Redirects with searches and urls

1970sam · February 15, 2013

Not sure how to read all of this...so I am apealling to you guys and gals for some assistance! Thanks in advance!

hijackthis log 14Feb2013.txt

1970sam · February 15, 2013

Forgot to mention. I have Malware Bytes Pro and Spybot S&D, neither engine turned up anything. MS Security Essentials found a trojan ( I forget which one) and it was deleted.

Maniac · February 15, 2013

Hello 1970sam and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here:

http://forums.malwarebytes.org/index.php?showtopic=9573

1970sam · February 17, 2013

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.5.1

Run by Carpenter at 21:23:42 on 2013-02-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3005.1424 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fb1f53374b7269ca\STacSV.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fb1f53374b7269ca\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files\rapid7\nexpose\nsc\bin\nexlaunch.exe

C:\Windows\system32\conhost.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\pg_ctl.exe

C:\Windows\system32\PnkBstrA.exe

C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Windows\system32\conhost.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Tenable\Nessus\nessus-service.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Tenable\Nessus\nessusd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Program Files\rapid7\nexpose\nsc\.DLLCACHE\nexserv.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Zune\ZuneNss.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Users\Carpenter\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe

C:\Program Files\ActivIdentity\ActivClient\acsagent.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Microsoft Office\Office12\EXCEL.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Windows\system32\conhost.exe

C:\Users\Carpenter\Downloads\HijackThis.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Program Files\real\realplayer\update\realsched.exe

C:\Users\Carpenter\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe

C:\Users\Carpenter\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.foxnews.com/

uWindow Title = Internet Explorer provided by Dell

uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2081125

mDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=2081125

uURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn1.dll

mURLSearchHooks: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn1.dll

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: PE_IE_Helper Class: {0941C58F-E461-4E03-BD7D-44C27392ADE1} - c:\program files\ibm\lotus forms\viewer\3.5\PEhelper.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll

BHO: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn1.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Zynga Toolbar: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - c:\program files\zynga\tbZyn1.dll

TB: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - c:\program files\zynga\tbZyn1.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [Google Update] "c:\users\carpenter\appdata\local\google\update\GoogleUpdate.exe" /c

uRun: [skyDrive] "c:\users\carpenter\appdata\local\microsoft\skydrive\SkyDrive.exe" /background

uRun: [HLBackupScheduler] c:\program files\backup assistant plus\V CAST Backup Scheduler.exe

mRun: [Apoint] c:\program files\delltpad\Apoint.exe

mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe

mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe

mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell.exe" /mode2

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [acevents] "c:\program files\actividentity\activclient\acevents.exe"

mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [VMM Mode Selection] c:\program files\htc\modeselection\VMMModeSelection.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [bingDesktop] c:\program files\microsoft\bingdesktop\BingDesktop.exe /fromkey

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\activc~1.lnk - c:\program files\actividentity\activclient\acsagent.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe

mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{4118C47D-A46F-4D54-9FA3-059DC9FD62BB} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{E4EC99FC-FC19-4855-825E-791D4D1DF6A5} : NameServer = 4.2.2.2

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll

Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll

Handler: x-owacid2 - {5B290518-830E-4C57-A66B-E4F748900C27} - c:\program files\microsoft\smime client (2010)\mimectl.dll

Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll

Notify: igfxcui - igfxdev.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\carpenter\appdata\roaming\mozilla\firefox\profiles\a3vlihhn.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=

FF - plugin: c:\progra~1\gradke~1\dbsign~1\lib\npDBsignWeb.dll

FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program files\microsoft\office live\npOLW.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmfv.dll

FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll

FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll

FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll

FF - plugin: c:\programdata\realnetworks\realdownloader\browserplugins\npdlplugin.dll

FF - plugin: c:\users\carpenter\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\users\carpenter\appdata\local\microsoft\internet explorer\downloaded program files\npsoe.dll

FF - plugin: c:\users\carpenter\appdata\roaming\mozilla\plugins\npgoogletalk.dll

FF - plugin: c:\users\carpenter\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_146.dll

FF - ExtSQL: 2012-12-30 14:09; plugin@selectionlinks.com; c:\users\carpenter\appdata\roaming\mozilla\firefox\profiles\a3vlihhn.default\extensions\plugin@selectionlinks.com

FF - ExtSQL: 2013-01-19 11:32; {34712C68-7391-4c47-94F3-8F88D49AD632}; c:\programdata\realnetworks\realdownloader\browserplugins\firefox\Ext

FF - ExtSQL: !HIDDEN! 2010-02-11 18:25; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - ExtSQL: !HIDDEN! 2010-07-26 15:48; smartwebprinting@hp.com; c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3

.

---- FIREFOX POLICIES ----

user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\common files\actividentity\ac.sharedstore.exe [2009-6-3 207400]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_x86_neutral_fb1f53374b7269ca\AEstSrv.exe [2008-11-25 73728]

R2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\microsoft\bingdesktop\BingDesktopUpdater.exe [2013-1-25 166408]

R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-23 155648]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-28 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-28 682344]

R2 nexposeconsole;Nexpose Security Console;c:\program files\rapid7\nexpose\nsc\bin\nexlaunch.exe [2012-8-4 20480]

R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 99272]

R2 nxpgsql;Nexpose PostgreSQL Server;c:\program files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\pg_ctl.exe [2012-8-4 94720]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2012-11-29 38608]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-12-23 1153368]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe [2013-1-31 3289208]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-7-26 92632]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-3-15 127488]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\k57nd60x.sys [2009-7-13 229888]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-4 21104]

R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]

R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2009-3-6 133632]

R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2009-3-8 280096]

R3 PSSDK42;PSSDK42;c:\windows\system32\drivers\pssdk42.sys [2012-8-25 38976]

R3 WPRO_41_1879;WinPcap Packet Driver (WPRO_41_1879);c:\windows\system32\drivers\WPRO_41_1879.sys [2013-2-3 34576]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 CQHVUEPKU;CQHVUEPKU;c:\users\carpen~1\appdata\local\temp\cqhvuepku.exe --> c:\users\carpen~1\appdata\local\temp\CQHVUEPKU.exe [?]

S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-8-1 39272]

S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]

S3 JORBX;JORBX;c:\users\carpen~1\appdata\local\temp\jorbx.exe --> c:\users\carpen~1\appdata\local\temp\JORBX.exe [?]

S3 PLJ;PLJ;c:\users\carpen~1\appdata\local\temp\plj.exe --> c:\users\carpen~1\appdata\local\temp\PLJ.exe [?]

S3 Reflex USB V3 Smart card reader;Reflex USB V3 Smart card reader;c:\windows\system32\drivers\RCCIDW2K.sys [2006-5-24 46848]

S3 SCR3XX2K;SCR3xx USB SmartCardReader;c:\windows\system32\drivers\SCR3XX2K.sys [2011-9-7 59776]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-6 52224]

S3 UPO;UPO;c:\users\carpen~1\appdata\local\temp\upo.exe --> c:\users\carpen~1\appdata\local\temp\UPO.exe [?]

S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2011-1-18 54144]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-25 1343400]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]

S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]

S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]

.

=============== Created Last 30 ================

.

2013-02-16 10:51:05 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c7c9a432-a386-4018-813c-3365cb07d71b}\mpengine.dll

2013-02-15 10:51:43 6991832 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2013-02-14 10:53:01 96784 ----a-w- c:\windows\system32\WPRO_41_1879woem.tmp

2013-02-14 10:08:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2013-02-14 10:08:02 149528 ----a-w- c:\program files\internet explorer\sqmapi.dll

2013-02-14 10:08:01 420864 ----a-w- c:\windows\system32\vbscript.dll

2013-02-14 10:08:01 194048 ----a-w- c:\program files\internet explorer\IEShims.dll

2013-02-13 17:28:02 2347008 ----a-w- c:\windows\system32\win32k.sys

2013-02-13 17:27:52 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe

2013-02-13 17:27:51 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-02-13 17:27:49 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-02-13 17:27:48 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2013-02-13 17:27:46 169984 ----a-w- c:\windows\system32\winsrv.dll

2013-02-04 06:33:28 34576 ----a-w- c:\windows\system32\drivers\WPRO_41_1879.sys

2013-01-25 18:45:42 2551808 ----a-w- c:\programdata\microsoft\bingdesktop\updater\BingDesktop.msi

2013-01-24 01:14:39 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-01-19 19:12:23 -------- d-----w- c:\users\carpenter\appdata\local\Backup Assistant Plus

2013-01-19 19:10:55 -------- d-----w- c:\program files\Backup Assistant Plus

2013-01-19 18:34:17 -------- d-----w- c:\users\carpenter\appdata\roaming\RealNetworks

2013-01-19 18:31:56 -------- d-----w- c:\program files\RealNetworks

2013-01-19 18:31:47 -------- d-----w- c:\programdata\RealNetworks

2013-01-19 18:31:30 -------- d-----w- c:\program files\common files\xing shared

.

==================== Find3M ====================

.

2013-02-14 10:37:52 38976 ----a-w- c:\windows\system32\drivers\pssdk42.sys

2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe

2013-01-25 16:13:58 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-25 16:13:57 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 22:11:21 1800704 ----a-w- c:\windows\system32\jscript9.dll

2013-01-08 22:03:20 1129472 ----a-w- c:\windows\system32\wininet.dll

2013-01-08 22:03:12 1427968 ----a-w- c:\windows\system32\inetcpl.cpl

2013-01-08 21:59:02 142848 ----a-w- c:\windows\system32\ieUnatt.exe

2012-12-31 16:45:26 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys

2012-12-31 16:45:12 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr

2012-12-31 16:45:12 268952 ----a-w- c:\windows\system32\PnkBstrB.exe

2012-12-31 01:45:02 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0

2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll

2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll

2012-12-14 23:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll

2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll

2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll

2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe

2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe

2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll

2012-11-20 04:51:09 220160 ----a-w- c:\windows\system32\ncrypt.dll

.

============= FINISH: 21:26:46.50 ===============

And...

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume3

Install Date: 2/11/2010 7:45:12 PM

System Uptime: 2/14/2013 3:36:05 AM (66 hours ago)

.

Motherboard: Dell Inc. | | 0P792H

Processor: Intel® Core2 Duo CPU T5800 @ 2.00GHz | U2E1 | 2000/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 288 GiB total, 128.254 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 4.476 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Photosmart Plus B209a-m

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Photosmart Plus B209a-m

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service:

.

==== System Restore Points ===================

.

RP690: 1/3/2013 5:39:32 PM - Windows Update

RP691: 1/6/2013 8:14:23 PM - Windows Update

RP692: 1/9/2013 3:00:52 AM - Windows Update

RP693: 1/11/2013 8:24:53 PM - Windows Update

RP694: 1/15/2013 11:56:44 PM - Windows Update

RP695: 1/20/2013 2:18:40 AM - Windows Update

RP696: 1/23/2013 6:12:38 PM - Installed Java 7 Update 11

RP697: 1/23/2013 11:42:18 PM - Windows Update

RP698: 1/27/2013 1:39:17 AM - Windows Update

RP699: 1/30/2013 11:15:02 AM - Windows Update

RP700: 2/2/2013 11:17:20 AM - Windows Update

RP701: 2/5/2013 11:36:10 PM - Windows Update

RP702: 2/9/2013 11:51:01 PM - Windows Update

RP703: 2/14/2013 1:24:35 AM - Windows Update

RP704: 2/14/2013 3:00:23 AM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

32 Bit HP CIO Components Installer

Acrobat.com

ActivClient CAC x86

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.5)

Adobe Shockwave Player 11.6

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

B209a-m

Backup Assistant Plus

Banctec Service Agreement

Bing Bar

Bing Desktop

Bonjour

Browser Address Error Redirector

BufferChm

CCleaner

CCNA Virtual Lab, Titanium Edition 2.0

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco Packet Tracer 5.3

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

CompTIA Security+ SY0-301 SE

CramMaster

Crystal Reports for Visual Studio

D3DX10

DBsign Web Signer

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Online

Dell Dock

Dell Driver Download Manager

Dell Getting Started Guide

Dell Support Center

Dell Touchpad

Dell Webcam Central

Dell Wireless WLAN Card Utility

Destinations

Dev-C++ 5 beta 9 release (4.9.9.2)

DeviceDiscovery

Dotfuscator Software Services - Community Edition

EDocs

Feedback Tool

ffdshow [rev 2527] [2008-12-19]

Google Chrome

Google Earth Plug-in

Google Talk Plugin

Google Update Helper

GoToAssist 8.0.0.514

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2736182)

Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2542054)

Hotfix for Microsoft Visual C++ 2010 Express - ENU (KB2635973)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2529927)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2542054)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2548139)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2549864)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2635973)

Hotfix for Microsoft Visual Studio 2010 Premium - ENU (KB2736182)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)

Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)

HP Customer Participation Program 14.0

HP Imaging Device Functions 14.0

HP Photo Creations

HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HPDiagnosticAlert

HPPhotoGadget

HPProductAssistant

HPSSupply

IBM Lotus Forms Viewer 3.5.1

InstallRoot 3.13

Integrated Webcam Driver (1.06.03.0309)

Intel® Graphics Media Accelerator Driver

Intel® TV Wizard

iPhone Configuration Utility

ITECIR

iTunes

Java 7 Update 11

Java Auto Updater

Java 6 Update 7

JavaFX 2.1.1

Junk Mail filter update

LeapFrog Connect

LeapFrog Leapster2 Plugin

Live! Cam Avatar Creator

LM6000 PC SAC Packagers Edition

Malwarebytes Anti-Malware version 1.70.0.1100

MarketResearch

Master Your CDC 5.0

MediaDirect

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Access database engine 2010 (English)

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft AutoRoute 2011

Microsoft Help Viewer 1.1

Microsoft MSDN 2005 Express Edition - ENU

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office 2010 Language Pack Service Pack 1 (SP1)

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Project MUI (English) 2010

Microsoft Office Project Professional 2010

Microsoft Office Proof (English) 2007

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2007

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing (English) 2010

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Visio 2010

Microsoft Office Visio MUI (English) 2010

Microsoft Office Word MUI (English) 2007

Microsoft Outlook Web Access S/MIME

Microsoft Project 2010 Service Pack 1 (SP1)

Microsoft Project Professional 2010

Microsoft S/MIME

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft Silverlight 4 SDK

Microsoft SkyDrive

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2005 Tools Express Edition

Microsoft SQL Server 2008

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server System CLR Types

Microsoft SQL Server VSS Writer

Microsoft Sync Framework Runtime v1.0 SP1 (x86)

Microsoft Sync Framework SDK v1.0 SP1

Microsoft Sync Framework Services v1.0 SP1 (x86)

Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)

Microsoft Team Foundation Server 2010 Object Model - ENU

Microsoft Visio 2010 Service Pack 1 (SP1)

Microsoft Visio Premium 2010

Microsoft Visual C++ Compilers 2010 Standard - enu - x86

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Express Edition - ENU

Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748)

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual C++ 2010 Express - ENU

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Office Developer Tools (x86)

Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU

Microsoft Visual Studio 2010 Premium - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio 2010 Tools for Office Runtime (x86)

Microsoft Visual Studio Macro Tools

Microsoft Works

Mozilla Firefox 18.0.2 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MyScribe

Network

Nexpose

OGA Notifier 2.0.0048.0

PasswordTools

Picasa 3

PS_AIO_06_B209a-m_SW_Min

Python 2.7.2

QuickSet

QuickTime

QuickTransfer

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

RealUpgrade 1.1

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Express Labeler 3

Roxio Update Manager

Scan

Secure Download Manager

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition

Security Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB2251481)

Security Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB2538218)

Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2644980)

Security Update for Microsoft Visual Studio 2010 Premium - ENU (KB2645410)

Security Update for Microsoft Visual Studio Macro Tools (KB2669970)

SelectionLinks

Service Pack 3 for SQL Server 2008 (KB2546951)

Shop for HP Supplies

Skype Click to Call

Skype™ 6.0

SmartWebPrinting

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 9

Spotify

Spybot - Search & Destroy

Sql Server Customer Experience Improvement Program

Status

swMSM

System Requirements Lab for Intel

Tenable Nessus

TestKing Questions and Answers for Cisco 640-802

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office Infopath 2007 Help (KB963662)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB932232)

Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

WCF RIA Services V1.0 SP1

Web Deployment Tool

WebReg

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Device Updater Component

WinRAR archiver

WModem Driver Installer

Wolfenstein - Enemy Territory

Zune

Zune Language Pack (CHS)

Zune Language Pack (CHT)

Zune Language Pack (CSY)

Zune Language Pack (DAN)

Zune Language Pack (DEU)

Zune Language Pack (ELL)

Zune Language Pack (ESP)

Zune Language Pack (FIN)

Zune Language Pack (FRA)

Zune Language Pack (HUN)

Zune Language Pack (IND)

Zune Language Pack (ITA)

Zune Language Pack (JPN)

Zune Language Pack (KOR)

Zune Language Pack (MSL)

Zune Language Pack (NLD)

Zune Language Pack (NOR)

Zune Language Pack (PLK)

Zune Language Pack (PTB)

Zune Language Pack (PTG)

Zune Language Pack (RUS)

Zune Language Pack (SVE)

Zynga Toolbar

.

==== Event Viewer Messages From Past Week ========

.

2/16/2013 9:16:09 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

2/14/2013 3:43:16 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.

2/14/2013 3:39:00 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

2/14/2013 3:37:45 AM, Error: Service Control Manager [7000] - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: The system cannot find the file specified.

2/13/2013 1:24:19 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.143.2108.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.9103.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

.

==== End Of File ===========================

Maniac · February 17, 2013

Step 1

Please uninstall this application: Zynga Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

Junkware Removal Tool log
Malwarebytes' Anti-Malware log
a new fresh DDS log

1970sam · February 18, 2013

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.6.4 (02.16.2013:1)

OS: Windows 7 Home Premium x86

Ran by Carpenter on Sun 02/17/2013 at 10:28:10.67

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope

Successfully repaired: [Registry Value] hkey_users\S-1-5-21-711352882-2782178830-377221199-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\conduit

Successfully deleted: [Registry Key] hkey_current_user\software\softonic

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit

Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\crossrider

Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2438727

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{080fbdf6-b230-4e4d-a4e7-7c7a56d7babc}

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}

Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\agi"

Successfully deleted: [Folder] "C:\Users\Carpenter\AppData\Roaming\agi"

Successfully deleted: [Folder] "C:\Users\Carpenter\appdata\local\conduit"

Successfully deleted: [Folder] "C:\Users\Carpenter\appdata\local\kiwee toolbar"

Successfully deleted: [Folder] "C:\Users\Carpenter\appdata\locallow\kiwee toolbar"

Failed to delete: [Folder] "C:\Program Files\agi"

Successfully deleted: [Folder] "C:\Program Files\conduit"

~~~ FireFox

Successfully deleted: [File] C:\Users\Carpenter\AppData\Roaming\mozilla\firefox\profiles\a3vlihhn.default\user.js

Successfully deleted: [File] C:\Users\Carpenter\AppData\Roaming\mozilla\firefox\profiles\a3vlihhn.default\extensions\anuuhwlpel@anuuhwlpel.org.xpi [Tracur]

Successfully deleted: [Folder] C:\Users\Carpenter\AppData\Roaming\mozilla\firefox\profiles\a3vlihhn.default\extensions\plugin@selectionlinks.com

Emptied folder: C:\Users\Carpenter\AppData\Roaming\mozilla\firefox\profiles\a3vlihhn.default\minidumps [2 files]

~~~ Chrome

Dumping contents of C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default

C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default\aadddjdfdigbgedbgfdadjgbdegcdjdd

C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default\aadddjdfdigbgedbgfdadjgbdegcdjdd\background.js

C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default\aadddjdfdigbgedbgfdadjgbdegcdjdd\ContentScript.js

C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default\aadddjdfdigbgedbgfdadjgbdegcdjdd\manifest.json

Successfully deleted: [Folder] C:\Users\Carpenter\appdata\local\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 02/17/2013 at 10:32:19.28

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1970sam · February 18, 2013

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.02.18.01

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Carpenter :: CARPENTER-PC [administrator]

Protection: Enabled

2/17/2013 6:47:31 PM

mbam-log-2013-02-17 (18-47-31).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 231807

Time elapsed: 13 minute(s), 50 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

1970sam · February 18, 2013

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.5.1

Run by Carpenter at 19:49:32 on 2013-02-17

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3005.1003 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}

SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fb1f53374b7269ca\STacSV.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fb1f53374b7269ca\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files\rapid7\nexpose\nsc\bin\nexlaunch.exe

C:\Windows\system32\conhost.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\pg_ctl.exe

C:\Windows\system32\PnkBstrA.exe

C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Windows\system32\conhost.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files\Tenable\Nessus\nessus-service.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Tenable\Nessus\nessusd.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\System32\WLTRYSVC.EXE

C:\Windows\System32\bcmwltry.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Program Files\rapid7\nexpose\nsc\.DLLCACHE\nexserv.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Zune\ZuneNss.exe

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Windows\System32\WLTRAY.EXE

C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ActivIdentity\ActivClient\acevents.exe

C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe

C:\Program Files\HP\HP Software Update\hpwuschd2.exe

C:\Program Files\Zune\ZuneLauncher.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Users\Carpenter\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe

C:\Program Files\ActivIdentity\ActivClient\acsagent.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Microsoft Office\Office12\EXCEL.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Windows\system32\conhost.exe

C:\Users\Carpenter\Downloads\HijackThis.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Program Files\rapid7\nexpose\nsc\nxpgsql\pgsql\bin\postgres.exe

C:\Users\Carpenter\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe

C:\Program Files\real\realplayer\update\realsched.exe

C:\Windows\explorer.exe

C:\Windows\system32\notepad.exe

C:\Users\Carpenter\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\prevhost.exe

C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Users\Carpenter\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe