Jump to content

George_S

Members
  • Posts

    20
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Hi Aura Tx for the useful info herewith the Delfix log and Thank you again Regards George_S # DelFix v1.013 - Logfile created 12/08/2018 at 17:22:12 # Updated 17/04/2016 by Xplode # Username : georg - JNB-ELB-SOLG # Operating System : Windows 10 Enterprise (64 bits) ~ Activating UAC ... OK ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\RegBackup Deleted : C:\Users\georg\Desktop\Addition.txt Deleted : C:\Users\georg\Desktop\Fixlog.txt Deleted : C:\Users\georg\Desktop\FRST.txt Deleted : C:\Users\georg\Desktop\FRST64 (1).exe Deleted : C:\Users\georg\Desktop\FRST64.exe Deleted : C:\Users\georg\Downloads\Addition.txt Deleted : C:\Users\georg\Downloads\AdwCleaner.exe.hnoi8xc.partial Deleted : C:\Users\georg\Downloads\adwcleaner_7.0.8.0.exe Deleted : C:\Users\georg\Downloads\FRST.txt Deleted : C:\Users\georg\Downloads\FRST64.exe Deleted : HKLM\SOFTWARE\AdwCleaner ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #22 [Scheduled Checkpoint | 08/03/2018 11:35:38] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. No Aura, It seems all is well again You can close this now. Thanks once more George_S
  3. Hi Aura, Have deleted all items from quarantine and installed uBlock Origin. FIrst impression is that there is quite a bit of overhead when loading a URL in Chrome but TWT! Ran MB just now and 0 threats Thank you for your assistance, Regards George_S
  4. Hi Aura, Tx for all your expert assistance. I ran a MB threat scan just now with no threats detected. Qeustions:- I presume I can delete the items in quarantine now. Do you have any advice re suppression of advertisements on Chrome Regards George_S
  5. Hi Aura, I removed the extension Scanguard from Chrome Then ran Frst64.exe using the fixlist then did restart as instructed Herewith the fixlog.txt Is there anything I can add to the firewall to block this Scanguard from re-appearing, if this is the source of the MindSpark pups? Hope all is now well Regards George_S Fixlog.txt
  6. Hi AUra, the MindSpark with chrome references has come back numerous times in the past year or so. I have always assumed that it is being dropped onto my system during internet browsing. My wife looks up chrocheting and knitting patterns etc quite frequently (pinterest etc) no idea if this can be the source. Regards George_S
  7. Hi Aura No idea what it is - I did notice it and wondered myself REgards George_S
  8. Hi Aura, Apologies for delayed response, Today (Monday am) is the first time I have had comms access. I ran the Malwarebytes threat scan as advised. No threats since I quarantined the last bunch. I have included the latest threat scan and the provious one with the MindSpark entries I then ran the Fubar and attach the Fubar.txt and the Additions. txt Regards George PS: I hope these are OK FRST.txt Addition.txt mALWAREBYTES SCAN 2018-06-08.txt Malwarebytes prev results.txt
  9. Hi, I have a Dell Latitude E6430 laptop running Win 10 64bit. I use EMSISOFT Anti-Malware continualloy and Malwarebytes about 1/week. Malwarebytes reports the PUP.Optional.MindSpark.Generic quite frequently. I quarrantine all the entries (usually between 126 and 132) and delete them but it keeps coming back. How can I eliminate this and prevent it recurring Regards George_S
  10. Please close this post as Resolved in 137832 Tx George_s
  11. Ok - Done JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.8 (11.05.2013:1)OS: Windows 7 Professional x64Ran by George on 2013/12/08 at 12:09:26.47~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonicSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on 2013/12/08 at 12:22:11.59End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ADW Log # AdwCleaner v3.014 - Report created 08/12/2013 at 12:29:19# Updated 01/12/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : George - JNB-ELB-SOLG# Running from : C:\Users\George\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [857 octets] - [08/12/2013 12:27:55]AdwCleaner[s0].txt - [777 octets] - [08/12/2013 12:29:19] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [836 octets] ########## MBAM Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.12.08.01 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16428George :: JNB-ELB-SOLG [administrator] 2013/12/08 12:35:17 PMmbam-log-2013-12-08 (12-35-17).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 203819Time elapsed: 3 minute(s), 9 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 2C:\Users\George\AppData\Local\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.C:\Users\George\Downloads\SoftonicDownloader_for_peazip.exe (PUP.Optional.Softonic.A) -> Quarantined and deleted successfully. (end) Tx - I presume all is well again. Have you any idea where I might have picked up the Default Tab program? Regards and Tx again George_S
  12. Hi, Apologies, I did the DDS run and then on reading the instruction you referred to in your first reply followed the instruction there " Then post a new topic here." altho I could not see why this was requiredDDS DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428Run by George at 13:24:02 on 2013-12-07Microsoft Windows 7 Professional 6.1.7601.1.1252.27.1033.18.8133.5858 [GMT 2:00].AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\nvservice.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\Online Armor\OAcat.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exeC:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files (x86)\Password Safe\pwsafe.exeC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files (x86)\MEDITECH\MTAppDwn.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exeC:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exeC:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exeC:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\System32\WUDFHost.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchFilterHost.exeC:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2guard.exeC:\Windows\SysWOW64\DllHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLmRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silentmRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PASSWO~1.LNK - C:\Program Files (x86)\Password Safe\pwsafe.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{3FC68F6B-411D-465A-A524-84B6160E5939} : DHCPNameServer = 172.16.8.105 172.16.9.105TCP: Interfaces\{4C1259B8-827F-47F7-8151-4A69C327F07E} : DHCPNameServer = 192.168.1.1 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exex64-Run: [@OnlineArmor GUI] "C:\Program Files (x86)\Online Armor\OAui.exe"x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquietx64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServicesx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-11-12 108832]R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-11-17 317808]R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-11-8 22128]R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-11-12 1120032]R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-11-12 183224]R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-11-12 161568]R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-11-12 117024]R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-11-11 26176]R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2013-11-11 45208]R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2013-11-11 17384]R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2013-11-11 64720]R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2013-11-11 52360]R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-11-17 606672]R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-11-11 4161512]R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-11-12 3783672]R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-5 107520]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376]R2 MTAppManager;MEDITECH Application Manager;C:\Program Files (x86)\MEDITECH\MTAppDwn.exe [2013-11-8 96712]R2 nvservice;NVIDIA GuardService;C:\Windows\System32\nvservice.exe [2013-11-18 192800]R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\OAcat.exe [2013-11-12 584864]R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-10 383264]R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-3-20 7084696]R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-11-11 70960]R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-11-12 367200]R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-11-8 135720]R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-11-11 57024]R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-11-8 47752]R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port;C:\Windows\System32\drivers\d554gps64.sys [2013-11-8 103184]R3 d554scard;Dell Wireless HSPA Mini-Card USIM Port;C:\Windows\System32\drivers\d554scard.sys [2013-11-8 61992]R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2013-11-8 26664]R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2013-11-8 29736]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-8 356120]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-8 788760]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]R3 Mbm3CBus;Dell Wireless 5560 HSPA+ Mini-Card Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2013-11-8 443208]R3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2013-11-8 453960]R3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2013-11-8 21832]R3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2013-11-8 506184]R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2013-11-11 35368]R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_Accel.sys [2013-11-8 89312]R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2013-11-8 280448]S1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2013-11-11 62008]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-7 573952]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512]S2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\OAsrv.exe [2013-11-12 4457688]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-18 111616]S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-18 19456]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-18 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-18 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-12 1255736].=============== Created Last 30 ================.2013-12-07 06:40:43 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B6BC5A9-968C-4FC4-97F1-EE7ABB91BBDD}\mpengine.dll2013-12-06 13:53:00 -------- d-----w- C:\Users\George\AppData\Local\Diagnostics2013-12-05 05:51:59 -------- d-----w- C:\Program Files (x86)\DefaultTab2013-12-05 05:51:45 -------- d-----w- C:\Users\George\AppData\Roaming\defaulttab2013-12-04 08:13:34 -------- d-----w- C:\Users\George\.RippleDown2013-12-04 08:08:15 -------- d-----w- C:\RippleDown 6.372013-12-03 09:59:32 -------- d-----w- C:\Program Files\Microsoft Synchronization Services2013-12-03 09:59:06 -------- d-----w- C:\Windows\PCHEALTH2013-12-03 09:59:06 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition2013-12-03 09:56:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 82013-12-03 09:55:13 -------- d-----w- C:\Program Files\Microsoft Analysis Services2013-12-03 09:55:13 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services2013-11-24 06:39:00 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp4v2.dll2013-11-24 06:38:26 130048 ----a-w- C:\Windows\System32\hpz3l4v2.dll2013-11-23 10:32:16 -------- d-----w- C:\Users\George\AppData\Roaming\HpUpdate2013-11-23 10:31:50 -------- d-----w- C:\Windows\Hewlett-Packard2013-11-18 21:03:25 192800 ----a-w- C:\Windows\System32\nvservice.exe2013-11-18 20:34:04 -------- d-----w- C:\Program Files\Speccy2013-11-18 20:33:01 -------- d-----w- C:\Program Files\CCleaner2013-11-18 17:58:27 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll2013-11-18 17:58:26 366592 ----a-w- C:\Windows\System32\qdvd.dll2013-11-18 17:36:29 -------- d--h--w- C:\Windows\msdownld.tmp2013-11-18 04:53:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.02013-11-17 06:19:15 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys2013-11-17 06:17:14 -------- d-----w- C:\Users\George\AppData\Local\Trusteer2013-11-17 06:17:05 -------- d-----w- C:\Program Files (x86)\Trusteer2013-11-17 06:14:15 -------- d-----w- C:\ProgramData\Trusteer2013-11-17 05:53:43 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-11-17 05:53:43 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-11-17 05:53:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-11-17 05:53:43 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-11-17 05:53:43 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-11-17 05:53:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-11-17 05:53:43 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-11-15 20:14:51 114688 ----a-w- C:\Windows\keymail.dll2013-11-15 14:10:49 -------- d-----w- C:\UniScan2013-11-15 14:09:14 803840 ----a-w- C:\Windows\System32\hpxp2436.dll2013-11-15 14:09:14 728064 ----a-w- C:\Windows\System32\hp2436co.dll2013-11-15 14:09:14 561664 ----a-w- C:\Windows\System32\hpgt2436.dll2013-11-15 11:36:52 -------- d-----w- C:\ProgramData\WEBREG2013-11-15 11:28:06 -------- d-----w- C:\Program Files (x86)\Common Files\HP2013-11-15 11:23:04 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard2013-11-15 11:22:46 -------- d-----w- C:\Program Files (x86)\HP2013-11-12 19:59:45 -------- d-----w- C:\Windows\SysWow64\Wat2013-11-12 19:59:45 -------- d-----w- C:\Windows\System32\Wat2013-11-12 08:32:38 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys2013-11-12 08:32:32 1462560 ----a-w- C:\Windows\System32\drivers\tdrpman.sys2013-11-12 08:32:25 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys2013-11-12 08:32:24 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys2013-11-12 08:32:17 161568 ----a-w- C:\Windows\System32\drivers\vididr.sys2013-11-12 08:32:15 117024 ----a-w- C:\Windows\System32\drivers\vidsflt.sys2013-11-12 08:32:13 233760 ----a-w- C:\Windows\System32\drivers\snapman.sys2013-11-12 08:32:09 108832 ----a-w- C:\Windows\System32\drivers\fltsrv.sys2013-11-11 19:56:18 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Games2013-11-11 19:55:18 -------- d-----w- C:\Program Files\Microsoft Games2013-11-11 16:56:08 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center2013-11-11 16:32:19 -------- d-----w- C:\Users\George\AppData\Local\Apps2013-11-11 16:32:18 -------- d-----w- C:\Users\George\AppData\Local\Deployment2013-11-11 13:09:50 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys2013-11-11 13:09:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll2013-11-11 13:09:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll2013-11-11 13:09:50 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll2013-11-11 13:09:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe2013-11-11 13:09:50 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys2013-11-11 13:09:50 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll2013-11-11 12:51:36 -------- d-----w- C:\Windows\System32\MRT2013-11-11 12:45:24 -------- d-----w- C:\Program Files (x86)\cGPSmapper2013-11-11 12:40:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-11-11 12:40:35 5120 ----a-w- C:\Windows\SysWow64\wmi.dll2013-11-11 12:40:35 5120 ----a-w- C:\Windows\System32\wmi.dll2013-11-11 12:40:35 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys2013-11-11 12:40:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-11-11 12:39:30 -------- d-----w- C:\Users\George\T4A Previewer2013-11-11 12:02:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll2013-11-11 12:01:33 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-11-11 12:00:49 376688 ----a-w- C:\Windows\System32\drivers\netio.sys2013-11-11 11:59:51 478208 ----a-w- C:\Windows\System32\dpnet.dll2013-11-11 11:59:51 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll2013-11-11 11:59:46 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-11-11 11:59:46 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-11-11 11:59:45 52224 ----a-w- C:\Windows\System32\certenc.dll2013-11-11 11:59:45 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-11-11 11:59:31 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll2013-11-11 11:59:31 259584 ----a-w- C:\Windows\System32\WebClnt.dll2013-11-11 11:59:31 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll2013-11-11 11:59:31 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys2013-11-11 11:59:31 102400 ----a-w- C:\Windows\System32\davclnt.dll2013-11-11 11:59:00 624128 ----a-w- C:\Windows\System32\qedit.dll2013-11-11 11:57:36 800768 ----a-w- C:\Windows\System32\usp10.dll2013-11-11 11:56:59 64512 ----a-w- C:\Windows\SysWow64\devobj.dll2013-11-11 11:53:31 -------- d-----w- C:\Users\George\AppData\Roaming\NVIDIA2013-11-11 11:53:29 -------- d-----w- C:\Users\George\AppData\Local\Garmin2013-11-11 11:53:28 -------- d-----w- C:\ProgramData\Garmin2013-11-11 11:53:00 -------- d-----w- C:\Users\George\AppData\Local\GARMIN_Corp2013-11-11 11:48:08 -------- d-----w- C:\Program Files (x86)\Garmin2013-11-11 11:48:07 -------- d-----w- C:\Users\George\AppData\Roaming\Garmin2013-11-11 11:38:16 -------- d-----w- C:\Users\George\AppData\Roaming\Malwarebytes2013-11-11 11:38:04 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-11 11:38:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-11-11 11:38:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-11 11:25:45 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-11-11 11:21:26 77312 ----a-w- C:\Windows\System32\packager.dll2013-11-11 11:21:26 67072 ----a-w- C:\Windows\SysWow64\packager.dll2013-11-11 11:14:23 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2013-11-11 11:14:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2013-11-11 11:14:23 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2013-11-11 11:03:40 2622464 ----a-w- C:\Windows\System32\wucltux.dll2013-11-11 11:03:31 99840 ----a-w- C:\Windows\System32\wudriver.dll2013-11-11 11:03:19 36864 ----a-w- C:\Windows\System32\wuapp.exe2013-11-11 11:03:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll2013-11-11 08:26:05 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware2013-11-11 06:49:31 -------- d-----w- C:\Users\George\AppData\Local\Adobe2013-11-11 06:45:03 -------- d-----w- C:\Users\George\AppData\Local\PasswordSafe2013-11-11 06:38:25 -------- d-----w- C:\Users\George\AppData\Roaming\OnlineArmor2013-11-11 06:38:25 -------- d-----w- C:\ProgramData\OnlineArmor2013-11-11 06:37:01 64720 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys2013-11-11 06:37:01 62008 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys2013-11-11 06:37:01 52360 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys2013-11-11 06:37:01 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys2013-11-11 06:36:52 -------- d-----w- C:\Program Files (x86)\Online Armor2013-11-11 06:34:21 -------- d-----w- C:\Users\George\AppData\Roaming\IrfanView2013-11-11 06:34:18 -------- d-----w- C:\Program Files (x86)\IrfanView2013-11-11 06:26:22 -------- d-----w- C:\Program Files (x86)\Password Safe2013-11-08 16:21:32 -------- d-----w- C:\Windows\Panther2013-11-08 16:20:53 -------- d-----w- C:\Windows\System32\OEM2013-11-08 16:20:53 -------- d-----w- C:\Hotfix2013-11-08 09:54:13 -------- d-----w- C:\GEORGE2013-11-08 08:45:10 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Help2013-11-08 08:23:21 -------- d-----w- C:\Users\George\AppData\Roaming\Vodafone2013-11-08 08:20:17 -------- d-----w- C:\Users\George\AppData\Local\Programs2013-11-08 08:20:05 -------- d-----w- C:\ProgramData\Vodafone2013-11-08 08:19:57 -------- d-----w- C:\Program Files (x86)\Vodafone2013-11-08 08:19:26 8464 ----a-w- C:\Windows\SysWow64\SpOrder.dll2013-11-08 08:19:10 -------- d-----w- C:\Users\George\AppData\Local\{F27ACCDD-3291-41C8-B815-948CA954C05F}2013-11-08 08:17:47 -------- d-----w- C:\Program Files (x86)\Quest Software2013-11-08 08:16:42 -------- d-----w- C:\Windows\System32\log2013-11-08 08:16:21 -------- d-----w- C:\Program Files (x86)\Trend Micro2013-11-08 08:15:58 -------- d-----w- C:\Users\George\AppData\Local\Trend Micro2013-11-08 08:14:28 -------- d-----w- C:\Users\George\AppData\Local\Google2013-11-08 08:13:20 -------- d-----w- C:\Program Files\MEDITECH2013-11-08 08:13:15 -------- d-----w- C:\ProgramData\MEDITECH2013-11-08 08:13:14 -------- d-----w- C:\Program Files (x86)\MEDITECH2013-11-08 08:01:26 -------- d-----w- C:\Program Files\DellTPad2013-11-08 07:59:58 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation2013-11-08 07:59:26 884512 ----a-w- C:\Windows\System32\nvvsvc.exe2013-11-08 07:59:26 6382880 ----a-w- C:\Windows\System32\nvcpl.dll2013-11-08 07:59:26 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-11-08 07:59:26 3460896 ----a-w- C:\Windows\System32\nvsvc64.dll2013-11-08 07:59:26 2558240 ----a-w- C:\Windows\System32\nvsvcr.dll2013-11-08 07:59:26 118560 ----a-w- C:\Windows\System32\nvmctray.dll2013-11-08 07:59:14 60776 ----a-w- C:\Windows\System32\OpenCL.dll2013-11-08 07:59:14 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll2013-11-08 07:59:14 -------- d-----w- C:\temp2013-11-08 07:59:09 -------- d-----w- C:\ProgramData\NVIDIA Corporation2013-11-08 07:58:54 31080 ----a-w- C:\Windows\System32\nvhdap64.dll2013-11-08 07:58:54 2824504 ----a-w- C:\Windows\System32\nvapi64.dll2013-11-08 07:58:54 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys2013-11-08 07:58:54 1814304 ----a-w- C:\Windows\System32\nvdispco64.dll2013-11-08 07:58:54 1510176 ----a-w- C:\Windows\System32\nvdispgenco64.dll2013-11-08 07:58:54 15052728 ----a-w- C:\Windows\System32\nvwgf2umx.dll2013-11-08 07:58:54 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll2013-11-08 07:58:44 -------- d-----w- C:\Program Files\NVIDIA Corporation2013-11-08 07:58:24 135720 ----a-w- C:\Windows\System32\drivers\bcbtums.sys2013-11-08 07:58:00 113048 ----a-w- C:\Windows\System32\Vxdif.dll2013-11-08 07:57:58 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys2013-11-08 07:57:54 47752 ----a-w- C:\Windows\System32\drivers\cvusbdrv.sys2013-11-08 07:57:46 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys2013-11-08 07:57:46 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys2013-11-08 07:57:46 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys2013-11-08 07:53:30 22128 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys2013-11-08 07:52:54 9728 ----a-w- C:\Windows\System32\Wdfres.dll2013-11-08 07:52:54 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys2013-11-08 07:52:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui2013-11-08 07:52:46 -------- d-----w- C:\Program Files\STMicroelectronics2013-11-08 07:52:44 89312 ----a-w- C:\Windows\System32\drivers\ST_Accel.sys2013-11-08 07:52:44 66640 ----a-w- C:\Windows\System32\stdcfltnco05.dll2013-11-08 07:52:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll2013-11-08 07:52:06 -------- d-----w- C:\Program Files (x86)\ST Microelectronics2013-11-08 07:48:07 -------- d-sh--w- C:\Windows\Installer2013-11-08 07:47:47 -------- d-----w- C:\Users\George\AppData\Local\Dell2013-11-08 07:47:04 544568 ----a-w- C:\Windows\System32\PROUnstl.exe2013-11-08 07:46:32 73032 ----a-w- C:\Windows\System32\e1cmsg.dll2013-11-08 07:46:32 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys2013-11-08 07:46:32 36472 ----a-w- C:\Windows\System32\NicCo36.dll2013-11-08 07:46:32 101224 ----a-w- C:\Windows\System32\NicInstC.dll2013-11-08 07:45:47 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll2013-11-08 07:45:34 -------- d-----w- C:\Intel2013-11-08 07:45:32 -------- d-----w- C:\Dell2013-11-08 06:30:07 -------- d-----w- C:\Users\George\AppData\Local\VirtualStore.==================== Find3M ====================.2013-11-12 19:43:59 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-11-11 03:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe ============= FINISH: 13:24:48.20 =============== ATTACH .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 2013/11/08 08:29:52 AMSystem Uptime: 2013/12/06 05:02:54 PM (20 hours ago).Motherboard: Dell Inc. | | 0H3MT5Processor: Intel® Core i5-3320M CPU @ 2.60GHz | SOCKET 0 | 2601/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 178.456 GiB free.D: is CDROM ()E: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP54: 2013/12/05 07:00:12 AM - Windows UpdateRP55: 2013/12/05 07:22:34 AM - Restore point (PeaZip Setup)RP56: 2013/12/05 06:06:43 PM - Windows UpdateRP57: 2013/12/05 10:27:32 PM - Windows UpdateRP58: 2013/12/06 07:00:16 AM - Windows UpdateRP59: 2013/12/06 10:20:46 AM - Windows UpdateRP60: 2013/12/06 03:56:40 PM - Windows UpdateRP61: 2013/12/07 08:30:30 AM - Windows UpdateRP62: 2013/12/07 09:42:55 AM - Restore point (C:\Users\George\Downloads\-1266489332TemplateDisk.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe Flash Player 10 ActiveXAdobe Reader X (10.1.8)BufferChmCCleanercGPSmapper Free 0100dDefaultTabDefinition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionDell TouchpadDell Wireless HSPA Mini-Card DriversDestinationsDocProcDW WLAN Card UtilityEmsisoft Anti-MalwareGarmin BaseCampGarmin MapInstallGarmin MapSourceGarmin MapSource BetaGarmin USB DriversGoogle ChromeGoogle Update HelperGPBaseService2HP Imaging Device Functions 13.0HP Photosmart Essential 3.5HP Scanjet 2400HP Solution Center 13.0HP Updatehpg2410HPPhotosmartEssentialHPProductAssistantIntel® Network Connections DriversIrfanView (remove only)Malwarebytes Anti-Malware version 1.75.0.1300MEDITECH Workstation3.xMEDITECH Workstation4.xMicrosoft .NET Framework 4 Client ProfileMicrosoft Mouse and Keyboard CenterMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Notepad++NVIDIA 3D Vision Driver 311.00NVIDIA Control Panel 311.00NVIDIA Graphics Driver 311.00NVIDIA Guard Service 1.0NVIDIA HD Audio Driver 1.3.18.0NVIDIA Install ApplicationNVIDIA nView 136.53NVIDIA PhysXNVIDIA PhysX System Software 9.12.0613NVIDIA Stereoscopic 3D DriverOCR Software by I.R.I.S. 13.0Online Armor 6.0Password SafeQuest PuTTY 0.60_q1.129RapportScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553431) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553284) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2760781) 64-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2597981) 64-Bit EditionSolutionCenterSpeccyST Microelectronics 3 Axis Digital Accelerometer SolutionStriata ReaderT4A Maps Botswana T4A Maps Free State/Eastern Cape/KZNT4A Maps Gauteng and NorthT4A Maps Namibia T4A Maps Western /Northern Cape True Image 2013Trusteer Endpoint ProtectionUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589352) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2597091) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 64-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 64-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 64-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit EditionVodafone Mobile ConnectWebRegWindows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0).==== Event Viewer Messages From Past Week ========.2013/12/07 08:38:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition.2013/12/07 08:30:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the syncagentsrv service.2013/12/06 05:05:55 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).2013/12/06 02:55:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}2013/12/06 02:54:39 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.2013/12/06 02:54:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}2013/12/06 02:53:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}2013/12/06 02:53:32 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 212013/12/06 02:53:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}2013/12/06 02:53:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: a2injectiondriver discache OADevice oahlpXX RapportKE64 snapman spldr Wanarpv62013/12/05 07:52:15 AM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.2013/12/05 06:29:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.2013/12/05 06:24:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.2013/12/05 06:24:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.2013/12/05 06:23:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.2013/12/05 06:23:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [616] - Reader monitor 'Mobile Broadband SIM Card Reader 0' received uncaught error code: The device does not recognize the command.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [612] - Reader insertion monitor error retry threshold reached: The device does not recognize the command.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL POWER: The device does not recognize the command. If this error persists, your smart card or reader may not be functioning correctly. Command Header: 00 00 00 002013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL GET_STATE: The device does not recognize the command. If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX2013/12/02 08:20:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect..==== End Of File ===========================
  13. As requested created new post: Herewith the DDS.txt and attach.txt pasted in George_S DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428Run by George at 13:24:02 on 2013-12-07Microsoft Windows 7 Professional 6.1.7601.1.1252.27.1033.18.8133.5858 [GMT 2:00].AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\nvservice.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k GPSvcGroupC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXEC:\Program Files\Dell\DW WLAN Card\bcmwltry.exeC:\Windows\system32\WLANExt.exeC:\Program Files (x86)\Online Armor\OAcat.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exeC:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exeC:\Program Files\Dell\DW WLAN Card\WLTRAY.EXEC:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exeC:\Program Files\DellTPad\Apoint.exeC:\Program Files (x86)\Password Safe\pwsafe.exeC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files (x86)\MEDITECH\MTAppDwn.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exeC:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exeC:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exeC:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exeC:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exeC:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Windows\System32\WUDFHost.exeC:\Program Files\DellTPad\ApMsgFwd.exeC:\Program Files\DellTPad\HidFind.exeC:\Program Files\DellTPad\Apntex.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXEC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\System32\WUDFHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchFilterHost.exeC:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exeC:\Windows\System32\svchost.exe -k WerSvcGroupC:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2guard.exeC:\Windows\SysWOW64\DllHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLmRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silentmRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exemRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exemRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentStartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PASSWO~1.LNK - C:\Program Files (x86)\Password Safe\pwsafe.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllTCP: NameServer = 192.168.1.1 192.168.1.1TCP: Interfaces\{3FC68F6B-411D-465A-A524-84B6160E5939} : DHCPNameServer = 172.16.8.105 172.16.9.105TCP: Interfaces\{4C1259B8-827F-47F7-8151-4A69C327F07E} : DHCPNameServer = 192.168.1.1 192.168.1.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLmASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromex64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exex64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exex64-Run: [@OnlineArmor GUI] "C:\Program Files (x86)\Online Armor\OAui.exe"x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchx64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquietx64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServicesx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-11-12 108832]R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-11-17 317808]R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-11-8 22128]R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-11-12 1120032]R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-11-12 183224]R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-11-12 161568]R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-11-12 117024]R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-11-11 26176]R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2013-11-11 45208]R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2013-11-11 17384]R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2013-11-11 64720]R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2013-11-11 52360]R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-11-17 606672]R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-11-11 4161512]R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-11-12 3783672]R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-5 107520]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376]R2 MTAppManager;MEDITECH Application Manager;C:\Program Files (x86)\MEDITECH\MTAppDwn.exe [2013-11-8 96712]R2 nvservice;NVIDIA GuardService;C:\Windows\System32\nvservice.exe [2013-11-18 192800]R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\OAcat.exe [2013-11-12 584864]R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-10 383264]R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-3-20 7084696]R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-11-11 70960]R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-11-12 367200]R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-11-8 135720]R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-11-11 57024]R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-11-8 47752]R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port;C:\Windows\System32\drivers\d554gps64.sys [2013-11-8 103184]R3 d554scard;Dell Wireless HSPA Mini-Card USIM Port;C:\Windows\System32\drivers\d554scard.sys [2013-11-8 61992]R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2013-11-8 26664]R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2013-11-8 29736]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-8 356120]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-8 788760]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]R3 Mbm3CBus;Dell Wireless 5560 HSPA+ Mini-Card Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2013-11-8 443208]R3 Mbm3DevMt;Dell Wireless HSPA Mini-Card Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2013-11-8 453960]R3 Mbm3mdfl;Dell Wireless HSPA Mini-Card Modem Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2013-11-8 21832]R3 Mbm3Mdm;Dell Wireless HSPA Mini-Card Modem Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2013-11-8 506184]R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2013-11-11 35368]R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_Accel.sys [2013-11-8 89312]R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2013-11-8 280448]S1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2013-11-11 62008]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-7 573952]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512]S2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\OAsrv.exe [2013-11-12 4457688]S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-18 111616]S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-18 19456]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-18 57856]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-18 30208]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-12 1255736].=============== Created Last 30 ================.2013-12-07 06:40:43 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B6BC5A9-968C-4FC4-97F1-EE7ABB91BBDD}\mpengine.dll2013-12-06 13:53:00 -------- d-----w- C:\Users\George\AppData\Local\Diagnostics2013-12-05 05:51:59 -------- d-----w- C:\Program Files (x86)\DefaultTab2013-12-05 05:51:45 -------- d-----w- C:\Users\George\AppData\Roaming\defaulttab2013-12-04 08:13:34 -------- d-----w- C:\Users\George\.RippleDown2013-12-04 08:08:15 -------- d-----w- C:\RippleDown 6.372013-12-03 09:59:32 -------- d-----w- C:\Program Files\Microsoft Synchronization Services2013-12-03 09:59:06 -------- d-----w- C:\Windows\PCHEALTH2013-12-03 09:59:06 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition2013-12-03 09:56:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 82013-12-03 09:55:13 -------- d-----w- C:\Program Files\Microsoft Analysis Services2013-12-03 09:55:13 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services2013-11-24 06:39:00 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp4v2.dll2013-11-24 06:38:26 130048 ----a-w- C:\Windows\System32\hpz3l4v2.dll2013-11-23 10:32:16 -------- d-----w- C:\Users\George\AppData\Roaming\HpUpdate2013-11-23 10:31:50 -------- d-----w- C:\Windows\Hewlett-Packard2013-11-18 21:03:25 192800 ----a-w- C:\Windows\System32\nvservice.exe2013-11-18 20:34:04 -------- d-----w- C:\Program Files\Speccy2013-11-18 20:33:01 -------- d-----w- C:\Program Files\CCleaner2013-11-18 17:58:27 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll2013-11-18 17:58:26 366592 ----a-w- C:\Windows\System32\qdvd.dll2013-11-18 17:36:29 -------- d--h--w- C:\Windows\msdownld.tmp2013-11-18 04:53:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.02013-11-17 06:19:15 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys2013-11-17 06:17:14 -------- d-----w- C:\Users\George\AppData\Local\Trusteer2013-11-17 06:17:05 -------- d-----w- C:\Program Files (x86)\Trusteer2013-11-17 06:14:15 -------- d-----w- C:\ProgramData\Trusteer2013-11-17 05:53:43 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-11-17 05:53:43 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-11-17 05:53:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-11-17 05:53:43 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-11-17 05:53:43 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-11-17 05:53:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-11-17 05:53:43 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-11-15 20:14:51 114688 ----a-w- C:\Windows\keymail.dll2013-11-15 14:10:49 -------- d-----w- C:\UniScan2013-11-15 14:09:14 803840 ----a-w- C:\Windows\System32\hpxp2436.dll2013-11-15 14:09:14 728064 ----a-w- C:\Windows\System32\hp2436co.dll2013-11-15 14:09:14 561664 ----a-w- C:\Windows\System32\hpgt2436.dll2013-11-15 11:36:52 -------- d-----w- C:\ProgramData\WEBREG2013-11-15 11:28:06 -------- d-----w- C:\Program Files (x86)\Common Files\HP2013-11-15 11:23:04 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard2013-11-15 11:22:46 -------- d-----w- C:\Program Files (x86)\HP2013-11-12 19:59:45 -------- d-----w- C:\Windows\SysWow64\Wat2013-11-12 19:59:45 -------- d-----w- C:\Windows\System32\Wat2013-11-12 08:32:38 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys2013-11-12 08:32:32 1462560 ----a-w- C:\Windows\System32\drivers\tdrpman.sys2013-11-12 08:32:25 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys2013-11-12 08:32:24 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys2013-11-12 08:32:17 161568 ----a-w- C:\Windows\System32\drivers\vididr.sys2013-11-12 08:32:15 117024 ----a-w- C:\Windows\System32\drivers\vidsflt.sys2013-11-12 08:32:13 233760 ----a-w- C:\Windows\System32\drivers\snapman.sys2013-11-12 08:32:09 108832 ----a-w- C:\Windows\System32\drivers\fltsrv.sys2013-11-11 19:56:18 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Games2013-11-11 19:55:18 -------- d-----w- C:\Program Files\Microsoft Games2013-11-11 16:56:08 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center2013-11-11 16:32:19 -------- d-----w- C:\Users\George\AppData\Local\Apps2013-11-11 16:32:18 -------- d-----w- C:\Users\George\AppData\Local\Deployment2013-11-11 13:09:50 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys2013-11-11 13:09:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll2013-11-11 13:09:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll2013-11-11 13:09:50 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll2013-11-11 13:09:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe2013-11-11 13:09:50 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys2013-11-11 13:09:50 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll2013-11-11 12:51:36 -------- d-----w- C:\Windows\System32\MRT2013-11-11 12:45:24 -------- d-----w- C:\Program Files (x86)\cGPSmapper2013-11-11 12:40:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-11-11 12:40:35 5120 ----a-w- C:\Windows\SysWow64\wmi.dll2013-11-11 12:40:35 5120 ----a-w- C:\Windows\System32\wmi.dll2013-11-11 12:40:35 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys2013-11-11 12:40:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-11-11 12:39:30 -------- d-----w- C:\Users\George\T4A Previewer2013-11-11 12:02:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll2013-11-11 12:01:33 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-11-11 12:00:49 376688 ----a-w- C:\Windows\System32\drivers\netio.sys2013-11-11 11:59:51 478208 ----a-w- C:\Windows\System32\dpnet.dll2013-11-11 11:59:51 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll2013-11-11 11:59:46 903168 ----a-w- C:\Windows\SysWow64\certutil.exe2013-11-11 11:59:46 1192448 ----a-w- C:\Windows\System32\certutil.exe2013-11-11 11:59:45 52224 ----a-w- C:\Windows\System32\certenc.dll2013-11-11 11:59:45 43008 ----a-w- C:\Windows\SysWow64\certenc.dll2013-11-11 11:59:31 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll2013-11-11 11:59:31 259584 ----a-w- C:\Windows\System32\WebClnt.dll2013-11-11 11:59:31 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll2013-11-11 11:59:31 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys2013-11-11 11:59:31 102400 ----a-w- C:\Windows\System32\davclnt.dll2013-11-11 11:59:00 624128 ----a-w- C:\Windows\System32\qedit.dll2013-11-11 11:57:36 800768 ----a-w- C:\Windows\System32\usp10.dll2013-11-11 11:56:59 64512 ----a-w- C:\Windows\SysWow64\devobj.dll2013-11-11 11:53:31 -------- d-----w- C:\Users\George\AppData\Roaming\NVIDIA2013-11-11 11:53:29 -------- d-----w- C:\Users\George\AppData\Local\Garmin2013-11-11 11:53:28 -------- d-----w- C:\ProgramData\Garmin2013-11-11 11:53:00 -------- d-----w- C:\Users\George\AppData\Local\GARMIN_Corp2013-11-11 11:48:08 -------- d-----w- C:\Program Files (x86)\Garmin2013-11-11 11:48:07 -------- d-----w- C:\Users\George\AppData\Roaming\Garmin2013-11-11 11:38:16 -------- d-----w- C:\Users\George\AppData\Roaming\Malwarebytes2013-11-11 11:38:04 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-11 11:38:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-11-11 11:38:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-11 11:25:45 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2013-11-11 11:21:26 77312 ----a-w- C:\Windows\System32\packager.dll2013-11-11 11:21:26 67072 ----a-w- C:\Windows\SysWow64\packager.dll2013-11-11 11:14:23 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll2013-11-11 11:14:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys2013-11-11 11:14:23 1031680 ----a-w- C:\Windows\System32\rdpcore.dll2013-11-11 11:03:40 2622464 ----a-w- C:\Windows\System32\wucltux.dll2013-11-11 11:03:31 99840 ----a-w- C:\Windows\System32\wudriver.dll2013-11-11 11:03:19 36864 ----a-w- C:\Windows\System32\wuapp.exe2013-11-11 11:03:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll2013-11-11 08:26:05 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware2013-11-11 06:49:31 -------- d-----w- C:\Users\George\AppData\Local\Adobe2013-11-11 06:45:03 -------- d-----w- C:\Users\George\AppData\Local\PasswordSafe2013-11-11 06:38:25 -------- d-----w- C:\Users\George\AppData\Roaming\OnlineArmor2013-11-11 06:38:25 -------- d-----w- C:\ProgramData\OnlineArmor2013-11-11 06:37:01 64720 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys2013-11-11 06:37:01 62008 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys2013-11-11 06:37:01 52360 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys2013-11-11 06:37:01 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys2013-11-11 06:36:52 -------- d-----w- C:\Program Files (x86)\Online Armor2013-11-11 06:34:21 -------- d-----w- C:\Users\George\AppData\Roaming\IrfanView2013-11-11 06:34:18 -------- d-----w- C:\Program Files (x86)\IrfanView2013-11-11 06:26:22 -------- d-----w- C:\Program Files (x86)\Password Safe2013-11-08 16:21:32 -------- d-----w- C:\Windows\Panther2013-11-08 16:20:53 -------- d-----w- C:\Windows\System32\OEM2013-11-08 16:20:53 -------- d-----w- C:\Hotfix2013-11-08 09:54:13 -------- d-----w- C:\GEORGE2013-11-08 08:45:10 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Help2013-11-08 08:23:21 -------- d-----w- C:\Users\George\AppData\Roaming\Vodafone2013-11-08 08:20:17 -------- d-----w- C:\Users\George\AppData\Local\Programs2013-11-08 08:20:05 -------- d-----w- C:\ProgramData\Vodafone2013-11-08 08:19:57 -------- d-----w- C:\Program Files (x86)\Vodafone2013-11-08 08:19:26 8464 ----a-w- C:\Windows\SysWow64\SpOrder.dll2013-11-08 08:19:10 -------- d-----w- C:\Users\George\AppData\Local\{F27ACCDD-3291-41C8-B815-948CA954C05F}2013-11-08 08:17:47 -------- d-----w- C:\Program Files (x86)\Quest Software2013-11-08 08:16:42 -------- d-----w- C:\Windows\System32\log2013-11-08 08:16:21 -------- d-----w- C:\Program Files (x86)\Trend Micro2013-11-08 08:15:58 -------- d-----w- C:\Users\George\AppData\Local\Trend Micro2013-11-08 08:14:28 -------- d-----w- C:\Users\George\AppData\Local\Google2013-11-08 08:13:20 -------- d-----w- C:\Program Files\MEDITECH2013-11-08 08:13:15 -------- d-----w- C:\ProgramData\MEDITECH2013-11-08 08:13:14 -------- d-----w- C:\Program Files (x86)\MEDITECH2013-11-08 08:01:26 -------- d-----w- C:\Program Files\DellTPad2013-11-08 07:59:58 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation2013-11-08 07:59:26 884512 ----a-w- C:\Windows\System32\nvvsvc.exe2013-11-08 07:59:26 6382880 ----a-w- C:\Windows\System32\nvcpl.dll2013-11-08 07:59:26 63776 ----a-w- C:\Windows\System32\nvshext.dll2013-11-08 07:59:26 3460896 ----a-w- C:\Windows\System32\nvsvc64.dll2013-11-08 07:59:26 2558240 ----a-w- C:\Windows\System32\nvsvcr.dll2013-11-08 07:59:26 118560 ----a-w- C:\Windows\System32\nvmctray.dll2013-11-08 07:59:14 60776 ----a-w- C:\Windows\System32\OpenCL.dll2013-11-08 07:59:14 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll2013-11-08 07:59:14 -------- d-----w- C:\temp2013-11-08 07:59:09 -------- d-----w- C:\ProgramData\NVIDIA Corporation2013-11-08 07:58:54 31080 ----a-w- C:\Windows\System32\nvhdap64.dll2013-11-08 07:58:54 2824504 ----a-w- C:\Windows\System32\nvapi64.dll2013-11-08 07:58:54 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys2013-11-08 07:58:54 1814304 ----a-w- C:\Windows\System32\nvdispco64.dll2013-11-08 07:58:54 1510176 ----a-w- C:\Windows\System32\nvdispgenco64.dll2013-11-08 07:58:54 15052728 ----a-w- C:\Windows\System32\nvwgf2umx.dll2013-11-08 07:58:54 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll2013-11-08 07:58:44 -------- d-----w- C:\Program Files\NVIDIA Corporation2013-11-08 07:58:24 135720 ----a-w- C:\Windows\System32\drivers\bcbtums.sys2013-11-08 07:58:00 113048 ----a-w- C:\Windows\System32\Vxdif.dll2013-11-08 07:57:58 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys2013-11-08 07:57:54 47752 ----a-w- C:\Windows\System32\drivers\cvusbdrv.sys2013-11-08 07:57:46 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys2013-11-08 07:57:46 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys2013-11-08 07:57:46 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys2013-11-08 07:53:30 22128 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys2013-11-08 07:52:54 9728 ----a-w- C:\Windows\System32\Wdfres.dll2013-11-08 07:52:54 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys2013-11-08 07:52:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui2013-11-08 07:52:46 -------- d-----w- C:\Program Files\STMicroelectronics2013-11-08 07:52:44 89312 ----a-w- C:\Windows\System32\drivers\ST_Accel.sys2013-11-08 07:52:44 66640 ----a-w- C:\Windows\System32\stdcfltnco05.dll2013-11-08 07:52:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll2013-11-08 07:52:06 -------- d-----w- C:\Program Files (x86)\ST Microelectronics2013-11-08 07:48:07 -------- d-sh--w- C:\Windows\Installer2013-11-08 07:47:47 -------- d-----w- C:\Users\George\AppData\Local\Dell2013-11-08 07:47:04 544568 ----a-w- C:\Windows\System32\PROUnstl.exe2013-11-08 07:46:32 73032 ----a-w- C:\Windows\System32\e1cmsg.dll2013-11-08 07:46:32 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys2013-11-08 07:46:32 36472 ----a-w- C:\Windows\System32\NicCo36.dll2013-11-08 07:46:32 101224 ----a-w- C:\Windows\System32\NicInstC.dll2013-11-08 07:45:47 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll2013-11-08 07:45:34 -------- d-----w- C:\Intel2013-11-08 07:45:32 -------- d-----w- C:\Dell2013-11-08 06:30:07 -------- d-----w- C:\Users\George\AppData\Local\VirtualStore.==================== Find3M ====================.2013-11-12 19:43:59 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll2013-11-11 03:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe.============= FINISH: 13:24:48.20 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1Install Date: 2013/11/08 08:29:52 AMSystem Uptime: 2013/12/06 05:02:54 PM (20 hours ago).Motherboard: Dell Inc. | | 0H3MT5Processor: Intel® Core i5-3320M CPU @ 2.60GHz | SOCKET 0 | 2601/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 178.456 GiB free.D: is CDROM ()E: is Removable.==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP54: 2013/12/05 07:00:12 AM - Windows UpdateRP55: 2013/12/05 07:22:34 AM - Restore point (PeaZip Setup)RP56: 2013/12/05 06:06:43 PM - Windows UpdateRP57: 2013/12/05 10:27:32 PM - Windows UpdateRP58: 2013/12/06 07:00:16 AM - Windows UpdateRP59: 2013/12/06 10:20:46 AM - Windows UpdateRP60: 2013/12/06 03:56:40 PM - Windows UpdateRP61: 2013/12/07 08:30:30 AM - Windows UpdateRP62: 2013/12/07 09:42:55 AM - Restore point (C:\Users\George\Downloads\-1266489332TemplateDisk.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe Flash Player 10 ActiveXAdobe Reader X (10.1.8)BufferChmCCleanercGPSmapper Free 0100dDefaultTabDefinition Update for Microsoft Office 2010 (KB982726) 64-Bit EditionDell TouchpadDell Wireless HSPA Mini-Card DriversDestinationsDocProcDW WLAN Card UtilityEmsisoft Anti-MalwareGarmin BaseCampGarmin MapInstallGarmin MapSourceGarmin MapSource BetaGarmin USB DriversGoogle ChromeGoogle Update HelperGPBaseService2HP Imaging Device Functions 13.0HP Photosmart Essential 3.5HP Scanjet 2400HP Solution Center 13.0HP Updatehpg2410HPPhotosmartEssentialHPProductAssistantIntel® Network Connections DriversIrfanView (remove only)Malwarebytes Anti-Malware version 1.75.0.1300MEDITECH Workstation3.xMEDITECH Workstation4.xMicrosoft .NET Framework 4 Client ProfileMicrosoft Mouse and Keyboard CenterMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Notepad++NVIDIA 3D Vision Driver 311.00NVIDIA Control Panel 311.00NVIDIA Graphics Driver 311.00NVIDIA Guard Service 1.0NVIDIA HD Audio Driver 1.3.18.0NVIDIA Install ApplicationNVIDIA nView 136.53NVIDIA PhysXNVIDIA PhysX System Software 9.12.0613NVIDIA Stereoscopic 3D DriverOCR Software by I.R.I.S. 13.0Online Armor 6.0Password SafeQuest PuTTY 0.60_q1.129RapportScanSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553431) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553284) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 64-Bit EditionSecurity Update for Microsoft Office 2010 (KB2760781) 64-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2597981) 64-Bit EditionSolutionCenterSpeccyST Microelectronics 3 Axis Digital Accelerometer SolutionStriata ReaderT4A Maps Botswana T4A Maps Free State/Eastern Cape/KZNT4A Maps Gauteng and NorthT4A Maps Namibia T4A Maps Western /Northern Cape True Image 2013Trusteer Endpoint ProtectionUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589352) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2597091) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 64-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 64-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 64-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 64-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 64-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit EditionVodafone Mobile ConnectWebRegWindows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0).==== Event Viewer Messages From Past Week ========.2013/12/07 08:38:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition.2013/12/07 08:30:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the syncagentsrv service.2013/12/06 05:05:55 PM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).2013/12/06 02:55:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}2013/12/06 02:54:39 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.2013/12/06 02:54:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}2013/12/06 02:53:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}2013/12/06 02:53:32 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 212013/12/06 02:53:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}2013/12/06 02:53:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: a2injectiondriver discache OADevice oahlpXX RapportKE64 snapman spldr Wanarpv62013/12/05 07:52:15 AM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.2013/12/05 06:29:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.2013/12/05 06:24:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.2013/12/05 06:24:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.2013/12/05 06:23:45 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.2013/12/05 06:23:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [616] - Reader monitor 'Mobile Broadband SIM Card Reader 0' received uncaught error code: The device does not recognize the command.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [612] - Reader insertion monitor error retry threshold reached: The device does not recognize the command.2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL POWER: The device does not recognize the command. If this error persists, your smart card or reader may not be functioning correctly. Command Header: 00 00 00 002013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610] - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL GET_STATE: The device does not recognize the command. If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX2013/12/02 08:20:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect..==== End Of File ===========================
  14. DDS downloaded and run, Internet access, firewall and antivirus disabled during process. DDS and ATTACH text files attached. dds.txt attach.txt
  15. Hi Borislav, Tx for your reply. I have downloaded and installed theMalwareBytes and updated it and have run a Quick Scan. Note that the number of entries has increased by about 20 since my last scan. I have been having problems with Outlook 2010 Not responding and everything else freezing - only way out is hard reset I have NOT attempted to remove any of the infected files found by MBAM - do you want me to?? Log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.12.06.05 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16428George :: XXXXXXXX administrator] 2013/12/06 06:40:05 PMMBAM-log-2013-12-06 (18-43-43)_after New MBAM install.txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 203736Time elapsed: 2 minute(s), 29 second(s) Memory Processes Detected: 1C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (PUP.Optional.DefaultTab.A) -> 1028 -> No action taken. Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 26HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabSearch (PUP.Optional.DefaultTab) -> No action taken.HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> No action taken.HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> No action taken.HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> No action taken.HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> No action taken.HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> No action taken.HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> No action taken.HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> No action taken.HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> No action taken.HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> No action taken.HKCU\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.HKCU\Software\AppDataLow\Software\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken. Registry Values Detected: 2HKCU\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.3.3.0 -> No action taken.HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.3.3.0 -> No action taken. Registry Data Items Detected: 1HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.MySearchResults) -> Bad: (http://www.mysearchresults.com/?c=3523&t=01) Good: (http://www.google.com) -> No action taken. Folders Detected: 2C:\Program Files (x86)\DefaultTab (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab (PUP.Optional.DefaultTab.A) -> No action taken. Files Detected: 24C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (PUP.Optional.DefaultTab.A) -> No action taken.C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart.exe (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabStart64.exe (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap.dll (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabWrap64.dll (PUP.Optional.DefaultTab) -> No action taken.C:\Users\George\AppData\Local\Temp\DefaultTabSetup2.exe (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\Downloads\SoftonicDownloader_for_peazip.exe (PUP.Optional.Softonic.A) -> No action taken.C:\Program Files (x86)\DefaultTab\DefaultTab.crx (PUP.Optional.DefaultTab.A) -> No action taken.C:\Program Files (x86)\DefaultTab\uid (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\addon.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\amazon_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.cfg (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\defaulttabuninstaller.exe (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DT.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\ebay_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\facebook_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\searchhere.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\search_here_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\twitter_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\uninstalldt.exe (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\update.exe (PUP.Optional.DefaultTab.A) -> No action taken.C:\Users\George\AppData\Roaming\defaulttab\defaulttab\wikipedia_ie.ico (PUP.Optional.DefaultTab.A) -> No action taken. (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.