creichert Posted May 10, 2013 ID:678126 Share Posted May 10, 2013 DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 8.0.7600.17115 BrowserJavaVersion: 10.21.2Run by CReicher at 12:36:20 on 2013-05-10Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.3892.2577 [GMT -4:00].AV: McAfee VirusScan Enterprise *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: McAfee VirusScan Enterprise Antispyware Module *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}FW: McAfee Host Intrusion Prevention Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\WUDFHost.exeC:\Windows\system32\ngvpnmgr.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exeC:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exeC:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exeC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\ThinkPad\Bluetooth Software\btwdins.exeC:\Program Files (x86)\Copiun\x64\AgtAdmSvc.exeC:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exec:\epa.epa\EPAService.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\svchost.exe -k HsfXAudioServiceC:\Program Files\Lenovo\Communications Utility\CAMMUTE.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exeC:\Program Files\LENOVO\VIRTSCRL\lvvsst.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exeC:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exeC:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exeC:\Windows\system32\mfevtps.exeC:\notes\ntmulti.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\System32\svchost.exe -k HPZ12C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Windows\system32\svchost.exe -k regsvcC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Windows\system32\svchost.exe -k bthsvcsC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\saHookMain.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exeC:\Windows\system32\taskhost.exeC:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\LENOVO\HOTKEY\tposdsvc.exeC:\Program Files\LENOVO\HOTKEY\shtctky.exeC:\Program Files\Lenovo\HOTKEY\TPONSCR.exeC:\Program Files\Lenovo\Zoom\TpScrex.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exeC:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exeC:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exeC:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeC:\Program Files (x86)\Digital Line Detect\DLG.exeC:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exeC:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exeC:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exeC:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exeC:\Windows\splwow64.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exeC:\Program Files (x86)\McAfee\Common Framework\McTray.exeC:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXEC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\SearchProtocolHost.exeC:\Program Files (x86)\Internet Explorer\iexplore.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.societylink.org/uSearch Bar = PreservemWinlogon: Userinit = userinit.exe,BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dllTB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dllmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"StartupFolder: C:\Users\creicher\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GLOBAL~1.LNK - C:\Users\creicher\GlobalMeet for Desktop\StartUp.batStartupFolder: C:\Users\creicher\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXEStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DIGITA~1.LNK - C:\Program Files (x86)\Digital Line Detect\DLG.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoSimpleStartMenu = dword:1uPolicies-Explorer: NoAutoTrayNotify = dword:1mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: NoAutorun = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0mPolicies-System: legalnoticecaption = Acceptable Use Logon BannermPolicies-System: legalnoticetext = NOTICE: This system is the property of the American Cancer Society and may be accessed only by authorized users in accordance with the Society’s Acceptable Use Policy. It is subject to monitoring to ensure compliance with the Society’s policies. Use of this system constitutes consent to monitoring. You have no expectation of privacy as to any activities/information on this system. If monitoring reveals evidence of unauthorized use, it may be used for criminal or administrative action.mPolicies-System: SoftwareSASGeneration = dword:3IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - <orphaned>IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - <orphaned>IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmTrusted Zone: acscan.orgTrusted Zone: acsevents.orgTrusted Zone: acsgiftshop.comTrusted Zone: adobe.comTrusted Zone: adp.comTrusted Zone: atlnhohl01Trusted Zone: blip.tvTrusted Zone: cancer.orgTrusted Zone: convio.comTrusted Zone: convio.netTrusted Zone: dell.comTrusted Zone: fleet.comTrusted Zone: gotomeeting.comTrusted Zone: ibm.comTrusted Zone: java.comTrusted Zone: lenovo.comTrusted Zone: lotusnotes.comTrusted Zone: macromedia.comTrusted Zone: microsoft.comTrusted Zone: mindleaders.comTrusted Zone: outtask.comTrusted Zone: paymentnet.comTrusted Zone: peopleclick.comTrusted Zone: relayforlife.orgTrusted Zone: searchtofight.orgTrusted Zone: shserv.orgTrusted Zone: siebel.comTrusted Zone: stlu.comTrusted Zone: sumtotalsystems.comTrusted Zone: sun.comTrusted Zone: webex.comTrusted Zone: windowsupdate.comTrusted Zone: acscan.orgTrusted Zone: acsevents.orgTrusted Zone: acsgiftshop.comTrusted Zone: adobe.comTrusted Zone: adp.comTrusted Zone: atlnhohl01Trusted Zone: blip.tvTrusted Zone: cancer.orgTrusted Zone: convio.comTrusted Zone: convio.netTrusted Zone: dell.comTrusted Zone: fleet.comTrusted Zone: gotomeeting.comTrusted Zone: ibm.comTrusted Zone: java.comTrusted Zone: lenovo.comTrusted Zone: lotusnotes.comTrusted Zone: macromedia.comTrusted Zone: microsoft.comTrusted Zone: mindleaders.comTrusted Zone: outtask.comTrusted Zone: paymentnet.comTrusted Zone: peopleclick.comTrusted Zone: relayforlife.orgTrusted Zone: searchtofight.orgTrusted Zone: shserv.orgTrusted Zone: siebel.comTrusted Zone: stlu.comTrusted Zone: sumtotalsystems.comTrusted Zone: sun.comTrusted Zone: webex.comTrusted Zone: windowsupdate.comDPF: {106E49CF-797A-11D2-81A2-00E02C015623} - hxxp://www.alternatiff.com/distribution/alternatiff-ax-w32-2.0.4.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: NameServer = 192.168.1.1TCP: Interfaces\{70F507A8-4E70-46B9-B62E-3E55CE9F4224} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{70F507A8-4E70-46B9-B62E-3E55CE9F4224}\34F636F616245616E6562797 : DHCPNameServer = 68.87.77.130 68.87.72.130TCP: Interfaces\{A9DA7C0B-990E-40F0-9A4E-EACED2FABDED} : DHCPNameServer = 10.110.55.30 10.155.55.30 10.139.2.97Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McIEPlg.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLLSA: Notification Packages = EpePcNp64 scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ACGinax64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dllx64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dllx64-IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC} - C:\Program Files\Java\jre6\bin\jp2iexp.dllx64-IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - <orphaned>x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - <orphaned>x64-IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - <orphaned>x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmx64-IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>x64-IE: {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - {F4F55DC8-0B69-4DFE-BA94-CB677B88B2A3} - <orphaned>x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cabx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dllx64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\x64\McIEPlg.dllx64-Notify: igfxcui - igfxdev.dllx64-Notify: psfus - C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dllx64-SSODL: WebCheck - <orphaned>x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.============= SERVICES / DRIVERS ===============.R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2013-1-11 29512]R0 MfeEEAlg;MfeEEAlg;C:\Windows\System32\drivers\MfeEEAlg.sys [2012-2-22 71016]R0 MfeEpeOpal;MfeEpeOpal;C:\Windows\System32\drivers\MfeEpeOpal.sys [2012-4-20 87368]R0 MfeEpePc;MfeEpePc;C:\Windows\System32\drivers\MfeEpePc.sys [2012-4-20 140648]R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2012-10-1 642952]R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2012-10-1 283744]R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2011-12-28 25416]R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2013-1-11 15472]R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\System32\drivers\mfenlfk.sys [2011-8-16 75672]R2 Copiun Administrative Service;Copiun Administrative Service;C:\Program Files (x86)\Copiun\x64\AgtAdmSvc.exe [2012-11-30 133120]R2 enterceptAgent;McAfee Host Intrusion Prevention Service;C:\Program Files\McAfee\Host Intrusion Prevention\FireSvc.exe [2011-9-12 641336]R2 EPAService;EPAService;c:\epa.epa\EPAService.exe delay=900 --> c:\epa.epa\EPAService.exe delay=900 [?]R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-13 27136]R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2013-1-11 43584]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2013-2-6 127072]R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-1-11 62016]R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2013-1-11 133992]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-26 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-26 701512]R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;C:\Program Files\McAfee\Endpoint Encryption Agent\MfeEpeHost.exe [2012-4-20 1699840]R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2011-10-24 165440]R2 McAfeeFramework;McAfee Framework Service;C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [2011-11-15 132672]R2 McTaskManager;McAfee Task Manager;C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe [2011-9-14 209760]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-10-1 208272]R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2012-10-1 158832]R2 NgVpnMgr;Aventail VPN Client;C:\Windows\System32\ngvpnmgr.exe [2012-6-26 532328]R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2013-1-11 61952]R2 smihlp2;SMI Helper Driver (smihlp2);C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-5-30 13128]R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2013-2-6 127120]R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2013-2-6 125504]R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-1-11 2533400]R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-6-25 3325232]R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-1-11 167040]R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2013-1-11 54824]R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-1-11 35104]R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2013-1-11 292864]R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2013-1-11 342704]R3 FireNfcp;McAfee Inc. FireNfcp;C:\Windows\System32\drivers\FireNfcp.sys [2012-10-1 48840]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2013-1-11 56344]R3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2012-10-1 195024]R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2013-1-11 158976]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-1-11 317440]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-26 25928]R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2012-10-1 228752]R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2012-10-1 481504]R3 NgLog;Aventail VPN Logging;C:\Windows\System32\drivers\nglog.sys [2012-6-23 31304]R3 NgVpn;Aventail VPN Adapter;C:\Windows\System32\drivers\ngvpn.sys [2012-6-23 103496]R3 NgWfp;Aventail VPN Callout;C:\Windows\System32\drivers\ngwfp.sys [2012-6-23 28744]R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2013-1-11 27960]R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-29 40248]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-10-1 199008]S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-1-11 478056]S3 IFCoEMP;IFCoEMP;C:\Windows\System32\drivers\ifM52x64.sys [2012-5-29 339728]S3 IFCoEVB;IFCoEVB;C:\Windows\System32\drivers\ifP52x64.sys [2012-5-29 65808]S3 iSSetup;iSSetup;C:\Windows\System32\drivers\iSSetup.sys [2012-5-29 189664]S3 LNSUSvc;Lotus Notes Smart Upgrade Service;C:\Notes\SUService.exe [2011-9-16 189832]S3 Lotus Notes Diagnostics;Lotus Notes Diagnostics;C:\notes\nsd.exe -svcinvoke -ini "C:\ProgramData\Lotus\Notes\Data\notes.ini" --> C:\notes\nsd.exe -svcinvoke -ini C:\ProgramData\Lotus\Notes\Data\notes.ini [?]S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\System32\drivers\mferkdet.sys [2012-10-1 100904]S3 NgFilter;Aventail VPN Filter;C:\Windows\System32\drivers\ngfilter.sys [2012-6-23 26184]S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2013-1-11 1662560]S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2013-1-11 1665120]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-3 1255736].=============== Created Last 30 ================.2013-05-10 07:40:51 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A84E844-BAE6-4625-B486-320FECF1CEE8}\offreg.dll2013-05-10 07:39:07 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7A84E844-BAE6-4625-B486-320FECF1CEE8}\mpengine.dll2013-05-09 22:08:20 -------- d-----w- C:\Users\creicher\Relay Pic Ideas2013-05-08 12:47:52 -------- d-----w- C:\Users\creicher\AppData\Roaming\smkits2013-05-01 15:55:56 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll2013-05-01 15:55:56 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll2013-05-01 15:55:51 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-05-01 15:52:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-05-01 15:52:27 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-04-26 17:26:28 -------- d-----w- C:\Users\creicher\AppData\Roaming\Malwarebytes2013-04-26 17:25:50 -------- d-----w- C:\ProgramData\Malwarebytes2013-04-26 17:25:46 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-04-26 17:25:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-04-23 23:23:37 -------- d-----w- C:\Users\creicher\AppData\Local\CrashDumps2013-04-23 19:46:56 -------- d-----w- C:\Windows\pss2013-04-23 17:57:48 374664 ----a-w- C:\Windows\System32\drivers\netio.sys2013-04-23 17:31:32 256904 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys2013-04-23 17:17:50 -------- d-----w- C:\Users\creicher\AppData\Local\NPE2013-04-23 17:17:50 -------- d-----w- C:\ProgramData\Norton.==================== Find3M ====================.2013-05-10 16:16:55 160 ----a-w- C:\Windows\SysWow64\settings.bin2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-04-24 12:38:25 15859416 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe2013-02-21 14:57:44 3024456 ----a-w- C:\Users\creicher\GlobalMeet_ScreenShare_update_860_windows.exe.============= FINISH: 12:37:04.27 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 1/11/2013 5:26:17 PMSystem Uptime: 5/10/2013 12:12:47 PM (0 hours ago).Motherboard: LENOVO | | 2522DQ9Processor: Intel® Core™ i5 CPU M 520 @ 2.40GHz | None | 2400/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 298 GiB total, 203.105 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP73: 5/8/2013 5:49:23 PM - Scheduled CheckpointRP74: 5/10/2013 3:38:42 AM - Windows Update.==== Installed Programs ======================.64 Bit HP CIO Components Installer7-Zip 9.20 (x64 edition)Adobe AIRAdobe Flash Player 11 ActiveXAdobe Reader X (10.1.4)Adobe Shockwave Player 12.0Apple Application SupportApple Mobile Device SupportApple Software UpdateAventail ConnectBonjourBurn.Now 4.5Burn.Now Lenovo EditionCamtasia Studio 7Conexant 20585 SmartAudio HDCopiun Data ManagerDefinition update for Microsoft Office 2010 (KB982726)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionFileNet IDM Viewer 4.0Fingerprint Software PatchGlobalMeet Desktop ToolsGlobalMeet for DesktopGlobalMeet ScreenShareGoogle Update HelperIntegrated Camera Driver Installer Package Ver.1.1.0.48Intel PROSet WirelessIntel® Control CenterIntel® Management Engine ComponentsIntel® Processor GraphicsIntel® PROSet/Wireless WiFi SoftwareIrfanView (remove only)iTunesJava 7 Update 21Java Auto UpdaterJava™ 6 Update 17Java™ 6 Update 17 (64-bit)Lenovo Auto Scroll UtilityLenovo Patch UtilityLenovo Patch Utility 64 bitLenovo Power Management DriverLenovo System Interface DriverLenovo System UpdateLotus Notes 8.5.3Malwarebytes Anti-Malware version 1.75.0.1300McAfee AgentMcAfee Endpoint Encryption AgentMcAfee Endpoint Encryption for PC v6McAfee Host Intrusion PreventionMcAfee SiteAdvisor EnterpriseMcAfee VirusScan EnterpriseMedia Player Codec Pack 4.2.2MER for ePOMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Project MUI (English) 2010Microsoft Office Project Standard 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Project Standard 2010Microsoft SilverlightMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)On Screen DisplayPDFCreatorPower ManagerQuest Secure Password Extension x64QuickTimeRealNetworks - Microsoft Visual C++ 2008 RuntimeRealPlayerRealUpgrade 1.1RICOH R5U230 Media Driver ver.2.06.02.02Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2289078)Security Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft Office 2010 (KB2553260) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553447) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2584066)Security Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589322) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2597986) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit EditionSecurity Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit EditionSnagit 10swMSMSystem Information ReporterThinkPad Bluetooth with Enhanced Data Rate SoftwareThinkPad FullScreen MagnifierThinkPad Modem AdapterThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemThinkVantage Communications UtilityThinkVantage Fingerprint SoftwareUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft Office 2010 (KB2202188)Update for Microsoft Office 2010 (KB2494150)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553270) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553272) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553385) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598289) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2589345) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2553248) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionWindows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430)Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)Windows XP Mode.==== Event Viewer Messages From Past Week ========.5/9/2013 6:03:12 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.5/9/2013 10:47:30 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller).5/8/2013 8:49:39 AM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The attribute syntax specified to the directory service is invalid. .5/8/2013 8:49:16 AM, Error: Application Management Group Policy [103] - The removal of the assignment of application McAfee Agent from policy mcaffeagent failed. The error was : %%25/8/2013 8:03:14 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.5/8/2013 7:50:06 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.5/8/2013 2:56:48 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.5/6/2013 7:42:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.5/5/2013 9:22:13 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AcSvc service.5/5/2013 9:21:17 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{70F507A8-4E70-46B9-B62E-3E55CE9F4224} because another computer on the network has the same name. The server could not start.5/4/2013 12:05:09 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).5/4/2013 11:49:20 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.5/4/2013 11:42:27 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.5/4/2013 11:39:31 PM, Error: Service Control Manager [7034] - The Windows Biometric Service service terminated unexpectedly. It has done this 1 time(s).5/4/2013 11:37:38 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.5/4/2013 11:37:25 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the System Update service to connect.5/4/2013 11:37:25 AM, Error: Service Control Manager [7000] - The System Update service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.5/4/2013 11:31:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WerSvc service.5/10/2013 12:23:46 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect.5/10/2013 12:23:46 PM, Error: Service Control Manager [7000] - The McAfee McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.5/10/2013 12:23:09 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.5/10/2013 12:16:06 PM, Error: Microsoft-Windows-TerminalServices-RemoteConnectionManager [1067] - The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. .5/10/2013 12:14:16 PM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.5/10/2013 12:13:08 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain PA due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain..==== End Of File =========================== Link to post Share on other sites More sharing options...
Robybel Posted May 10, 2013 ID:678143 Share Posted May 10, 2013 Hi and Welcome!! creichert My name is Robybel.I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.The fixes are specific to your problem and should only be used for the issues on this machine.Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.It's often worth reading through these instructions and printing them for ease of reference.If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.Please reply to this thread. Do not start a new topic.IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.Vista and Windows 7 users:These tools MUST be run from the executable. (.exe) every time you run themwith Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.Having said that....Let's get going!! =================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.Next AdwCleanerPlease download "]http://general-changelog-team.fr/en/tools/15-adwcleaner"] AdwCleaner by Xplode onto your desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click on Delete.Confirm each time with Ok.Your computer will be rebooted automatically. A text file will open after the restart.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[s1].txt as well.Next Download RogueKiller and save it to your desktop. Quit all other programsStart RogueKiller.exeWait until the Prescan has finished ... Click on ScanWait for the end of the scanA report will be created on your desktop. Click on the Delete buttonNext click on the ShortcutsFix another report will be created on your desktop.Please post: All RKreport.txt text files located on your desktop. Link to post Share on other sites More sharing options...
Maniac Posted May 10, 2013 ID:678144 Share Posted May 10, 2013 Sorry, Robybel was faster. Link to post Share on other sites More sharing options...
Robybel Posted May 13, 2013 ID:678878 Share Posted May 13, 2013 Still need help? Link to post Share on other sites More sharing options...
Maurice Naggar Posted May 15, 2013 ID:679913 Share Posted May 15, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts