- d-----w- C:\Program Files (x86)\Microsoft Application Virtualization Client 2014-03-05 19:20:19 -------- d-----w- C:\Users\Becky\AppData\Roaming\TP 2014-03-05 19:19:31 -------- d-----w- C:\ProgramData\AVG Secure Search . ==================== Find3M ==================== . 2014-03-05 19:19:24 50976 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll 2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll 2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-12-27 08:35:52 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-12-26 08:44:47 175736 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS 2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll . ============= FINISH: 13:29:44.18 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.