Jump to content

Search the Community

Showing results for tags 'random'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 12 results

  1. Topic about finding a Ransomware criminal who recieved the ransom from a house of God in Birminham, AL. There fact is that many dark web goons retreat wih their loot to brag about their crime. There are surely people who find it nasty and faul to attack a office of older women working for a religiouis congregation, and to make is gross even more the congregation has been using the money to feed people who are having hardships and are homeless because of a glocal visus pandemic. Sick. Comments welcome. Please keep language clean.
  2. Screen recording: 2019-09-07 10:02.mp4 Environment root@momh167-gjp4-8570p:~ # date ; uname -v Sat Sep 7 10:39:13 BST 2019 FreeBSD 13.0-CURRENT r351708 GENERIC-NODEBUG root@momh167-gjp4-8570p:~ # pkg query '%o %v %R' firefox www/firefox 69.0,1 FreeBSD root@momh167-gjp4-8570p:~ # Thoughts The effectiveness of extensions such as Malwarebytes Browser Guard might be limited – in Firefox and the like – by this Mozilla bug: 1378459 - (webextensions-startup) [meta] Allow some addon functionality to load prior to any content loading From https://bugzilla.mozilla.org/show_bug.cgi?id=1378459#c51:
  3. So recently I've been receiving huge rubber banding and lag spikes while playing games on my computer. i know that my PC is completely capable of running these games at 60 fps with no problem and my ping is perfectly fine so i know it cant be my WiFi a week after this problem i decided to factory reset my PC because I've been planning on doing so but the issue still persist. I've also noticed that when i open my task manager for a split second my CPU is running at 50+% then its hurries back down to its normal 5-10%. I've ran plenty of malware bytes scans even with the rootkits option on but it says my PC is completely safe I've also ran McAfee scans but it also says that my pc is safe. "I'm sorry if my grammar is off i'm too lazy to be formal in this situation" Any tips or help would be appreciated Thank you for your time Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 9/26/19 Scan Time: 9:31 PM Log File: a271ab76-e0df-11e9-a615-f4390931a01c.json -Software Information- Version: 3.8.3.2965 Components Version: 1.0.627 Update Package Version: 1.0.12663 License: Free -System Information- OS: Windows 10 (Build 18362.356) CPU: x64 File System: NTFS User: DESKTOP-R6TCKQL\ashir -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 280520 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 0 min, 56 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)
  4. A few of my computers seem to all bluescreen and restart all at the same time at different times throughout the day. I ran malwarebytes and it detected something (in the title). It quarantined and then I deleted the offending thing, however, it starts doing it again and then a malwarebytes scan picks it up again. Anyone have any insight on this?
  5. Hello, I downloaded something that I can't get rid of. I've ran several programs, deleted a few things detected, ran Malwarebytes (been a paying customer for years, it hasn't detected anything) , uninstalled and reinstalled Firefox then removed it. Installed Chrome (which I never had) and it's now doing it on there. I'll click on a link and a pop up new tab will come up. First it says Terraclick.com then it says lp.musicboxnewtab.com with an ad.. This originally started by a browser hi jack/redirect where every time I opened it, it opened into a non set homepage. I got rid of that, now I have this. I ran Farbar just now. This is what I have: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015Ran by Hypno (administrator) on HYPNORAYGUN (01-10-2015 14:16:03)Running from C:\Users\Hypno\DownloadsLoaded Profiles: Hypno (Available Profiles: Hypno)Platform: Windows 8.1 Connected (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe(Dell Inc.) C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe(Waves Audio Ltd.) C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe() C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkamon.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor)HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [519256 2014-02-16] (Waves Audio Ltd.)HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor)HKLM-x32\...\Run: [lxdkmon.exe] => C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkmon.exe [455336 2010-02-15] ()HKLM-x32\...\Run: [lxdkamon] => C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkamon.exe [25256 2010-02-15] ()HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [118272 2014-07-11] (LeapFrog Enterprises, Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-10-30] (Qualcomm®Atheros®)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) AutoConfigURL: [s-1-5-21-1188468758-1272634306-373300443-1001] => http://stopblock.me/wpad.dat?6a7e33d7632b2a86907a914d4cfeaf5c177020Tcpip\Parameters: [DhcpNameServer] 71.10.216.1 71.10.216.2Tcpip\..\Interfaces\{36968F8E-9445-4C71-925E-031F5072C6F6}: [DhcpNameServer] 71.10.216.1 71.10.216.2Tcpip\..\Interfaces\{4A1A0DDE-BD5F-421D-9A83-8F193CC8F565}: [DhcpNameServer] 71.10.216.1 71.10.216.2 Internet Explorer:==================HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-1188468758-1272634306-373300443-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.yahoo.com/HKU\S-1-5-21-1188468758-1272634306-373300443-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJBSearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1188468758-1272634306-373300443-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKU\S-1-5-21-1188468758-1272634306-373300443-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}SearchScopes: HKU\S-1-5-21-1188468758-1272634306-373300443-1001 -> {D82486F8-9441-4F09-A262-552F2F035E33} URL = FireFox:========FF ProfilePath: C:\Users\Hypno\AppData\Roaming\Mozilla\Firefox\Profiles\ob4zic6x.default-1443596698055FF DefaultSearchEngine.US: GoogleFF Homepage: hxxps://login.yahoo.com/?.src=ym&.intl=us&.lang=en-US&.done=https%3a//mail.yahoo.comFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-12-10] (Nero AG)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-01] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-01] (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN) Chrome: =======CHR HomePage: Default -> hxxp://www.yahoo.com/CHR StartupUrls: Default -> "hxxp://yahoo.com/","hxxp://facebook.com/","hxxp://twitter.com/"CHR Profile: C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Slides) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-01]CHR Extension: (Google Docs) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-01]CHR Extension: (Google Drive) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-01]CHR Extension: (YouTube) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]CHR Extension: (Google Search) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-01]CHR Extension: (Google Sheets) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-01]CHR Extension: (Google Docs Offline) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-01]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-01]CHR Extension: (Chrome Web Store Payments) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-01]CHR Extension: (Gmail) - C:\Users\Hypno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [317568 2013-10-30] (Windows ® Win 7 DDK provider) [File not signed]R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7241728 2014-07-11] (LeapFrog Enterprises, Inc.) [File not signed]R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)R2 My Dell Client Framework; C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.exe [168960 2014-01-10] (Dell Inc.) [File not signed]R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-12] (SoftThinks SAS)R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-17] (Qualcomm Atheros Communications, Inc.)R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-10-30] (Qualcomm Atheros)R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-10-01] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-01 14:16 - 2015-10-01 14:16 - 00016759 _____ C:\Users\Hypno\Downloads\FRST.txt2015-10-01 14:15 - 2015-10-01 14:16 - 00000000 ____D C:\FRST2015-10-01 14:15 - 2015-10-01 14:15 - 02192384 _____ (Farbar) C:\Users\Hypno\Downloads\FRST64 (1).exe2015-10-01 14:14 - 2015-10-01 14:14 - 02192384 _____ (Farbar) C:\Users\Hypno\Downloads\FRST64.exe2015-10-01 13:17 - 2015-10-01 13:17 - 00000262 _____ C:\Users\Hypno\Downloads\debug.log2015-10-01 10:44 - 2015-10-01 10:44 - 00002277 _____ C:\Users\Public\Desktop\Google Chrome.lnk2015-10-01 10:44 - 2015-10-01 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-10-01 10:43 - 2015-10-01 13:48 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-10-01 10:43 - 2015-10-01 10:48 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-10-01 10:43 - 2015-10-01 10:43 - 00003892 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2015-10-01 10:43 - 2015-10-01 10:43 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2015-10-01 10:42 - 2015-10-01 13:17 - 00000000 ____D C:\Users\Hypno\AppData\Local\Google2015-10-01 10:42 - 2015-10-01 10:42 - 00000000 ____D C:\Users\Hypno\AppData\Local\Deployment2015-09-30 20:16 - 2015-09-30 20:16 - 00000000 ___RD C:\Users\Hypno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices2015-09-30 09:45 - 2015-10-01 10:59 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\AVAST Software2015-09-29 18:52 - 2015-09-29 18:52 - 00001825 _____ C:\Users\Hypno\Desktop\AdwCleaner[C1].txt2015-09-29 18:45 - 2015-09-30 11:00 - 00000000 ____D C:\AdwCleaner2015-09-29 15:58 - 2015-09-29 15:58 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Hypno\Downloads\sc-cleaner.exe2015-09-24 13:45 - 2015-09-30 19:54 - 00002130 _____ C:\Windows\PFRO.log2015-09-24 13:45 - 2015-09-30 19:54 - 00000464 _____ C:\Windows\setupact.log2015-09-24 13:45 - 2015-09-24 13:45 - 00000000 _____ C:\Windows\setuperr.log2015-09-23 20:45 - 2015-09-23 22:06 - 00000646 _____ C:\Users\Hypno\Downloads\Seneca 1995.mp42015-09-23 16:48 - 2015-10-01 14:14 - 01283803 _____ C:\Windows\WindowsUpdate.log2015-09-23 15:48 - 2015-09-23 15:49 - 06666544 _____ (Piriform Ltd) C:\Users\Hypno\Downloads\ccsetup509pro.exe2015-09-23 15:45 - 2015-10-01 11:00 - 00000000 ____D C:\Program Files (x86)\Adobe2015-09-23 11:08 - 2015-09-23 11:08 - 00000000 ____D C:\ProgramData\Lavasoft2015-09-23 00:03 - 2015-09-30 02:05 - 00000000 ____D C:\Users\Hypno\Desktop\Old Firefox Data2015-09-21 22:49 - 2015-09-21 22:58 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\PTGui2015-09-21 22:34 - 2015-09-21 22:34 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\PTGui Pro2015-09-21 22:20 - 2015-09-21 22:20 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\SpringFiles2015-09-21 13:43 - 2015-09-21 13:43 - 18819272 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe2015-09-15 22:47 - 2015-09-15 22:59 - 14079676 _____ C:\Users\Hypno\Desktop\test.wav2015-09-15 15:18 - 2015-09-15 23:26 - 00000000 ____D C:\Users\Hypno\Documents\Mixpad Projects2015-09-15 14:53 - 2015-09-15 14:53 - 00053672 _____ C:\Users\Hypno\Desktop\newguitar.sfk2015-09-15 14:38 - 2015-09-15 14:50 - 00053672 _____ C:\Users\Hypno\Desktop\EX000_2.sfk2015-09-15 14:38 - 2015-09-15 14:38 - 00055064 _____ C:\Users\Hypno\Desktop\EX000_4.sfk2015-09-08 21:33 - 2015-08-26 21:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe2015-09-08 21:33 - 2015-08-26 13:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll2015-09-08 21:33 - 2015-08-26 13:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll2015-09-08 21:33 - 2015-08-26 13:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll2015-09-08 21:33 - 2015-08-26 13:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe2015-09-08 21:33 - 2015-08-26 09:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll2015-09-08 21:33 - 2015-08-26 09:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll2015-09-08 21:33 - 2015-08-26 09:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll2015-09-08 21:33 - 2015-08-26 09:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll2015-09-08 21:33 - 2015-08-26 09:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll2015-09-08 21:33 - 2015-08-26 09:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll2015-09-08 21:33 - 2015-08-26 09:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe2015-09-08 21:32 - 2015-08-22 13:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2015-09-08 21:32 - 2015-08-22 12:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2015-09-08 21:32 - 2015-08-22 12:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2015-09-08 21:32 - 2015-08-22 12:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2015-09-08 21:32 - 2015-08-22 12:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2015-09-08 21:32 - 2015-08-22 12:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2015-09-08 21:32 - 2015-08-22 11:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2015-09-08 21:32 - 2015-08-22 11:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2015-09-08 21:32 - 2015-08-22 11:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll2015-09-08 21:32 - 2015-08-22 11:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll2015-09-08 21:32 - 2015-08-22 11:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2015-09-08 21:32 - 2015-08-22 11:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2015-09-08 21:32 - 2015-08-22 11:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2015-09-08 21:32 - 2015-08-22 11:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2015-09-08 21:32 - 2015-08-22 11:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2015-09-08 21:32 - 2015-08-22 11:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2015-09-08 21:32 - 2015-08-22 11:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2015-09-08 21:32 - 2015-08-22 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2015-09-08 21:32 - 2015-08-22 11:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll2015-09-08 21:32 - 2015-08-22 11:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2015-09-08 21:32 - 2015-08-22 11:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll2015-09-08 21:32 - 2015-08-22 11:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2015-09-08 21:32 - 2015-08-22 11:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2015-09-08 21:32 - 2015-08-22 11:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll2015-09-08 21:32 - 2015-08-22 11:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2015-09-08 21:32 - 2015-08-22 11:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2015-09-08 21:32 - 2015-08-22 11:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2015-09-08 21:32 - 2015-08-22 10:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2015-09-08 21:32 - 2015-08-22 10:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2015-09-08 21:32 - 2015-07-30 12:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll2015-09-08 21:32 - 2015-07-30 11:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll2015-09-08 21:30 - 2015-09-01 21:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2015-09-08 21:30 - 2015-09-01 21:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll2015-09-08 21:30 - 2015-09-01 21:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll2015-09-08 21:30 - 2015-09-01 21:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll2015-09-08 21:30 - 2015-09-01 21:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll2015-09-08 21:30 - 2015-08-03 16:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll2015-09-08 21:30 - 2015-08-03 16:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll2015-09-08 21:30 - 2015-08-01 09:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll2015-09-08 21:30 - 2015-07-31 22:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe2015-09-08 21:30 - 2015-07-31 22:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe2015-09-08 21:30 - 2015-07-31 22:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll2015-09-08 21:30 - 2015-07-31 22:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe2015-09-08 21:30 - 2015-07-31 22:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe2015-09-08 21:30 - 2015-07-22 09:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll2015-09-08 21:30 - 2015-07-22 09:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll2015-09-08 21:30 - 2015-07-22 09:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll2015-09-08 21:30 - 2015-07-22 09:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll2015-09-08 21:30 - 2015-07-18 13:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll2015-09-08 21:30 - 2015-07-18 13:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll2015-09-08 21:30 - 2015-07-18 13:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll2015-09-08 21:30 - 2015-07-18 13:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll2015-09-08 21:30 - 2015-07-13 22:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tzsync.exe2015-09-06 23:40 - 2015-09-06 23:40 - 00000000 ____D C:\Users\Hypno\Desktop\scanned pics ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-10-01 14:14 - 2015-01-28 02:00 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-10-01 11:03 - 2014-11-30 00:14 - 01752064 ___SH C:\Users\Hypno\Downloads\Thumbs.db2015-10-01 11:03 - 2014-11-25 20:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1188468758-1272634306-373300443-10012015-10-01 11:01 - 2015-01-02 01:22 - 00000000 ____D C:\Program Files (x86)\NCH Software2015-10-01 10:44 - 2015-02-11 23:49 - 00000000 ____D C:\Program Files (x86)\Google2015-10-01 10:42 - 2015-01-06 00:13 - 00000000 ____D C:\Users\Hypno\AppData\Local\Apps\2.02015-09-30 20:21 - 2014-09-21 02:14 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery2015-09-30 20:15 - 2014-11-28 13:59 - 00367104 ___SH C:\Users\Hypno\Desktop\Thumbs.db2015-09-30 20:15 - 2014-11-25 20:56 - 00000000 ____D C:\Users\Hypno\OneDrive2015-09-30 19:54 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\FileManager2015-09-30 19:54 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-09-30 19:53 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI2015-09-30 19:00 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\sru2015-09-30 15:12 - 2014-09-21 02:09 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell2015-09-30 14:18 - 2014-03-18 04:53 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI2015-09-30 10:55 - 2014-12-20 11:28 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\BitTorrent2015-09-29 16:19 - 2014-12-02 14:49 - 00020519 _____ C:\Windows\system32\lvcoinst.log2015-09-23 16:03 - 2015-01-03 07:36 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\MPC-HC2015-09-23 16:02 - 2014-11-28 22:59 - 00000000 ____D C:\Users\Hypno\AppData\Local\CrashDumps2015-09-23 16:02 - 2014-09-21 02:01 - 00000000 ____D C:\Windows\Panther2015-09-23 15:48 - 2014-11-28 13:52 - 00000000 ____D C:\Users\Hypno\AppData\Local\Adobe2015-09-23 15:44 - 2014-12-30 02:11 - 00000000 ____D C:\ProgramData\Adobe2015-09-22 23:47 - 2014-11-25 20:49 - 00001444 _____ C:\Users\Hypno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2015-09-22 15:19 - 2015-01-02 01:22 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software2015-09-21 14:01 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp2015-09-15 22:46 - 2015-01-02 01:22 - 00000000 ____D C:\Users\Hypno\AppData\Roaming\NCH Software2015-09-15 15:18 - 2015-01-02 01:22 - 00000000 ____D C:\ProgramData\NCH Software2015-09-14 20:18 - 2015-04-17 11:04 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe2015-09-14 20:18 - 2015-04-17 11:04 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl2015-09-12 22:16 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports2015-09-12 15:29 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache2015-09-09 19:17 - 2013-08-22 09:44 - 00359856 _____ C:\Windows\system32\FNTCACHE.DAT2015-09-08 23:56 - 2014-03-18 04:38 - 00000000 ____D C:\Program Files\Windows Journal2015-09-08 23:56 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\PolicyDefinitions2015-09-08 21:59 - 2014-12-01 01:03 - 00000000 ____D C:\ProgramData\Microsoft Help2015-09-08 21:52 - 2014-11-30 15:19 - 00000000 ____D C:\Windows\system32\MRT2015-09-07 01:30 - 2014-11-25 20:48 - 00000000 ____D C:\Users\Hypno ==================== Files in the root of some directories ======= 2014-09-21 02:04 - 2014-09-21 02:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl2014-09-21 02:03 - 2014-09-21 02:03 - 0000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log2014-09-21 01:59 - 2014-09-21 02:00 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log2014-09-21 02:00 - 2014-09-21 02:02 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log2014-09-21 02:02 - 2014-09-21 02:03 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log2014-09-21 01:58 - 2014-09-21 01:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log Some files in TEMP:====================C:\Users\Hypno\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-29 16:19 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015Ran by Hypno (2015-10-01 14:17:36)Running from C:\Users\Hypno\DownloadsWindows 8.1 Connected (X64) (2014-11-26 01:48:48)Boot Mode: Normal========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1188468758-1272634306-373300443-500 - Administrator - Disabled)Guest (S-1-5-21-1188468758-1272634306-373300443-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-1188468758-1272634306-373300443-1003 - Limited - Enabled)Hypno (S-1-5-21-1188468758-1272634306-373300443-1001 - Administrator - Enabled) => C:\Users\Hypnosydel_000 (S-1-5-21-1188468758-1272634306-373300443-1004 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) HiddenDell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)Dropbox (HKU\S-1-5-21-1188468758-1272634306-373300443-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) HiddenIntel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)K-Lite Codec Pack 10.9.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 6.0.19.19317 - LeapFrog)LeapFrog Connect (x32 Version: 6.0.19.19317 - LeapFrog) HiddenLeapFrog LeapPad Explorer Plugin (x32 Version: 6.0.19.19317 - LeapFrog) HiddenMalwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)My Dell Client Framework (HKLM-x32\...\InstallShield_{05F1B866-2372-4E82-9AA8-C64FB11CEF8B}) (Version: 1.0.0.3 - Dell)My Dell Client Framework (x32 Version: 1.0.0.3 - Dell) HiddenNero 2014 (HKLM-x32\...\{0128492C-AB60-43BE-9D9A-8CA622CAF06E}) (Version: 15.0.07700 - Nero AG)Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)PeaZip 5.5.2 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) HiddenPrism Video File Converter (HKLM-x32\...\Prism) (Version: 2.25 - NCH Software)Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30174 - Realtek Semiconductor Corp.)Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)Sonic Foundry Sound Forge 5.0 (HKLM-x32\...\{F3D6581A-FEA1-11D4-8170-00C04F612EA4}) (Version: 5.0.0.117 - Sonic Foundry)Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog)Visualizer for SketchUp (HKLM\...\{3758A735-50FD-4033-B3F5-77F30ED63F87}) (Version: 1.3.13.0 - Imagination)VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.02 - NCH Software)Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-1188468758-1272634306-373300443-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hypno\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 18-09-2015 21:03:51 Scheduled Checkpoint23-09-2015 11:08:27 AA1130-09-2015 15:08:29 AA11 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0E62425E-B9BE-42CC-8005-CA0C8EF8775A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exeTask: {10EE6506-8997-4F4E-A67A-37CD9C08DBF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-01] (Google Inc.)Task: {144F19A1-EA57-4434-81BA-6E171E23EDED} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)Task: {15D482E8-322C-4BAF-B433-A1ED3ACEC0DF} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)Task: {29F7DA91-8C96-4AD7-9300-DCBF16C47DC7} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)Task: {4596C201-2628-4889-B91B-D0BD8A2B7ACB} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)Task: {AE84B036-97E8-4103-8630-2AFA375077D1} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()Task: {B92C98E1-8C51-47F3-9694-4753FAD43955} - System32\Tasks\PocketCloudUpdater => C:\ProgramTask: {C2999CD8-B496-4022-935F-0E3E8B0848C8} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()Task: {D7CEC631-295E-4D58-A790-E34A6FBA9D25} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)Task: {D8346D27-6119-4C6C-A3CB-8ED9596512A2} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-04] (CyberLink)Task: {DC186D02-EC65-489D-AA6A-4CE6E2ABCF95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-01] (Google Inc.)Task: {DD6781DB-F70A-49F9-ADE5-36411CF35E2C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)Task: {F3CBD649-00E7-4839-9B70-42C9EBAAECBE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)Task: {F8A8E634-C2A1-49B4-BFA9-971F236BFA17} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-08-22 13:40 - 2013-08-22 13:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe2013-08-22 13:40 - 2013-08-22 13:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll2013-08-22 13:40 - 2013-08-22 13:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll2014-01-10 16:53 - 2014-01-10 16:53 - 00016384 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Interfaces.dll2014-01-10 16:53 - 2014-01-10 16:53 - 00081408 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Objects.dll2014-01-10 16:53 - 2014-01-10 16:53 - 00815616 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.ClientFramework.Resources.dll2014-01-10 17:24 - 2014-01-10 17:24 - 00052736 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Plugins.SelfUpdate.dll2014-01-10 17:24 - 2014-01-10 17:24 - 00019968 _____ () C:\Program Files (x86)\Dell\My Dell Client Framework\Dell.Client.Pulse.Agent.Common.dll2013-10-30 01:11 - 2013-10-30 01:11 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll2013-10-30 01:07 - 2013-10-30 01:07 - 00086016 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll2013-10-30 01:15 - 2013-10-30 01:15 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe2014-12-24 14:26 - 2010-02-15 13:26 - 00025256 _____ () C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkamon.exe2015-06-25 13:52 - 2015-05-19 20:26 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll2015-06-25 13:52 - 2015-05-19 20:26 - 00553720 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll2015-03-16 11:28 - 2015-03-16 11:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll2014-12-24 14:26 - 2010-02-09 08:41 - 00028672 _____ () C:\Program Files (x86) (x86)\Lexmark 5300 Series\App4R.Monitor.Common.dll2014-12-24 14:26 - 2010-02-09 08:41 - 00036864 _____ () C:\Program Files (x86) (x86)\Lexmark 5300 Series\App4R.Monitor.Core.dll2014-12-24 14:26 - 2010-02-09 08:40 - 00057344 _____ () C:\Program Files (x86) (x86)\Lexmark 5300 Series\app4r.devmons.mcmdevmon.dll2014-12-24 14:26 - 2008-06-06 07:45 - 00011776 _____ () C:\Program Files (x86) (x86)\Lexmark 5300 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll2014-02-01 13:30 - 2014-02-01 13:30 - 00861184 _____ () C:\Program Files (x86)\LeapFrog\LeapFrog Connect\platforms\qwindows.dll2014-09-21 01:59 - 2013-03-04 22:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll2013-03-05 13:41 - 2013-03-05 13:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll2015-02-26 11:07 - 2015-02-09 10:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll2014-09-21 02:15 - 2012-11-26 01:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll2015-02-26 11:07 - 2014-02-18 13:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll2015-10-01 10:44 - 2015-09-23 21:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll2015-10-01 10:44 - 2015-09-23 21:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll2015-10-01 10:44 - 2015-09-23 21:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfmAlternateDataStreams: C:\Users\Hypno\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1188468758-1272634306-373300443-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hypno\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpgDNS Servers: 71.10.216.1 - 71.10.216.2HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "AdAwareTray" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{383E65B5-108A-458B-8E11-809EE0183915}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exeFirewallRules: [{1357C1E0-7FD2-49F2-B39B-B256F27CB5C7}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\AetherWindowsService.exeFirewallRules: [{59ADB38E-8A52-4249-952D-4F04962D3C12}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exeFirewallRules: [{5DFCAFB9-BB3F-4BBB-B636-C9986FA1D940}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{259B95C8-2A7A-42C1-A97C-8EC75A84C379}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exeFirewallRules: [{679E6E4A-EECC-471B-80E1-49F83AF09666}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{6F44041F-DBD4-44DF-AA62-E5552C33A1FF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{FCFB9474-DD07-4F0A-94CE-54369B8723B3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{89ED3E5C-7937-4417-9684-631BEB559A8F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exeFirewallRules: [{C8EB96E7-41CD-46E6-AC55-F9551754F357}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exeFirewallRules: [{6683267F-3D59-4181-A6D2-0811535700BE}] => (Allow) C:\Windows\SysWOW64\lxdkcoms.exeFirewallRules: [{B421CB7C-9258-4316-9495-76642D720C5A}] => (Allow) C:\Windows\SysWOW64\lxdkcoms.exeFirewallRules: [{38A75B82-EFC5-4673-BEE4-7CA7F6B1DF00}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkamon.exeFirewallRules: [{7CD468EA-53CE-4D7C-BED9-C8BC6C333AFF}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkamon.exeFirewallRules: [{38AEFA95-0615-43EB-A4F3-E0E4BA332047}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\frun.exeFirewallRules: [{7528B128-953D-4620-9B07-0A8BFEC86CC1}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\frun.exeFirewallRules: [{D1C18F20-F63F-44ED-B7A8-5864BC6FCD5A}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkmon.exeFirewallRules: [{3B192F3D-C4B3-4967-B688-6678C9F2FDE7}] => (Allow) C:\Program Files (x86) (x86)\Lexmark 5300 Series\lxdkmon.exeFirewallRules: [{36813081-8EDA-4EEA-B207-27D6B04186E3}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exeFirewallRules: [{5A7CF105-0277-4C0A-905F-5C599EA2FC7F}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exeFirewallRules: [{16B5E429-C15E-472B-9BC9-FE89722ED227}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exeFirewallRules: [{D2C08777-2A95-4F43-B96E-8AF6EBB7543C}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exeFirewallRules: [{80EF4F7C-6AF2-490F-9F61-2DDA1ED59615}] => (Allow) C:\Users\Hypno\AppData\Local\Temp\nssB7D2.tmp\CnetInstaller-10735947.exeFirewallRules: [{ABDD6C01-93A2-430D-813F-C982BB85BF9A}] => (Allow) C:\Users\Hypno\AppData\Local\Temp\nssB7D2.tmp\CnetInstaller-10735947.exeFirewallRules: [{7CE86586-756A-42B9-AE89-5196B48EE9CC}] => (Allow) C:\Users\Hypno\AppData\Local\Temp\nse2E4A.tmp\CnetInstaller-10735947.exeFirewallRules: [{2F32C58D-E333-4356-ABAC-6AF76062DF80}] => (Allow) C:\Users\Hypno\AppData\Local\Temp\nse2E4A.tmp\CnetInstaller-10735947.exeFirewallRules: [{BED5D576-2BB4-4177-933D-7E72BE5E0282}] => (Allow) C:\Users\Hypno\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{C31C22FB-99F4-401F-8DA8-8BB7B830CA35}] => (Allow) C:\Users\Hypno\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{FB3DE7B6-AC1C-4A61-9090-01CD20B1B9E2}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exeFirewallRules: [{E15A7092-62A3-4B20-89DB-76112E66D679}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exeFirewallRules: [{6E726B8D-1DBC-4E70-AE84-3FDEA445DC49}] => (Allow) C:\Program Files (x86)\SpringFiles\SpringFiles.exeFirewallRules: [{9C824CA5-DFA9-425D-87F6-4D4A28807D35}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exeFirewallRules: [{0E0D26A8-2742-4785-ADF0-86B872985C28}] => (Allow) C:\Program Files (x86)\SpringFiles\downloader.exeFirewallRules: [{4F0C4838-03AC-4B02-9618-4E6716284820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Dell Wireless 1705 802.11b/g/n (2.4GHZ)Description: Dell Wireless 1705 802.11b/g/n (2.4GHZ)Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: Atheros Communications Inc.Service: athrProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (09/30/2015 07:55:11 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (09/30/2015 03:12:35 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: HYPNORAYGUN)Description: Application or service 'Dell Update Service' could not be restarted. Error: (09/29/2015 06:52:03 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (09/29/2015 02:15:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )Description: The Desktop Window Manager has encountered a fatal error (0x8898008d) Error: (09/23/2015 02:11:42 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (09/22/2015 03:46:47 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program MixPad.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1efc Start Time: 01d0f573f5a71f58 Termination Time: 569 Application Path: C:\Program Files (x86)\NCH Software\MixPad\MixPad.exe Report Id: ff039ad2-616a-11e5-8277-38b1db634512 Faulting package full name: Faulting package-relative application ID: Error: (09/18/2015 08:22:46 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 510 Start Time: 01d0f278f33cc1f5 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: e8f6c413-5e6c-11e5-8277-38b1db634512 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/12/2015 10:11:49 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: The program LiveComm.exe version 17.5.9600.20689 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a7c Start Time: 01d0edd136c540de Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: 2a92dbe7-59c5-11e5-8277-38b1db634512 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (09/09/2015 07:18:29 PM) (Source: Perflib) (EventID: 1008) (User: )Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (09/07/2015 03:02:51 PM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: mbam.exe, version: 2.3.55.0, time stamp: 0x557a2a02Faulting module name: ntdll.dll, version: 6.3.9600.17936, time stamp: 0x55a68dd1Exception code: 0xc0000374Fault offset: 0x000e5904Faulting process id: 0xce0Faulting application start time: 0xmbam.exe0Faulting application path: mbam.exe1Faulting module path: mbam.exe2Report Id: mbam.exe3Faulting package full name: mbam.exe4Faulting package-relative application ID: mbam.exe5 System errors:=============Error: (09/30/2015 08:20:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 80. Error: (09/30/2015 08:20:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 80. Error: (09/30/2015 08:15:49 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:40 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:40 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:39 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:39 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:39 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:38 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (09/30/2015 08:15:38 PM) (Source: DCOM) (EventID: 10016) (User: HYPNORAYGUN)Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}HypnoRaygunHypnoS-1-5-21-1188468758-1272634306-373300443-1001LocalHost (Using LRPC)UnavailableUnavailable CodeIntegrity:=================================== Date: 2015-09-30 19:49:34.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:34.549 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:34.111 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:17.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:17.107 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:16.685 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:15.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:15.514 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:15.060 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-09-30 19:49:13.826 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Celeron® CPU J1800 @ 2.41GHzPercentage of memory in use: 51%Total physical RAM: 3987.2 MBAvailable physical RAM: 1915.6 MBTotal Virtual: 5459.2 MBAvailable Virtual: 2469.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:456.3 GB) (Free:411.51 GB) NTFSDrive d: (Elements) (Fixed) (Total:1863.01 GB) (Free:921.68 GB) NTFSDrive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32Drive w: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.42 GB) NTFSDrive x: (PBR Image) (Fixed) (Total:8.08 GB) (Free:0.7 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 465.8 GB) (Disk ID: 240AD42F) Partition: GPT. ========================================================Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 000F408A)Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  6. Hello everyone! I'm currently using Malwarebytes free version, but sometimes, the program open by itself and updates automatically. Is that normal? Sometimes it's annoying, when I'm running a program in fullscreen. Thank you for the help.
  7. Hello, I just joined this forum and I hope I am posting this in the right forum, please forgive me if it's not. For a while now I've been hearing random ads play in the background especially when youtube is open and whenever I click on a site it keeps popping up random links. It's really annoying. I don't know if I have a malware or spyware or adware e.t.c but here is my log. Please help me from this nightmare, thank you. dds.txt
  8. Hello- I have two issues which I have had for a very long time and have exhausted every avenue I can think of to resolve. 1. My computer makes random camera shutter sounds. It begins at start-up, even before any programs are running, when idling (I also have a regular high rate of System Idle Process usage), when programs are opening, etc. I can't identify any pattern or consistent conditions to make it start, stop, more frequent, or less frequent. 2. Missing keystrokes wen using Internet Explorer. I have had the problem since version 8, and have progressed to version 10 with the same problem. I have run Malwarebytes as deep scan, quick scan, as well as boot scan. Does not happen with resident non-web based programs OR Firefox or Chrome. I have udated the NVIDIA sound driver,and run scans with Spybot, Adaware, Registry Mechanic, and Avast. DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16438 BrowserJavaVersion: 1.6.0_37 Run by Roger at 21:12:49 on 2013-02-25 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3583.1584 [GMT -7:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Roxio\BackOnTrack\App\SaibSVC.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Flip Video\FlipShare\FlipShareService.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\NetRatingsNetSight\NetSight\NielsenUpdate.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Fighters\sfus.exe C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe C:\Program Files\Fighters\FighterSuiteService.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe C:\Program Files\AirPort\APAgent.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\Real\realplayer\Update\realsched.exe C:\Program Files\NetRatingsNetSight\NetSight\NielsenOnline.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\taskmgr.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\System32\MsSpellCheckingFacility.exe C:\Windows\system32\conhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k HPService C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k WerSvcGroup . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.foxnews.com/ uProxyOverride = setup.msn.com;memberservices.msn.com;*.local uURLSearchHooks: <No Name>: - LocalServer32 - <no file> BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned> BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Easy-WebPrint: {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - c:\program files\canon\easy-webprint\Toolband.dll TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [AdobeBridge] <no file> uRunOnce: [shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~1.EXE -Update -1100429 -Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/6.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; Media Center PC 5.0; SLCC1; Windows-Media-Player/10.00.00.3990; Tablet PC 2.0; Zune 4.7; .NET4.0C; .NET4.0E; msn OptimizedIE8;ENUS) mRun: [NielsenOnline] c:\program files\netratingsnetsight\netsight\NielsenOnline.exe mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [AirPort Base Station Agent] "c:\program files\airport\APAgent.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Open with WordPerfect - c:\program files\corel\wordperfect office x5\programs\WPLauncher.hta IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 10.0.1.1 TCP: Interfaces\{846DF968-5076-4716-B83E-88DF983D52CD} : NameServer = 198.224.164.135,198.224.160.135 TCP: Interfaces\{846DF968-5076-4716-B83E-88DF983D52CD} : DHCPNameServer = 198.224.164.135 198.224.160.135 TCP: Interfaces\{DC001C61-6F34-4FDC-B466-806568DFDB81} : DHCPNameServer = 10.0.1.1 SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\25.0.1364.97\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:\users\roger\appdata\roaming\mozilla\firefox\profiles\s5iociso.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z179&install_date=20111124 FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=122412&q= FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbiblionet.dll FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll FF - plugin: c:\users\roger\appdata\roaming\mozilla\firefox\profiles\s5iociso.default\extensions\{195a3098-0bd5-4e90-ae22-ba1c540afd1e}\plugins\npGarmin.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_149.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll FF - plugin: c:\windows\system32\npwmsdrm.dll FF - ExtSQL: !HIDDEN! 2011-04-02 01:46; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3 FF - ExtSQL: !HIDDEN! 2011-04-02 01:46; {3112ca9c-de6d-4884-a869-9855de68056c}; c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} FF - ExtSQL: !HIDDEN! 2011-04-02 01:50; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension . ============= SERVICES / DRIVERS =============== . R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2012-12-10 13560] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-1-22 64288] R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [2010-12-16 21488] R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [2010-12-16 15856] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-2-23 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-2-23 361032] R1 nnfwdk;Nielsen WFP Driver;c:\program files\netratingsnetsight\netsight\meter5\nnfwdk.sys [2012-12-17 22568] R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [2010-12-16 25584] R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\roxio\backontrack\app\SaibSVC.exe [2009-6-2 457200] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-2-23 21256] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-2-23 58680] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-2-23 44808] R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-13 20992] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-12-3 1737728] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-2-19 398184] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-19 682344] R2 NielsenUpdate;Nielsen Update;c:\program files\netratingsnetsight\netsight\NielsenUpdate.exe [2011-1-27 2833448] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2011-2-14 793048] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-12-3 15232] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-19 21104] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-2-25 40776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate1c9b8cbe669e020;Google Update Service (gupdate1c9b8cbe669e020);c:\program files\google\update\GoogleUpdate.exe [2009-4-8 133104] S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\13.0\sharedcom\RoxWatch13.exe [2010-7-16 354288] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-5-10 18432] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-11-25 14848] S3 RoxMediaDB13;RoxMediaDB13;c:\program files\common files\roxio shared\13.0\sharedcom\RoxMediaDB13.exe [2010-7-16 1099248] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-25 49664] S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S4 BOT4Service;BOT4Service;c:\program files\roxio\backontrack\app\BService.exe [2010-8-30 39408] S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608] S4 SAiAdmin;SAiAdmin;c:\windows\system32\SAiAdmin.exe [2010-11-19 65536] S4 SAiDownloaderVista;SAiDownloaderVista;c:\windows\system32\SAiDownloaderVista.exe [2010-11-19 77824] S4 SAiLicSvr;SAiLicSvr;c:\windows\system32\SAiLicSvr.exe [2010-11-19 86016] S4 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2010-6-14 1153368] S4 Scan2PC;Scan2PC;c:\program files\scan2pc\Sc2PCSvc.exe [2012-12-16 69632] . =============== File Associations =============== . ShellExec: LightningViewer.exe: View="c:\program files\corel\wordperfect lightning\programs\LightningNavigator.exe" "-ViewDocument" "%1" ShellExec: MediaConverter.exe: open="c:\program files\sandisk\sansa media converter\uMediaConverter.exe" "%1" . =============== Created Last 30 ================ . 2013-02-26 03:59:49 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2013-02-25 08:19:51 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b11d744b-60e5-4c5c-a57e-7a77f4b2a9e7}\offreg.dll 2013-02-25 07:34:58 6267240 ----a-w- c:\windows\system32\nvopencl.dll 2013-02-25 07:34:58 20534560 ----a-w- c:\windows\system32\nvoglv32.dll 2013-02-25 07:34:57 8944416 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2013-02-25 07:34:55 892704 ----a-w- c:\windows\system32\nvdispgenco3220162.dll 2013-02-25 07:34:54 1012512 ----a-w- c:\windows\system32\nvdispco3220294.dll 2013-02-25 07:34:52 7964680 ----a-w- c:\windows\system32\nvcuda.dll 2013-02-25 07:34:52 2726176 ----a-w- c:\windows\system32\nvcuvid.dll 2013-02-25 07:34:52 1990944 ----a-w- c:\windows\system32\nvcuvenc.dll 2013-02-25 07:34:51 17560352 ----a-w- c:\windows\system32\nvcompiler.dll 2013-02-25 07:29:48 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll 2013-02-23 21:46:59 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2013-02-23 21:46:56 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2013-02-23 21:46:52 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2013-02-23 21:46:21 41224 ----a-w- c:\windows\avastSS.scr 2013-02-23 21:46:04 -------- d-----w- c:\programdata\AVAST Software 2013-02-23 21:46:04 -------- d-----w- c:\program files\AVAST Software 2013-02-22 18:22:09 6954968 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b11d744b-60e5-4c5c-a57e-7a77f4b2a9e7}\mpengine.dll 2013-02-20 05:17:05 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-02-20 05:17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-02-20 05:16:44 -------- d-----w- c:\users\roger\appdata\local\Programs 2013-02-18 07:43:13 -------- d-----w- c:\program files\DirecTV 2013-02-15 22:31:23 186432 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll 2013-02-13 10:15:23 817664 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll 2013-02-13 10:08:08 235008 ----a-w- c:\program files\internet explorer\sqmapi.dll 2013-02-13 10:08:06 2706432 ----a-w- c:\windows\system32\mshtml.tlb 2013-02-13 04:13:55 2347008 ----a-w- c:\windows\system32\win32k.sys 2013-02-13 04:13:48 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-02-13 04:13:48 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-02-13 04:13:47 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2013-02-13 04:13:47 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-02-13 04:13:46 169984 ----a-w- c:\windows\system32\winsrv.dll 2013-02-10 01:43:52 555808 ----a-w- c:\windows\system32\nvStreaming.exe 2013-02-05 04:55:03 -------- d-----w- c:\users\roger\appdata\local\WinZip 2013-01-31 16:36:28 -------- d-----w- c:\users\roger\appdata\local\Power2Go 2013-01-31 06:19:21 -------- d-----w- c:\program files\lg_fwupdate 2013-01-31 06:08:26 -------- d-----w- c:\users\roger\appdata\local\Cyberlink . ==================== Find3M ==================== . 2013-02-23 05:25:18 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-02-23 05:25:18 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-02-23 00:06:04 952 --sha-w- c:\programdata\KGyGaAvL.sys 2013-02-10 03:20:39 2528840 ----a-w- c:\windows\system32\nvapi.dll 2013-02-10 03:20:39 15038296 ----a-w- c:\windows\system32\nvd3dum.dll 2013-02-10 03:20:39 12862400 ----a-w- c:\windows\system32\nvwgf2um.dll 2013-02-10 00:35:07 4115232 ----a-w- c:\windows\system32\nvcpl.dll 2013-02-10 00:35:07 3010336 ----a-w- c:\windows\system32\nvsvc.dll 2013-02-10 00:35:03 634144 ----a-w- c:\windows\system32\nvvsvc.exe 2013-02-10 00:35:02 62752 ----a-w- c:\windows\system32\nvshext.dll 2013-02-10 00:35:02 223008 ----a-w- c:\windows\system32\nvmctray.dll 2013-01-19 18:17:57 44424 ----a-w- c:\windows\system32\sbbd.exe 2013-01-19 18:17:57 13560 ----a-w- c:\windows\system32\drivers\gfibto.sys 2013-01-17 08:28:58 232336 ------w- c:\windows\system32\MpSigStub.exe 2013-01-09 05:35:08 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll 2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll 2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll 2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll 2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe 2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll . ============= FINISH: 21:19:29.29 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 1/6/2010 8:39:11 AM System Uptime: 2/25/2013 1:03:35 AM (20 hours ago) . Motherboard: ASUSTek Computer INC. | | NARRA2 Processor: AMD Athlon 64 X2 Dual Core Processor 4000+ | Socket AM2 | 2100/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 34.646 GiB free. D: is FIXED (NTFS) - 9 GiB total, 0.901 GiB free. E: is CDROM () G: is Removable H: is Removable I: is Removable J: is FIXED (NTFS) - 1397 GiB total, 1023.957 GiB free. K: is Removable L: is Removable Z: is NetworkDisk (FAT32) - 931 GiB total, 721.338 GiB free. . ==== Disabled Device Manager Items ============= . Class GUID: Description: Photosmart C4700 series Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Photosmart C4700 series PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . ==== System Restore Points =================== . RP785: 1/17/2013 6:25:31 PM - Removed LiveUpdate Notice (Symantec Corporation) RP786: 1/18/2013 1:21:14 PM - Windows Update RP787: 1/19/2013 6:11:40 PM - Removed Symantec AntiVirus. RP788: 1/22/2013 5:03:10 PM - Windows Update RP789: 1/29/2013 9:31:55 AM - Windows Update RP790: 1/30/2013 4:41:55 PM - Installed WinZip 17.0 RP792: 1/30/2013 10:59:09 PM - Installed Suite RP793: 1/31/2013 2:18:03 PM - Windows Update RP794: 2/4/2013 9:07:40 PM - Removed WinZip 17.0 RP795: 2/4/2013 9:16:40 PM - Installed WinZip 17.0 RP796: 2/5/2013 12:35:04 PM - Windows Update RP797: 2/8/2013 4:30:12 PM - Windows Update RP798: 2/12/2013 9:00:22 PM - Windows Update RP799: 2/13/2013 3:01:21 AM - Windows Update RP801: 2/18/2013 12:01:56 AM - Configured DTCPIP Advisor RP802: 2/19/2013 4:53:51 AM - Windows Update RP803: 2/22/2013 11:20:15 AM - Windows Update RP804: 2/23/2013 2:19:03 PM - Removed Sentinel Protection Installer 7.5.0 RP805: 2/23/2013 2:22:10 PM - Removed The Digital Arts and Crafts Studio. RP806: 2/23/2013 2:45:02 PM - avast! Free Antivirus Setup . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Updater 1310 1310_Help 1310Trb 32 Bit HP CIO Components Installer Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Ad-Aware Adobe Acrobat 5.0 Adobe Acrobat 9 Pro Adobe Acrobat 9.5.4 - CPSID_83708 Adobe AIR Adobe Community Help Adobe Connect Add-in Adobe Creative Suite 5 Design Standard Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Media Player Adobe Photoshop CS Adobe Reader X (10.1.6) Adobe Shockwave Player 12.0 AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan AirPort Apple Application Support Apple Mobile Device Support Apple Software Update avast! Free Antivirus BIAS SoundSoap SE 2.4 Bonjour BufferChm C4700 CamToPrint Copy Corel WordPerfect Office - iFilter CustomerResearchQFolder Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Destinations DeviceDiscovery DeviceManagementQFolder DIRECTV2PC Playback Advisor DocProc DocProcQFolder Dropbox Easy DVD Rip Enhanced Multimedia Keyboard Solution ESSAdpt ESSANUP ESSCAM ESSCDBK ESScore ESSgui ESShelp ESSini ESSPCD ESSvpaht ESSvpot eSupportQFolder Family Feud (remove only) FamilySearch Indexing 3.10.5 Fax FlipShare Free Audio CD Burner version 1.2 Free DVD Decrypter version 1.2 Free Video to iPod Converter version 3.1 Free YouTube to MP3 Converter version 3.2 Garmin POI Loader Garmin USB Drivers Google Chrome Google Drive Google Earth Google Photos Screensaver Google Toolbar for Internet Explorer Google Update Helper GPBaseService2 HandBrake 0.9.5 HLPIndex HP Advisor HP Customer Feedback HP Customer Participation Program 14.0 HP Imaging Device Functions 14.0 HP OCR Software 8.0 HP On-Screen Cap/Num/Scroll Lock Indicator HP Photo Creations HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 HP Photosmart Essential 3.5 HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B HP Picasso Media Center Add-In HP Smart Web Printing 4.60 HP Solution Center 14.0 HP Update HPDiagnosticAlert HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant iCloud Intel® IPP Run-Time Installer 5.2 for Windows* on IA-32 iTunes Java Auto Updater Java 6 Update 37 Kensington MouseWorks Kid Pix Deluxe 4 LightScribe 1.4.142.1 Logitech Harmony Remote Software 7 Malwarebytes Anti-Malware version 1.70.0.1100 MarketResearch Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2007 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2007 Microsoft Office Excel MUI (English) 2010 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2010 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook 2010 Microsoft Office Outlook MUI (English) 2007 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2007 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing (English) 2010 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2007 Microsoft Office Word MUI (English) 2010 Microsoft Outlook 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Management Objects Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 Microsoft Works Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Mozilla Firefox 18.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) My Memories Suite 3.0 My Scene CD-ROM Nero 7 Ultra Edition neroxml Netflix Movie Viewer Network Nielsen NetRatings Nielsen Online NVIDIA 3D Vision Controller Driver 314.07 NVIDIA 3D Vision Driver 314.07 NVIDIA Control Panel 314.07 NVIDIA Drivers NVIDIA Graphics Driver 314.07 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.12.12 NVIDIA Update Components Octoshape add-in for Adobe Flash Player OGA Notifier 2.0.0048.0 PAF Insight PC Tools Registry Mechanic 11.0 PCDADDIN PCDHELP PCDLNCH PDF Settings CS5 Personal Ancestral File 5 Personal Ancestral File Companion 5.2 Pinnacle Instant DVD Recorder PS_AIO_06_C4700_SW_Min PSSWCORE Python 2.4.3 QuickTime QuickTransfer Qwest Installer Qwest QuickAssist Desktop Tools RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Reasonable NoClone 2007 Home Recuva Remote Control USB Driver Revo Uninstaller 1.85 Rhapsody Rhapsody Player Engine Roxio Activation Module Roxio BackOnTrack Roxio BackOnTrackPE Roxio Burn - Secure Roxio CinePlayer Roxio CinePlayer Decoder Pack Roxio Creator 2011 Content Roxio Creator 2011 Pro Roxio Creator Audio Roxio Creator Basic v9 Roxio Creator Copy Roxio Creator Data Roxio Creator EasyArchive Roxio Creator Tools Roxio Express Labeler 3 Roxio MyDVD Basic v9 Roxio PhotoShow Roxio Video Capture USB Runtime SAi Production Suite SAi Production Suite1 Sansa Media Converter Scan Scan2PC Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition SFR SFR2 ShufflePlusVLOI SignBlazer Elements for USCutter release 6.0.21 SignBlazer5.5 XP buttons SmartSound Common Data SmartSound Quicktracks 5 SmartSound Quicktracks Plugin SmartSound Sonicfire Pro 5 SmartWebPrinting Snapfish Media Detector Snapshot Viewer Soft Data Fax Modem with SmartCP Solero Music Control NP 1.0.0.5 Solero Music Viewer 8.0.29.370 SolutionCenter Sony Picture Utility SPAMfighter SPAMfighter Client Spybot - Search & Destroy SQL Server System CLR Types Status Studio 10 Studio 10.8 Patch swMSM Tansee iPod Transfer v5.0 The Digital Arts and Crafts Studio The Weather Channel Desktop 6 TicketAgent 4.0 Toolbox TrayApp TuneUp 2.4.6.4 UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition VCRedistSetup Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VPRINTOL WebReg Wedding Dash (remove only) Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Easy Transfer Companion (Beta) Windows Live Communications Platform Windows Live Essentials Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Mobile Device Updater Component Windows Resource Kit Tools - SubInAcl.exe WinZip 17.0 Wizard101 WordPerfect Lightning WordPerfect Lightning - IPM WordPerfect Lightning - Messages WordPerfect Lightning - MSOM WordPerfect Office X3 - Home Edition Software Bundle WordPerfect Office X5 WordPerfect Office X5 - Common Wordperfect Office X5 - EN WordPerfect Office X5 - Filters WordPerfect Office X5 - Graphics WordPerfect Office X5 - IPM WordPerfect Office X5 - LegalTools WordPerfect Office X5 - Migration Manager WordPerfect Office X5 - Oxford WordPerfect Office X5 - PerfectExperts EN WordPerfect Office X5 - PR WordPerfect Office X5 - QP WordPerfect Office X5 - Setup Files WordPerfect Office X5 - Sharepoint WordPerfect Office X5 - Skins WordPerfect Office X5 - System EN WordPerfect Office X5 - Templates WordPerfect Office X5 - WP WordPerfect Office X5 - WT WordPerfect OfficeReady XviD & MP3 Codec Pack (remove only) XviD MPEG-4 Video Codec Zune Zune Language Pack (DEU) Zune Language Pack (ESP) Zune Language Pack (FRA) Zune Language Pack (ITA) Zune Language Pack (NLD) Zune Language Pack (PTB) Zune Language Pack (PTG) . ==== Event Viewer Messages From Past Week ======== . 2/25/2013 5:24:47 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3. 2/25/2013 12:47:37 AM, Error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 4 time(s). 2/25/2013 12:20:31 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 2/25/2013 12:20:31 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147218173. 2/25/2013 1:18:28 AM, Error: Microsoft-Windows-WMPNSS-Service [14353] - A media delivery engine with ID '0' was not initialized due to error '0x800700b7' when adding the URL 'http://+:10243/WMPNSSv4/3158806701/'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 2/25/2013 1:18:28 AM, Error: Microsoft-Windows-WMPNSS-Service [14349] - A new media server was not initialized because the Windows Media Delivery Engine did not initialize due to error '0x800700b7'. Restart your computer, and then restart the WMPNetworkSvc service. If the problem persists, reinstall Windows Media Player if possible. 2/25/2013 1:15:56 AM, Error: Service Control Manager [7001] - The Windows Image Acquisition (WIA) service depends on the Shell Hardware Detection service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 2/25/2013 1:15:55 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 12 service to connect. 2/24/2013 6:21:05 PM, Error: Service Control Manager [7034] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 3 time(s). 2/24/2013 6:18:54 PM, Error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/24/2013 6:16:34 PM, Error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service. 2/22/2013 10:19:03 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service stisvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811} 2/19/2013 8:20:48 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. . ==== End Of File ===========================
  9. I believe my PC was infected with some type of malware. Whenever I use google on Firefox and I click on one of the search results, it redirects me to www.gethotresults.com. This usually happens 1/3 to 1/5 of the time. Now, this does not happen on any other browsers I have installed. I heard this malware goes by the name "random". I havn't seen this name anywhere though. Not in the registry, not in the appdata, not in any firefox/mozilla folders (I thought it would be in there as thats what brower its affecting), I even checked most of the C-Drive. Please tell me it simply just needs me to reset firefox. Any help will be appreciated, Thanks. During Obtaining the log, I was in safe mode and I had Mcafee running. I don't know if that would cause any problems. Also, I'm sorry about attaching the 2 files last time. . DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by kimw606 at 22:25:47 on 2012-09-15 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3454.2433 [GMT -4:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\mfevtps.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\kimw606\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?AF=109934&babsrc=HP_ss&mntrId=884b22e3000000000000001cdf1cfd18 mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop uURLSearchHooks: H - No File uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - c:\program files\yontoo\YontooIEClient.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File TB: {9565115D-C7D6-46D3-BD63-B67B481A4368} - No File TB: {30F9B915-B755-4826-820B-08FBA6BD249D} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [Google Update] "c:\users\kimw606\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe" mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [Abyssus] c:\program files\razer\abyssus\razerhid.exe mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\belkin~1.lnk - c:\program files\belkin\usb f5d7050\wireless utility\Belkinwcui.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\conten~1.lnk - c:\program files\sony\content manager assistant\CMA.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Free YouTube to iPod Converter - c:\users\kimw606\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetoipodconverter.htm IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{3707E9C6-E5C7-4F0A-9CCA-0970AFD9AA6C} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{912F88CA-3ADD-416A-8AE0-11CFA0467DAC} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{C94253D1-F200-4EA4-969E-58AADE33674D} : DhcpNameServer = 192.168.2.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\kimw606\appdata\roaming\mozilla\firefox\profiles\ksljxatj.default\ FF - prefs.js: browser.search.selectedEngine - Safe Search FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll FF - plugin: c:\users\kimw606\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\users\kimw606\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-9-12 64832] R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-2-22 554048] R1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-8-23 206784] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-23 168280] R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-8-23 168368] R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-8-23 166320] R3 Abyssus03;Razer Abyssus USB Filter Driver;c:\windows\system32\drivers\Abyssus.sys [2012-7-29 9216] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-8-23 60480] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-8-23 360792] S1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2012-8-23 54776] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-24 21504] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-23 168280] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-23 168280] S2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-23 168280] S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-8-23 200816] S2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688] S3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [2012-7-29 6656] S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-9-12 146872] S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-8-23 230224] S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-8-23 61912] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-8-23 92192] S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2011-3-16 34376] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-1 114144] S3 VKbms;Virtual HID Minidriver;c:\windows\system32\drivers\VKbms.sys [2012-7-29 10240] S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2008-6-24 987648] S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2008-6-24 251904] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-09-15 22:57:23 -------- d-----w- c:\program files\PC Tools 2012-09-15 22:44:53 203120 ----a-w- c:\windows\system32\drivers\PCTSD.sys 2012-09-15 22:44:53 -------- d-----w- c:\program files\common files\PC Tools 2012-09-15 22:43:42 -------- d-----w- c:\programdata\PC Tools 2012-09-15 22:43:41 -------- d-----w- c:\users\kimw606\appdata\roaming\TestApp 2012-09-13 03:04:53 64832 ----a-w- c:\windows\system32\drivers\McPvDrv.sys 2012-09-13 03:04:40 146872 ----a-w- c:\windows\system32\drivers\HipShieldK.sys 2012-09-12 22:00:10 -------- d-----w- c:\users\kimw606\appdata\roaming\.minecraft 2012-09-09 14:19:21 -------- d-----w- c:\program files\CONEXANT 2012-09-07 02:28:26 -------- d-----w- c:\program files\RelevantKnowledge 2012-09-07 02:28:22 -------- d-----w- c:\users\kimw606\appdata\roaming\Sonarca Sound Recorder Free 2012-09-07 02:07:56 344064 ----a-w- c:\windows\system32\msvcr70.dll 2012-09-07 02:07:49 -------- d-----w- c:\users\kimw606\appdata\local\EZSoftMagic 2012-09-07 01:32:11 -------- d-----w- c:\programdata\FileLab 2012-09-07 01:19:08 -------- d-----w- c:\users\kimw606\appdata\local\IsolatedStorage 2012-09-06 20:05:54 -------- d-----w- c:\program files\FixCleaner 2012-09-02 01:08:25 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-08-28 23:06:33 -------- d-----w- c:\users\kimw606\appdata\local\{FFDAC1F1-F164-11E1-8270-B8AC6F996F26} 2012-08-24 01:33:16 -------- d-----w- c:\program files\McAfeeMOBK 2012-08-24 01:33:10 54776 ----a-w- c:\windows\system32\drivers\MOBK.sys 2012-08-24 01:33:03 -------- d-----w- c:\program files\McAfee Online Backup 2012-08-24 01:30:42 9648 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2012-08-24 01:30:37 92192 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2012-08-24 01:30:37 61912 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2012-08-24 01:30:37 60480 ----a-w- c:\windows\system32\drivers\cfwids.sys 2012-08-24 01:30:37 360792 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2012-08-24 01:30:37 230224 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2012-08-24 01:30:37 206784 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2012-08-24 01:30:32 -------- d-----w- c:\program files\McAfee.com 2012-08-24 00:19:23 166320 ----a-w- c:\windows\system32\mfevtps.exe 2012-08-23 19:59:46 7023536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a2c93001-e640-4ff1-a5a7-8d48490d7bed}\mpengine.dll . ==================== Find3M ==================== . 2012-09-02 01:25:23 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-02 01:25:22 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-02 01:08:07 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-02 01:08:07 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-07-04 14:02:46 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-06-29 00:16:58 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-06-22 11:52:38 554048 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2012-06-22 11:50:24 127992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys . ============= FINISH: 22:26:59.74 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 11/5/2007 4:58:08 AM System Uptime: 9/15/2012 7:48:08 PM (3 hours ago) . Motherboard: ASUSTek Computer INC. | | Acacia Processor: AMD Athlon 64 X2 Dual Core Processor 4400+ | Socket AM2 | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 289 GiB total, 254.827 GiB free. D: is FIXED (NTFS) - 9 GiB total, 1.648 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 32 Bit HP CIO Components Installer ActiveCheck component for HP Active Support Library Adobe Flash Player 11 Plugin Adobe Flash Player ActiveX Adobe Reader X (10.1.4) Adobe Shockwave Player 11.6 AviSynth 2.5 Belkin 54g USB Network Adapter Belkin Wireless USB Utility BufferChm Carbonite Online Backup Setup Content Manager Assistant for PlayStation® Copy Destination Component DeviceDiscovery DJ_AIO_05_F4400_Software_Min Enhanced Multimedia Keyboard Solution F4400 Free Download Manager Free YouTube to iPod Converter version 3.10.7.804 GearDrvs Google Chrome GPBaseService2 Hardware Diagnostic Tools Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Active Support Library 32 bit components HP Customer Experience Enhancements HP Customer Feedback HP Customer Participation Program 12.0 HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5 HP Easy Setup - Frontend HP Imaging Device Functions 12.0 HP On-Screen Cap/Num/Scroll Lock Indicator HP Photosmart Essential 2.01 HP Photosmart Essential2.01 HP Picasso Media Center Add-In HP Smart Web Printing 4.60 HP Solution Center 12.0 HP Update HPAsset component for HP Active Support Library HPPhotoGadget HPProductAssistant Java 7 Update 7 Java Auto Updater Java 6 Update 30 Java SE Runtime Environment 6 Update 1 JavaFX 2.1.1 LightScribe 1.6.45.1 Malwarebytes' Anti-Malware MarketResearch McAfee All Access – Total Protection McAfee Online Backup Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Visual C++ Run Time Lib Setup Microsoft Works Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee autoProducer 6.0 NVIDIA Drivers Paint.NET v3.5.10 PSSWCORE Python 2.5 Razer Abyssus Realtek High Definition Audio Driver Rhapsody Player Engine Roxio Activation Module Scan Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (KB974234) Shared C Run-time for x86 SmartWebPrinting Soft Data Fax Modem with SmartCP SolutionCenter Spelling Dictionaries Support For Adobe Reader 8 Status swMSM Toolbox TrayApp UltimateBuddy Unity Web Player Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2597998) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VideoToolkit01 WeatherBug Gadget WebReg WinRAR archiver XnView 1.97.8 Yahoo! Detect Yontoo 1.10.02 . ==== Event Viewer Messages From Past Week ======== . 9/9/2012 12:23:03 AM, Error: EventLog [6008] - The previous system shutdown at 12:20:50 AM on 9/9/2012 was unexpected. 9/15/2012 7:52:42 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 9/15/2012 7:49:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} 9/15/2012 7:49:08 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/15/2012 7:49:07 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/15/2012 7:49:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 9/15/2012 7:49:02 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/15/2012 7:48:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/15/2012 6:59:10 PM, Error: PCTCore [280] - 9/15/2012 5:46:40 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 9/15/2012 12:58:01 PM, Error: EventLog [6008] - The previous system shutdown at 11:13:59 PM on 9/14/2012 was unexpected. . ==== End Of File ===========================
  10. I believe my PC was infected with some type of malware. Whenever I use google on Firefox and I click on one of the search results, it redirects me to www.gethotresults.com. This usually happens 1/3 to 1/5 of the time. Now, this does not happen on any other browsers I have installed. I heard this malware goes by the name "random". I havn't seen this name anywhere though. Not in the registry, not in the appdata, not in any firefox/mozilla folders (I thought it would be in there as thats what brower its affecting), I even checked most of the C-Drive. Please tell me it simply just needs me to reset firefox. Any help will be appreciated, Thanks.
  11. Hi, I have seen this problem all over the internet and was wondering if you could help me.. Internet Explorer is running on my PC when I don't even use the browser, I try to end the process via Task Manager and it almost instantly reappears. I am also hearing random audio clips every 15-30 minutes even when all internet browsers are closed which drives me insane. Any ideas on what could be causing this? Cheers
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.