Annoying backups eating up half a gig per day?

[PeregrineKodiak]

I didn't mean to download these "cloud" backup programs - or whatever kind of back-up problem this is. But I think that's my problem - and I've tried to delete them with no luck.

 

Every night at 3am, my computer turns itself on, and downloads what I think are large files. I'm finding files on my D drive with names like "3b3c3ba11ab4b9a810c00044" and "ffe970c4486db73ff501c652e539e5b8". I went through malware deletion with "Maniac" (Borislav), and the files still download every night. I get a prompt if I try to delete the files that says "You need permission to perform this action. You require permission from SYSTEM to make changes to this folder." During the malware deletion process, that prompt changed, and asked me if I wanted to gain access to the folder. I didn't click on that prompt, because I was afraid I'd get a virus.

 

The most troubling part about this is that I'm losing a lot of space from my C drive, and I can't figure out where the files are downloading on the C drive. I look at the space remaining on my C drive, and every day, its down a half a gigabyte. I only have 3.5 gigs left - and I've run out of things to delete.

 

I need help figuring out what program is downloading these files on my C and D drive - and get rid of it. I also need help finding the files downloading into my C drive, and I need to figure out how - and if it's safe - to delete these files.

 

Thank you!

[David H. Lipman]

Are; "3b3c3ba11ab4b9a810c00044" and "ffe970c4486db73ff501c652e539e5b8" Files or Folders ?

[PeregrineKodiak]

They are folders.

[David H. Lipman]

Sometimes when Microsoft performs Automatic Updates, the updating process leaves behind remnants in the form of binary hexadecimal named folders such as...

"3b3c3ba11ab4b9a810c00044" and "ffe970c4486db73ff501c652e539e5b8"

 

If you open them and get "Access Denied" then it could be indicative of this and if you "Take Ownership" of the folder (and its folder and files within) and then give yourself rights you can see the contents of said folders.

 

Since MS Automatic Updates default to 0300 hrs, it can explain the download overnight and the folders existence.

 

If you try to open said folders, do you get "Access Denied" ?

[daledoc1]

Hi:

 

Are you running KIS or KAV?

 

If so, I suspect that you likely have traces enabled (perhaps that was done to troubleshoot, at the advice of Kaspersky tech support)?

 

I don't know if you run KIS or KAV, or which version, but here is one relevant KB topic for KIS 2012 that explains what to do:

 

Disable Traces: http://support.kaspersky.com/7077 and then delete files with log.enc1 extensions.

For 2013: http://support.kaspersky.com/9078

 

Manual steps:

1.Open the main application window.
2.Click the Support link at the bottom of the window.
3.Click the Support tools at the bottom of the Support window.
4.In the Support Tools window, click the "Disable Trace" button.

 

 

 

Please post back and let us know if this resolves your issue,

 

daledoc1

[PeregrineKodiak]

Thanks guys - I will do this tonight.

[PeregrineKodiak]

Hi there,

 

I'm still getting these files. I don't think I have Kapersky. I only had it for a couple of days when I was trying to fix this problem with "Maniac". David, I don't get a window that tells me "Access Denied". I get this:

 

"You need permission to perform this action. You require permission from SYSTEM to make changes to this folder." During the malware deletion process, that prompt changed, and asked me if I wanted to gain access to the folder. I didn't click on that prompt, because I was afraid I'd get a virus.

[David H. Lipman]

Access Denied or "You need permission to perform this action."...

 

Depending on the OS you will just have to take "Ownership" of the folder and files, give yourself rights and delete them.

 

What is the Operating System ?

[PeregrineKodiak]

Windows 7, 64 bit.

[David H. Lipman]

You can only work on one folder at a time such as "3b3c3ba11ab4b9a810c00044"

 

1. Right-Click on the folder and choose "Properties"
2. Choose the "Security" tab
3. Choose; "Advanced"
4. Choose the "Owner" tab
5. Choose; "Edit"
6. Highlight your account or the "Administrators" group
7. Check the box "Replace owner on subcontainers..."
8. Choose; Apply, OK, OK
9. Find in the listing of accounts and groups given rights "Administrators"
10. Under "Allow" make sure all boxes are checked (full rights)
11. Choose; Ok, Ok

You should now be able to delete that folder and you would repeat for the others.

 

NOTE:    If your logged in account is NOT a member of "Administrators", then in step #6 you will "Add" your account and apply what is in step #9 to that account.

[PeregrineKodiak]

Your instructions say:

 

9. Find in the listing of accounts and groups given rights "Administrators"

10. Under "Allow" make sure all boxes are checked (full rights)

 

I'm sorry, but this part is over my head. Where do I access the listing of accounts and groups given rights as administrators? I didn't find a window automatically that gave me these options. (I'm not very tech savy).

[David H. Lipman]

The following the ¹Administrators group highlighted and ready to make the change....

 

 

On this notebook I have added my account.  I login as;  admin

 

 

 

 

------------

1.  The PC is named ORANGE-PC, the user account is Admin who is also members of the local group Administrators

These are shown in the format;  Computer_Name\User_Name or Computer_Name\Group_Name

 

So they are represented in the above as;  ORANGE-PC\Admin   and  ORANGE-PC\Administrators

[Porthos]

This will help you do it with a registry fix.

 

http://www.howtogeek.com/howto/windows-vista/add-take-ownership-to-explorer-right-click-menu-in-vista/

 

Use it all the time.

 

Add "Take Ownership" to Explorer Right-Click Menu in Win 7 or Vista

Taking ownership of system files or folders in Windows 7 or Vista is not a simple task. Whether you use the GUI or the command line, it takes far too many steps.

Thankfully somebody created a registry hack that will give you a menu item for “Take Ownership” that will handle all the steps for you.  (If you are the person that originally made this script, let me know and I’ll give you credit)

Here’s what the new right-click menu will look like after installing this registry hack.

Install

Download and unzip the files contained in the zipfile. Double-click the InstallTakeOwnership.reg file and click through the prompts. No reboot necessary.

Uninstall

Double-click the RemoveTakeOwnership.reg file and click through the prompts. No reboot necessary.

[David H. Lipman]

Thanx Porthos that's very helpful. 

 

 

[AdvancedSetup]

The video here also demonstrates how to take Ownership

http://forums.malwarebytes.org/index.php?showtopic=124715

[PeregrineKodiak]

Hey, that registry hack made it really easy to delete those files. Thanks a lot! In my D drive, I got half a gig back.

 

I'm thinking that there are files in my C drive taking up a lot of space, but I'm not sure how to find them. I'm also not sure what program is turning my computer on at 3 am and creating files.

 

I did a little exploring, and found a folder that seemed suspicious - it was called Qoobox. I took ownership and deleted it, but I thought I should mention it. It's in my recycle bin now. I wonder if I need that?

[AdvancedSetup]

Qoobox is there because you did not follow directions on removing Combofix at some point.

Click on START and type in CMD.EXE and when it shows on the menu right click over it and choose "Run as administrator"

Then type or copy/paste the following into the DOS console line by line and press the Enter key after each line

CD\

schtasks /query /fo table >MyScheduledTasks.txt

Then copy/paste or attach the file: MyScheduledTasks.txt to your next reply.

[PeregrineKodiak]

I think that my "Start" might be different than that. I have a "Shutdown" button, which when you right click, you get options like "log off" "restart" "hibernate". I don't believe I have a "Start". If I do, I'm not sure where to find it. (Sorry).

[daledoc1]

Hi:

 

You are running Win7, right?

Here are a couple of screenshots to get you started, until AdvancedSetup & the other members return:

 

Click on START and type in CMD.EXE and when it shows on the menu right click over it and choose "Run as administrator"

 

Then please follow the rest of AdvancedSetup's suggestions:

 

Then type or copy/paste the following into the DOS console line by line and press the Enter key after each line

CD\

schtasks /query /fo table >MyScheduledTasks.txt

Then copy/paste or attach the file: MyScheduledTasks.txt to your next reply.

Hope this helps,

daledoc1

[CWB]

a little thought about the comp turning on and downloading at 0300 ...

i recall that i have seen several windows machines that have the 0300 time for/in "automatic updates" by default .

while this may not be the exact cause of the issue , it is one thing to check and one less thing to be concerned with .

 

ps ...

@ porthos :

thanks for the registry info .

[AdvancedSetup]

Please run the following so we know for sure what you're running here.

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

• When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
• You can ignore the note about zipping the Attach.txt file.

[PeregrineKodiak]

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 1.6.0_18
Run by Free Bird at 13:19:57 on 2013-09-01
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3893.2119 [GMT -5:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Dell\DellComms\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\AllChars\AllChars.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
C:\Program Files (x86)\DELL\DellComms\bin\sprtcmd.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\SoftwareDistribution\Download\Install\ndp40-kb2840628-v2-x64.exe
d:\3b13d4aa9d4724d60137f964\Setup.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [Facebook Update] "C:\Users\Free Bird\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [DellComms] "C:\Program Files (x86)\Dell\DellComms\bin\sprtcmd.exe" /P DellComms
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [blackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
StartupFolder: C:\Users\FREEBI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\FREEBI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AllChars.lnk - C:\Program Files (x86)\AllChars\AllChars.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: &Save the YouTube video as MP3 - C:\Users\Free Bird\AppData\Roaming\Free YouTube to MP3 Converter Studio\Free YouTube to MP3 Converter Studio.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll



TCP: NameServer = 192.168.1.1
TCP: Interfaces\{30229B51-6BC5-4D5A-81BB-C7FC8F69C826} : DHCPNameServer = 24.217.0.5 24.217.201.67 24.247.15.53
TCP: Interfaces\{858B84A8-F1E7-49BB-93AC-C690F586E259} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{858B84A8-F1E7-49BB-93AC-C690F586E259}\2656C6B696E6E2432663 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{858B84A8-F1E7-49BB-93AC-C690F586E259}\7586F6C65664F6F64637D41627B65647 : DHCPNameServer = 172.16.1.1
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - <orphaned>
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"



x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Free Bird\AppData\Roaming\Mozilla\Firefox\Profiles\eciapt2f.default\
FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - ExtSQL: 2013-08-05 09:48; jid1-RgQXqotzndApjg@jetpack; C:\Users\Free Bird\AppData\Roaming\Mozilla\Firefox\Profiles\eciapt2f.default\extensions\jid1-RgQXqotzndApjg@jetpack
FF - ExtSQL: !HIDDEN! 2010-05-19 16:30; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-3-3 55280]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-8-20 45856]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-10-9 92160]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2011-3-17 517632]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
R2 sprtsvc_DellComms;SupportSoft Sprocket Service (DellComms);C:\Program Files (x86)\DELL\DellComms\bin\sprtsvc.exe [2009-5-5 206064]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2010-3-3 172704]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-9-26 233984]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-8-20 239616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2009-7-16 220672]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-16 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]
S3 vzandnetdiag;LGE AndroidNet for VZW USB Serial Port;C:\Windows\System32\drivers\lgvzandnetdiag64.sys [2013-5-6 29696]
S3 vzandnetmodem;LGE AndroidNet for VZW USB Modem;C:\Windows\System32\drivers\lgvzandnetmdm64.sys [2013-5-6 36864]
S3 vzandnetndis;LGE AndroidNet for VZW NDIS Ethernet Adapter;C:\Windows\System32\drivers\lgvzandnetndis64.sys [2013-7-6 94208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-21 1255736]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-08-22 18:44:42    --------    d-----w-    C:\ProgramData\Kaspersky Lab
2013-08-22 04:48:09    --------    d-sh--w-    C:\$RECYCLE.BIN
2013-08-20 20:20:50    17737608    ----a-w-    C:\Windows\SysWow64\FlashPlayerInstaller.exe
2013-08-20 16:10:16    --------    d-----w-    C:\Program Files (x86)\ESET
2013-08-20 15:23:48    --------    d-----w-    C:\Windows\ERUNT
2013-08-20 15:06:25    --------    d-----w-    C:\Users\Free Bird\AppData\Local\AVG SafeGuard toolbar
2013-08-20 15:06:05    45856    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2013-08-20 15:06:01    --------    d-----w-    C:\ProgramData\AVG SafeGuard toolbar
2013-08-20 15:06:00    --------    d-----w-    C:\Program Files (x86)\AVG SafeGuard toolbar
2013-08-20 15:05:29    --------    d--h--w-    C:\ProgramData\Common Files
2013-08-17 22:22:42    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-08-15 16:14:01    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2013-08-15 16:14:00    2048    ----a-w-    C:\Windows\System32\tzres.dll
2013-08-14 22:20:56    539984    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2013-08-14 01:58:01    224256    ----a-w-    C:\Windows\System32\wintrust.dll
2013-08-14 01:58:01    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-08-14 01:58:01    175104    ----a-w-    C:\Windows\SysWow64\wintrust.dll
2013-08-14 01:58:01    1472512    ----a-w-    C:\Windows\System32\crypt32.dll
2013-08-14 01:58:01    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-08-14 01:58:01    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-08-14 01:58:01    1166848    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-08-14 01:58:00    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
2013-08-08 05:46:37    737072    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2013-08-08 05:46:21    2876528    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-08-08 05:46:02    42776    ----a-w-    C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-08-05 15:54:53    --------    d-----w-    C:\ProgramData\Verizon
2013-08-05 15:54:52    --------    d-----w-    C:\Users\Free Bird\AppData\Local\Backup Assistant Plus
2013-08-05 15:54:30    57344    ----a-w-    C:\Windows\SysWow64\ff_vfw.dll
2013-08-05 15:54:29    60273    ----a-w-    C:\Windows\SysWow64\pthreadGC2.dll
2013-08-05 15:54:27    --------    d-----w-    C:\Program Files (x86)\ffdshow
2013-08-05 15:48:41    --------    d-----w-    C:\LGMobileUpgrade
2013-08-05 15:47:44    --------    d-----w-    C:\Program Files (x86)\LG Electronics
2013-08-05 15:45:27    5474304    ----a-w-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LG_VZW_United_WHQL_v2.11.1.msi
2013-08-05 15:45:23    98304    ----a-w-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2013-08-05 15:45:23    24576    ----a-w-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2013-08-05 15:45:18    1347584    ----a-w-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2013-08-05 15:44:56    98304    ----a-r-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\F\LGUTchkdl.dll
2013-08-05 15:44:56    24576    ----a-r-    C:\Users\Free Bird\AppData\Roaming\Microsoft\Windows\Templates\F\LGEUSBAutorun.dll
.
==================== Find3M  ====================
.
2013-08-20 20:20:59    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 20:20:59    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-26 05:13:37    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-07-26 05:12:08    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:39:38    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54    1888768    ----a-w-    C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27    1620992    ----a-w-    C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-09 06:03:30    5550528    ----a-w-    C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22    1732032    ----a-w-    C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12    243712    ----a-w-    C:\Windows\System32\wow64.dll
2013-07-09 05:51:16    1217024    ----a-w-    C:\Windows\System32\rpcrt4.dll
2013-07-09 05:03:34    3968960    ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34    3913664    ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47    1292192    ----a-w-    C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33    663552    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33    5120    ----a-w-    C:\Windows\SysWow64\wow32.dll
2013-07-09 04:45:07    44032    ----a-w-    C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42    25600    ----a-w-    C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41    7680    ----a-w-    C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39    14336    ----a-w-    C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38    2048    ----a-w-    C:\Windows\SysWow64\user.exe
2013-07-06 16:13:00    94208    ----a-w-    C:\Windows\System32\drivers\lgvzandnetndis64.sys
2013-07-06 06:03:53    1910208    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-25 08:03:34    9728    ---ha-w-    C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-15 04:32:16    39936    ----a-w-    C:\Windows\System32\drivers\tssecsrv.sys
2013-06-05 03:34:27    3153920    ----a-w-    C:\Windows\System32\win32k.sys
2013-06-04 06:00:13    624128    ----a-w-    C:\Windows\System32\qedit.dll
2013-06-04 04:53:07    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
.
============= FINISH: 13:20:28.92 ===============
 

[PeregrineKodiak]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/6/2010 10:29:25 PM
System Uptime: 9/1/2013 1:00:10 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 08CNC9
Processor: Intel® Core i3 CPU       M 330  @ 2.13GHz | U2E1 | 2133/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 59 GiB total, 3.915 GiB free.
D: is FIXED (NTFS) - 230 GiB total, 111.253 GiB free.
E: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Photosmart Plus B210 series
Device ID: ROOT\MULTIFUNCTION\0014
Manufacturer:
Name: Photosmart Plus B210 series
PNP Device ID: ROOT\MULTIFUNCTION\0014
Service:
.
Class GUID:
Description: Deskjet 3050A J611 series
Device ID: ROOT\MULTIFUNCTION\0004
Manufacturer:
Name: Deskjet 3050A J611 series
PNP Device ID: ROOT\MULTIFUNCTION\0004
Service:
.
==== System Restore Points ===================
.
RP707: 9/1/2013 1:05:07 PM - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Dreamweaver CS5.5
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader X (10.1.7)
Adobe Widget Browser
Advanced Audio FX Engine
AllChars 4.0.321
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ARO 2013
ATT-RC Self Support Tool
Audacity 1.3.12 (Unicode)
Avery Template
AVG SafeGuard toolbar
Banctec Service Agreement
BlackBerry Desktop Software 5.0
BlackBerry Desktop Software 6.0
BlackBerry® Media Sync
Bonjour
BufferChm
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Complete Care Business Service Agreement
Complete Care Consumer Service Agreement
Consumer In-Home Service Agreement
Copy
Cozi
Dell Communications (Support Software)
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Home Systems Service Agreement
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Central
Dell Wireless WLAN Card Utility
Destinations
DeviceDiscovery
DJ_AIO_03_F4200_Software_Min
Doxillion Document Converter
ESET Online Scanner v3
Express Burn Disc Burning Software
F4200
Facebook Video Calling 1.2.0.287
ffdshow [rev 2527] [2008-12-19]
Free M4a to MP3 Converter 7.1
Free YouTube to MP3 Converter Studio 7.3
GIMP 2.6.8
Google Chrome
Google Earth
Google Update Helper
GoToAssist 8.0.0.514
GPBaseService2
GPL Ghostscript
HP Customer Participation Program 13.0
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Photosmart Plus B209a-m All-in-One Driver 14.0 Rel. 6
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Intel® Graphics Media Accelerator Driver
iTunes
Java Auto Updater
Java 6 Update 16 (64-bit)
Java 6 Update 18
Junk Mail filter update
LG VZW United Drivers
Live! Cam Avatar Creator
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MixPad Audio Mixer
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
Network64
OpenOffice.org 3.2
PowerDVD DX
PS_AIO_06_B209a-m_SW_Min
QualXServ Service Agreement
Quickset64
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Burn
Scan
Scribus 1.4.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Shop for HP Supplies
Skype Toolbars
Skype™ 5.10
SmartWebPrinting
SolutionCenter
Status
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VirtualDJ Home FREE
VirtualDJ PRO Full
WavePad Sound Editor
WebReg
WildTangent Games
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Zipeg
.
==== Event Viewer Messages From Past Week ========
.
9/1/2013 1:03:41 PM, Error: Service Control Manager [7023]  - The Peer Name Resolution Protocol service terminated with the following error:  %%-2140993535
9/1/2013 1:03:41 PM, Error: Service Control Manager [7001]  - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:  %%-2140993535
9/1/2013 1:03:41 PM, Error: Microsoft-Windows-PNRPSvc [102]  - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
9/1/2013 1:01:38 PM, Error: Service Control Manager [7000]  - The vToolbarUpdater15.4.0 service failed to start due to the following error:  The system cannot find the file specified.
.
==== End Of File ===========================
 

[PeregrineKodiak]

Thanks for all the help, people! This is teaching me a lot.

[AdvancedSetup]

You have a few things going on that will require a bit more work and use of tools not authorized in this forum.  Please open a new post in the Malware Removal forum

http://forums.malwarebytes.org/index.php?showforum=7

 

Ask for me and link to this topic and I'll assist you further.

 

Thanks