Jump to content

Laptop has virus. Won't connect to internet.

brendanboo

By brendanboo
in Resolved Malware Removal Logs

 Share

Recommended Posts

brendanboo

brendanboo

Posted
Posted

I'm trying to clean a virus off of this laptop, however I am unable to run Malwarebytes. It gives me a runtime error if I try to open the program. I tried to run Chameleon and I get the same run time error. As of today, the computer will not access the internet, It connects to the router and has an excellent signal strength but wont connect to the internet. Any help would be greatly appreciated.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

If you've not already done so please start here and post back the 2 log files DDS.txt and Attach.txt

P2P/Piracy Warning:
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.




Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)




STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.



STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


 

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

Here are the two files.
 

 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 7/23/2012 2:42:05 PM
System Uptime: 11/15/2013 8:09:27 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 01HXXJ
Processor: Intel® Core i3-2370M CPU @ 2.40GHz | CPU 1 | 2400/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 811.76 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_05041028&REV_05\4&11A9D17&0&00E1
Manufacturer: Realtek
Name: Realtek PCIe FE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_05041028&REV_05\4&11A9D17&0&00E1
Service: RTL8167
.
==== System Restore Points ===================
.
RP119: 9/26/2013 3:01:14 AM - Windows Update
RP120: 10/3/2013 11:12:31 PM - Windows Update
RP121: 10/12/2013 1:49:30 PM - Windows Update
RP122: 10/18/2013 11:02:13 AM - Windows Update
RP123: 11/7/2013 9:11:02 PM - Windows Update
RP124: 11/8/2013 3:00:32 AM - Windows Update
RP125: 11/9/2013 3:02:13 AM - Windows Update
RP126: 11/15/2013 6:37:51 PM - Windows Update
.
==== Installed Programs ======================
.
Accidental Damage Services Agreement
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7) MUI
Advanced Audio FX Engine
Amazon MP3 Downloader 1.0.17
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Banctec Service Agreement
Bing Bar
Blio
Bluetooth Win7 Suite (64)
Bonjour
Complete Care Business Service Agreement
Consumer In-Home Service Agreement
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Edoc Viewer
Dell Getting Started Guide
Dell Home Systems Service Agreement
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Stage Remote
Dell Touchpad
Dell VideoStage 
Dell Webcam Central
Dell WLAN and Bluetooth Client Installation
Facebook Video Calling 1.2.0.287
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
IDT Audio
iLivid
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Internet TV for Windows Media Center
iTunes
Java 7 Update 17
Java Auto Updater
Junk Mail filter update
Kaspersky Internet Security 2012
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.)
Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.)
MSVCRT
MSVCRT_amd64
My Dell
Nero 10 Movie ThemePack Basic
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
Picasa 3
PlayReady PC Runtime x86
Premium Service Agreement
QualxServ Service Agreement
Quickset64
QuickTime
Realtek Ethernet Controller Driver
Realtek USB 2.0 Card Reader
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition
Skype Click to Call
Skype™ 5.10
SyncUP
Tweaking.com - Windows Repair (All in One)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Video Downloader
VIO Player version 1.0.1
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Center Add-in for Flash
Zinio Reader 4
.
==== Event Viewer Messages From Past Week ========
.
11/8/2013 3:01:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows 7 for x64-based Systems (KB2882822).
11/8/2013 3:01:01 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302).
11/8/2013 3:00:53 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939).
11/8/2013 11:34:06 AM, Error: Service Control Manager [7034]  - The Skype C2C Service service terminated unexpectedly.  It has done this 1 time(s).
11/8/2013 11:05:08 AM, Error: Service Control Manager [7006]  - The ScRegSetValueExW call failed for DeleteFlag with the following error:  Access is denied.
11/8/2013 10:41:22 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Telephony service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:22 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the DNS Client service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:13 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:13 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:13 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:13 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Extensible Authentication Protocol service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:41:07 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Audio Endpoint Builder service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:40:27 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Event Log service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:40:22 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Cryptographic Services service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:40:07 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Program Compatibility Assistant Service service, but this action failed with the following error:  An instance of the service is already running.
11/8/2013 10:39:27 AM, Error: Service Control Manager [7031]  - The Windows Event Log service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:39:27 AM, Error: Service Control Manager [7031]  - The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:39:27 AM, Error: Service Control Manager [7031]  - The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/8/2013 10:39:27 AM, Error: Service Control Manager [7031]  - The Security Center service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/8/2013 10:39:27 AM, Error: Service Control Manager [7031]  - The DHCP Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/8/2013 10:37:33 AM, Error: Service Control Manager [7031]  - The Windows Defender service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The WLAN AutoConfig service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Windows Audio Endpoint Builder service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Superfetch service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Program Compatibility Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Network Connections service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Human Interface Device Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Distributed Link Tracking Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/8/2013 10:37:19 AM, Error: Service Control Manager [7031]  - The Desktop Window Manager Session Manager service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
11/15/2013 8:56:19 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00-04-4B-03-14-92. Network operations on this system may be disrupted as a result.
11/15/2013 8:08:08 PM, Error: Service Control Manager [7023]  - The Nero Update service terminated with the following error:  %%-2147467262
11/15/2013 8:08:04 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
11/15/2013 8:08:04 PM, Error: Service Control Manager [7000]  - The Dell Digital Delivery Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/15/2013 6:51:53 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
11/15/2013 6:50:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/15/2013 6:50:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/15/2013 6:50:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/15/2013 6:50:03 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/15/2013 6:49:31 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm discache KLIF spldr Wanarpv6
11/15/2013 6:40:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition.
11/15/2013 6:40:08 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition.
11/15/2013 6:39:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition.
11/15/2013 6:39:34 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition.
11/15/2013 6:39:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition.
11/15/2013 6:39:27 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302).
11/15/2013 6:39:20 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition.
11/15/2013 6:39:09 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939).
.
==== End Of File ===========================
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.17.2
Run by Marissa at 20:58:06 on 2013-11-15
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6052.4218 [GMT -8:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
\\?\C:\windows\system32\wbem\WMIADAP.EXE
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - <orphaned>
BHO: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - <orphaned>
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} - <orphaned>
BHO: {AA58ED58-01DD-4d91-8333-CF10577473F7} - <orphaned>
BHO: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - <orphaned>
BHO: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - <orphaned>
BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - <orphaned>
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: {E33CF602-D945-461A-83F0-819F76A199F8} - <orphaned>
BHO: {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - <orphaned>
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Facebook Update] "C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Marissa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - <orphaned>
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - <orphaned>
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38}\34F6666656560234F64747167656 : DHCPNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38}\B44514D4 : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-9-19 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-9-19 205320]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-9-19 1032416]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-9-19 409832]
R1 kl2;kl2;C:\windows\System32\drivers\kl2.sys [2011-3-4 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2011-3-10 29488]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-6-17 89600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-9-19 38984]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-9-19 84328]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-5-20 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2011-5-20 80032]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-7 50344]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 DatamngrCoordinator;Datamngr Coordinator;C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2013-8-31 3362816]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-17 13336]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-6-17 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-17 2656280]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2011-5-20 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2011-5-20 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2011-5-20 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2011-5-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2011-5-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2011-5-20 154272]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-5-20 282272]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-6-17 176096]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-6-17 317440]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-9 166912]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 206448]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-17 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-17 533096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-25 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-11-16 02:43:22 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-09 11:04:58 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B288F202-0583-4BCD-B524-BA6EBFB45EE7}\mpengine.dll
2013-11-08 19:07:43 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-08 19:05:37 116440 ----a-w- C:\windows\System32\drivers\48230029.sys
2013-11-08 19:05:08 91352 ----a-w- C:\windows\System32\drivers\1C044AF1.sys
2013-11-08 18:57:50 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2013-11-08 07:22:44 -------- d-----w- C:\Users\Marissa\AppData\Roaming\AVAST Software
2013-11-08 06:51:31 98816 ----a-w- C:\windows\sed.exe
2013-11-08 06:51:31 256000 ----a-w- C:\windows\PEV.exe
2013-11-08 06:51:31 208896 ----a-w- C:\windows\MBR.exe
.
==================== Find3M  ====================
.
2013-11-08 07:19:51 92544 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-11-08 07:19:51 84328 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-11-08 07:19:51 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-11-08 07:19:51 205320 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-11-08 07:19:51 1032416 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-11-08 07:19:50 43152 ----a-w- C:\windows\avastSS.scr
2013-10-12 20:27:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-12 20:27:35 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-09-03 21:35:10 278800 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 20:58:32.01 ===============
 
Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

Here is the rkill.txt
 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 11/15/2013 09:28:19 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 11/15/2013 09:28:59 PM
Execution time: 0 hours(s), 0 minute(s), and 40 seconds(s)
Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

While installing erunt, multiple times an error popped up. The error was "cocreateinstance failed; code 0x80040154. It popped up multiple times, however I was still able to run erunt after the install finished.

Also, I am unable to access properties after right clicking on my computer. Nothing pops up. 

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

And finally, here is the last report.
 

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Marissa [Admin rights]
Mode : Scan -- Date : 11/15/2013 21:41:42
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 3 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 5e8fb8829ab3252a14fda3d548a22e5e
[bSP] b5ac39e5023ecc2d534f23bd11dba4fe : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 20000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 41166848 | Size: 933767 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_S_11152013_214142.txt >>
RKreport[0]_S_11152013_213953.txt
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please copy this file over to the computer and run it from Normal Mode if possible.  If it won't run then try from Safe Mode

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted
ComboFix 13-11-15.01 - Marissa 11/15/2013  22:36:41.2.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6052.3829 [GMT -8:00]

Running from: c:\users\Marissa\Desktop\ComboFix.exe

AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\END

c:\programdata\Wincert\WIN32C~1.DLL

c:\windows\SysWow64\FlashPlayerApp.exe

.

.

(((((((((((((((((((((((((   Files Created from 2013-10-16 to 2013-11-16  )))))))))))))))))))))))))))))))

.

.

2013-11-16 06:42 . 2013-11-16 06:42 -------- d-----w- c:\users\Guest\AppData\Local\temp

2013-11-16 06:42 . 2013-11-16 06:42 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-11-16 05:31 . 2013-11-16 05:32 -------- d-----w- c:\program files (x86)\ERUNT

2013-11-09 11:04 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B288F202-0583-4BCD-B524-BA6EBFB45EE7}\mpengine.dll

2013-11-08 19:07 . 2013-11-08 19:17 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)

2013-11-08 19:05 . 2013-11-08 19:05 116440 ----a-w- c:\windows\system32\drivers\48230029.sys

2013-11-08 19:05 . 2013-11-08 19:05 91352 ----a-w- c:\windows\system32\drivers\1C044AF1.sys

2013-11-08 18:57 . 2013-11-08 18:57 -------- d-----w- c:\program files (x86)\Tweaking.com

2013-11-08 07:22 . 2013-11-08 07:22 -------- d-----w- c:\users\Marissa\AppData\Roaming\AVAST Software

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-11-08 07:19 . 2013-09-20 02:13 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-11-08 07:19 . 2013-09-20 02:13 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-11-08 07:19 . 2013-09-20 02:13 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2013-11-08 07:19 . 2013-09-20 02:13 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-11-08 07:19 . 2013-09-20 02:13 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-11-08 07:19 . 2013-09-20 02:13 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-11-08 07:19 . 2013-09-20 02:13 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-11-08 07:19 . 2013-09-20 02:13 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-11-08 07:19 . 2013-09-20 02:13 334648 ----a-w- c:\windows\system32\aswBoot.exe

2013-11-08 07:19 . 2013-09-20 02:12 43152 ----a-w- c:\windows\avastSS.scr

2013-10-18 18:03 . 2013-07-09 22:49 80541720 ----a-w- c:\windows\system32\MRT.exe

2013-10-12 20:27 . 2012-06-18 04:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-09-03 21:35 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-12-08 39408]

"Facebook Update"="c:\users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-12-23 138096]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2011-04-13 503942]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-12 283160]

"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-09-03 40312]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2012-02-01 968048]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-11-28 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-08-21 67496]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-08 3568312]

.

c:\users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-6-25 228552]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"midi2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring"=dword:00000001

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]

R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]

R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys;c:\windows\SYSNATIVE\DRIVERS\kl2.sys [x]

S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]

S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]

S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [x]

S2 DatamngrCoordinator;Datamngr Coordinator;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe;c:\program files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-09-08 08:31 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-18 20:27]

.

2013-11-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core.job

- c:\users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-23 03:56]

.

2013-11-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA.job

- c:\users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-23 03:56]

.

2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 06:37]

.

2013-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 06:37]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-11-08 07:19 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-30 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-30 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-30 418840]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-03-29 608112]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]

"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]

"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]

"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]

"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2012-02-01 2195824]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm



mLocal Page = c:\windows\SysWOW64\blank.htm



IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

Trusted Zone: genieo.com\search

TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)

Toolbar-{ec2bae47-25af-4ce9-9e78-10627a49c9ea} - (no file)

Toolbar-10 - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-11-15  22:44:06

ComboFix-quarantined-files.txt  2013-11-16 06:44

ComboFix2.txt  2013-11-08 07:07

.

Pre-Run: 871,477,592,064 bytes free

Post-Run: 871,188,623,360 bytes free

.

- - End Of File - - A61381D0AA01EDACE146EFC8B4D60757
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please download Malwarebytes Anti-Rootkit from HERE
If needed there is a self help tutorial here: MBAR tutorial

  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

 
 
Inside the MBAR folder you'll also find a folder called PLugin and inside that folder is a file named FIXDAMAGE.EXE
Right click over fixdamage.exe and choose "Run as administrator" and restart the computer.
 
Then run the following and post back the log.
 
Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.


 

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

mbar-log
 

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org
 
Database version: v2013.11.16.02
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Marissa :: MARISSA-PC [administrator]
 
11/15/2013 11:22:29 PM
mbar-log-2013-11-15 (23-22-29).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 252648
Time elapsed: 7 minute(s), 56 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 


system-log

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1007
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16660
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 6346268672, free: 3957198848
 
Downloaded database version: v2013.11.16.02
Downloaded database version: v2013.10.11.02
=======================================
Initializing...
------------ Kernel report ------------
     11/15/2013 23:22:25
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\??\C:\windows\system32\drivers\aswSnx.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\??\C:\windows\system32\drivers\aswTdi.sys
\SystemRoot\system32\DRIVERS\kl2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\??\C:\windows\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\windows\system32\drivers\aswSP.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\windows\system32\drivers\aswMonFlt.sys
\??\C:\windows\system32\drivers\aswFsBlk.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\monitor.sys
\??\C:\windows\system32\Drivers\PROCEXP113.SYS
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\clbcatq.dll
\Windows\System32\lpk.dll
\Windows\System32\urlmon.dll
\Windows\System32\imm32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\advapi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\kernel32.dll
\Windows\System32\gdi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\sechost.dll
\Windows\System32\nsi.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\difxapi.dll
\Windows\System32\ole32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\setupapi.dll
\Windows\System32\wininet.dll
\Windows\System32\psapi.dll
\Windows\System32\msctf.dll
\Windows\System32\user32.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007861060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8005902050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007861060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80076cd8b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007861060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004f09c90, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8005902050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 664BFF29
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 40960000
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 41166848  Numsec = 1912356272
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1953505168-1953525168)...
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_206848_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished
 
Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

frst.txt
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Marissa (administrator) on MARISSA-PC on 15-11-2013 23:41:01
Running from C:\Users\Marissa\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Facebook Inc.) C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(Bandoo Media Inc.) C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)
HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [stage Remote] - C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj [483424 2012-02-01] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-12-07] (Google Inc.)
HKCU\...\Run: [Facebook Update] - C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-22] (Facebook Inc.)
HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928 2012-07-13] (Skype Technologies S.A.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [iAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AccuWeatherWidget] - C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj [2835443 2012-02-01] ()
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\qttask.exe [421888 2012-11-27] (Apple Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NeroLauncher] - C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-07] (AVAST Software)
AppInit_DLLs: c:\progra~3\wincert\win64c~1.dll c:\progra~2\movies~1\datamngr\x64\mgrldr.dll [8704 2013-04-09] ()
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll [17408 2013-08-13] ()
Startup: C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll [647680 2013-08-13] () <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll [476672 2013-08-13] () <===== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN10645A&gct=hp&d=406-367&v=n8811-91&t=4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBA16D625CD6ACD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {85FF67E1-33E6-43B6-8604-AD977D9FAE67} URL = http://search.genieo.com/results.html?v=w3i18W_29&wtag=W3i_IA,206,0_01,DefaultSearch,20130624,19841,6,0,&q={searchTerms}
SearchScopes: HKCU - {8E6D7AC1-1A3D-4A6B-BE08-BC7C6CE2AC3B} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3131886
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  No File
BHO-x32: No Name - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -  No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: No Name - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -  No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  No File
BHO-x32: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
BHO-x32: No Name - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -  No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: No Name - {E33CF602-D945-461A-83F0-819F76A199F8} -  No File
BHO-x32: No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} -  No File
Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} -  No File
Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  No File
Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} -  No File
Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} -  No File
Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} -  No File
Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} -  No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} -  No File
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Chrome: 
=======
CHR DefaultSuggestURL: (Ask.com) -       "suggest_url": ""
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll (Kaspersky Lab ZAO)
CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll (Kaspersky Lab ZAO)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Movies Toolbar) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\21.56092_0
CHR Extension: (YouTube) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (avast! Online Security) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Virtual Keyboard) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0
CHR Extension: (Torch Share) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof\1.0.0.4232_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Bitdefender QuickScan) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0
CHR Extension: (Gmail) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR Extension: (Anti-Banner) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0
CHR Extension: () - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir_1132_25245
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Marissa\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx
 
==================== Services (Whitelisted) =================
 
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-07] (AVAST Software)
S3 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2012-10-31] (Kaspersky Lab ZAO)
R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3362816 2013-08-13] (Bandoo Media Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-07] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-15] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [65264 2013-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-07] ()
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2012-10-31] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-15 23:41 - 2013-11-15 23:41 - 00022725 _____ C:\Users\Marissa\Desktop\FRST.txt
2013-11-15 23:40 - 2013-11-15 23:39 - 01957794 _____ (Farbar) C:\Users\Marissa\Desktop\FRST64.exe
2013-11-15 23:39 - 2013-11-15 23:39 - 01957794 _____ (Farbar) C:\Users\Marissa\Downloads\FRST64.exe
2013-11-15 23:39 - 2013-11-15 23:39 - 00000000 ____D C:\FRST
2013-11-15 23:34 - 2013-11-15 23:34 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-15 23:22 - 2013-11-15 23:22 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-15 23:21 - 2013-11-15 23:30 - 00000000 ____D C:\Users\Marissa\Desktop\mbar
2013-11-15 23:21 - 2013-11-15 23:21 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.07.0.1007 (1).exe
2013-11-15 23:21 - 2013-11-15 23:21 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-15 22:44 - 2013-11-15 22:44 - 00020270 _____ C:\ComboFix.txt
2013-11-15 22:34 - 2013-11-15 22:33 - 05146278 ____R (Swearware) C:\Users\Marissa\Desktop\ComboFix.exe
2013-11-15 22:33 - 2013-11-15 22:33 - 05146278 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix (2).exe
2013-11-15 21:41 - 2013-11-15 21:41 - 00001731 _____ C:\Users\Marissa\Desktop\RKreport[0]_S_11152013_214142.txt
2013-11-15 21:39 - 2013-11-15 21:39 - 00000928 _____ C:\Users\Marissa\Desktop\RKreport[0]_S_11152013_213953.txt
2013-11-15 21:38 - 2013-11-15 21:42 - 00000000 ____D C:\Users\Marissa\Desktop\RK_Quarantine
2013-11-15 21:38 - 2013-11-15 21:39 - 04161024 _____ C:\Users\Marissa\Downloads\RogueKillerX64 (1).exe
2013-11-15 21:38 - 2013-11-15 21:38 - 04161024 _____ C:\Users\Marissa\Downloads\RogueKillerX64.exe
2013-11-15 21:31 - 2013-11-15 21:32 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-11-15 21:31 - 2013-11-15 21:31 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Marissa\Downloads\erunt-setup.exe
2013-11-15 21:28 - 2013-11-15 21:28 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Marissa\Downloads\rkill.exe
2013-11-15 21:28 - 2013-11-15 21:28 - 00002122 _____ C:\Users\Marissa\Desktop\Rkill.txt
2013-11-15 20:57 - 2013-11-15 20:57 - 00688992 ____R (Swearware) C:\Users\Marissa\Downloads\dds (1).com
2013-11-15 20:57 - 2013-11-15 20:57 - 00688992 _____ (Swearware) C:\Users\Marissa\Downloads\dds (2).com
2013-11-08 11:53 - 2013-11-15 20:58 - 00022217 _____ C:\Users\Marissa\Desktop\attach.txt
2013-11-08 11:53 - 2013-11-15 20:58 - 00019134 _____ C:\Users\Marissa\Desktop\dds.txt
2013-11-08 11:52 - 2013-11-08 11:52 - 00688992 ____R (Swearware) C:\Users\Marissa\Desktop\dds.com
2013-11-08 11:52 - 2013-11-08 11:52 - 00688992 _____ (Swearware) C:\Users\Marissa\Downloads\dds.com
2013-11-08 11:38 - 2013-11-08 11:38 - 05145633 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix (1).exe
2013-11-08 11:07 - 2013-11-15 23:30 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-08 11:07 - 2013-11-08 11:16 - 00000335 _____ C:\local.conf
2013-11-08 11:05 - 2013-11-08 11:05 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys
2013-11-08 11:05 - 2013-11-08 11:05 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\1C044AF1.sys
2013-11-08 11:04 - 2013-11-08 11:04 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.07.0.1007.exe
2013-11-08 11:03 - 2013-11-08 11:03 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Marissa\Downloads\tdsskiller.exe
2013-11-08 10:57 - 2013-11-08 10:57 - 04976148 _____ C:\Users\Marissa\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-11-08 10:57 - 2013-11-08 10:57 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-11-07 23:22 - 2013-11-07 23:22 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\AVAST Software
2013-11-07 23:12 - 2013-11-07 23:12 - 00702632 _____ C:\Users\Marissa\Downloads\ZipOpenerSetup.exe
2013-11-07 22:51 - 2013-11-15 22:44 - 00000000 ____D C:\Qoobox
2013-11-07 22:51 - 2011-06-25 22:45 - 00256000 _____ C:\windows\PEV.exe
2013-11-07 22:51 - 2010-11-07 09:20 - 00208896 _____ C:\windows\MBR.exe
2013-11-07 22:51 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2013-11-07 22:51 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2013-11-07 22:51 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2013-11-07 22:51 - 2000-08-30 16:00 - 00098816 _____ C:\windows\sed.exe
2013-11-07 22:51 - 2000-08-30 16:00 - 00080412 _____ C:\windows\grep.exe
2013-11-07 22:51 - 2000-08-30 16:00 - 00068096 _____ C:\windows\zip.exe
2013-11-07 22:50 - 2013-11-15 21:33 - 00000000 ____D C:\windows\erdnt
2013-11-07 22:50 - 2013-11-08 11:39 - 05145633 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix.exe
2013-11-07 21:20 - 2013-06-09 23:31 - 00000000 _____ C:\extensions.sqlite.protect
2013-11-07 21:08 - 2013-11-07 21:08 - 01440846 _____ C:\Users\Marissa\Downloads\mbam-chameleon-1.62.1.1000.zip
2013-11-07 21:04 - 2013-11-07 21:05 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marissa\Downloads\mbam-setup-1.75.0.1300 (1).exe
 
==================== One Month Modified Files and Folders =======
 
2013-11-15 23:41 - 2013-11-15 23:41 - 00022725 _____ C:\Users\Marissa\Desktop\FRST.txt
2013-11-15 23:41 - 2013-08-31 10:51 - 00000000 ____D C:\ProgramData\Datamngr
2013-11-15 23:41 - 2009-07-13 20:45 - 00020928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-15 23:41 - 2009-07-13 20:45 - 00020928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-15 23:39 - 2013-11-15 23:40 - 01957794 _____ (Farbar) C:\Users\Marissa\Desktop\FRST64.exe
2013-11-15 23:39 - 2013-11-15 23:39 - 01957794 _____ (Farbar) C:\Users\Marissa\Downloads\FRST64.exe
2013-11-15 23:39 - 2013-11-15 23:39 - 00000000 ____D C:\FRST
2013-11-15 23:38 - 2012-07-27 21:06 - 00000000 ____D C:\Users\Marissa\AppData\Local\CrashDumps
2013-11-15 23:38 - 2009-07-13 21:13 - 00796230 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-15 23:37 - 2012-07-26 00:57 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\Skype
2013-11-15 23:37 - 2012-06-17 20:21 - 01405869 _____ C:\windows\WindowsUpdate.log
2013-11-15 23:34 - 2013-11-15 23:34 - 00000000 ___RD C:\Users\Marissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2013-11-15 23:34 - 2013-09-19 18:13 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2013-11-15 23:34 - 2012-12-07 22:37 - 00000896 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-15 23:33 - 2012-06-17 20:49 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-11-15 23:33 - 2010-11-20 19:47 - 00122820 _____ C:\windows\PFRO.log
2013-11-15 23:33 - 2009-07-13 21:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-15 23:33 - 2009-07-13 20:51 - 00061935 _____ C:\windows\setupact.log
2013-11-15 23:31 - 2012-12-07 22:37 - 00000900 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-15 23:30 - 2013-11-15 23:21 - 00000000 ____D C:\Users\Marissa\Desktop\mbar
2013-11-15 23:30 - 2013-11-08 11:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-15 23:22 - 2013-11-15 23:22 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-15 23:21 - 2013-11-15 23:21 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.07.0.1007 (1).exe
2013-11-15 23:21 - 2013-11-15 23:21 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-15 23:20 - 2012-06-17 20:26 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-15 23:02 - 2012-12-22 19:57 - 00000936 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA.job
2013-11-15 22:44 - 2013-11-15 22:44 - 00020270 _____ C:\ComboFix.txt
2013-11-15 22:44 - 2013-11-07 22:51 - 00000000 ____D C:\Qoobox
2013-11-15 22:42 - 2009-07-13 18:34 - 00000215 _____ C:\windows\system.ini
2013-11-15 22:41 - 2013-08-31 10:51 - 00000000 ____D C:\ProgramData\Wincert
2013-11-15 22:33 - 2013-11-15 22:34 - 05146278 ____R (Swearware) C:\Users\Marissa\Desktop\ComboFix.exe
2013-11-15 22:33 - 2013-11-15 22:33 - 05146278 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix (2).exe
2013-11-15 21:42 - 2013-11-15 21:38 - 00000000 ____D C:\Users\Marissa\Desktop\RK_Quarantine
2013-11-15 21:41 - 2013-11-15 21:41 - 00001731 _____ C:\Users\Marissa\Desktop\RKreport[0]_S_11152013_214142.txt
2013-11-15 21:39 - 2013-11-15 21:39 - 00000928 _____ C:\Users\Marissa\Desktop\RKreport[0]_S_11152013_213953.txt
2013-11-15 21:39 - 2013-11-15 21:38 - 04161024 _____ C:\Users\Marissa\Downloads\RogueKillerX64 (1).exe
2013-11-15 21:38 - 2013-11-15 21:38 - 04161024 _____ C:\Users\Marissa\Downloads\RogueKillerX64.exe
2013-11-15 21:33 - 2013-11-07 22:50 - 00000000 ____D C:\windows\erdnt
2013-11-15 21:32 - 2013-11-15 21:31 - 00000000 ____D C:\Program Files (x86)\ERUNT
2013-11-15 21:31 - 2013-11-15 21:31 - 00791393 _____ (Lars Hederer                                                ) C:\Users\Marissa\Downloads\erunt-setup.exe
2013-11-15 21:28 - 2013-11-15 21:28 - 01898232 _____ (Bleeping Computer, LLC) C:\Users\Marissa\Downloads\rkill.exe
2013-11-15 21:28 - 2013-11-15 21:28 - 00002122 _____ C:\Users\Marissa\Desktop\Rkill.txt
2013-11-15 20:58 - 2013-11-08 11:53 - 00022217 _____ C:\Users\Marissa\Desktop\attach.txt
2013-11-15 20:58 - 2013-11-08 11:53 - 00019134 _____ C:\Users\Marissa\Desktop\dds.txt
2013-11-15 20:57 - 2013-11-15 20:57 - 00688992 ____R (Swearware) C:\Users\Marissa\Downloads\dds (1).com
2013-11-15 20:57 - 2013-11-15 20:57 - 00688992 _____ (Swearware) C:\Users\Marissa\Downloads\dds (2).com
2013-11-15 20:03 - 2009-07-13 19:20 - 00000000 ____D C:\windows\system32\NDF
2013-11-15 20:02 - 2012-12-22 19:57 - 00000914 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core.job
2013-11-08 11:52 - 2013-11-08 11:52 - 00688992 ____R (Swearware) C:\Users\Marissa\Desktop\dds.com
2013-11-08 11:52 - 2013-11-08 11:52 - 00688992 _____ (Swearware) C:\Users\Marissa\Downloads\dds.com
2013-11-08 11:39 - 2013-11-07 22:50 - 05145633 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix.exe
2013-11-08 11:38 - 2013-11-08 11:38 - 05145633 _____ (Swearware) C:\Users\Marissa\Downloads\ComboFix (1).exe
2013-11-08 11:16 - 2013-11-08 11:07 - 00000335 _____ C:\local.conf
2013-11-08 11:05 - 2013-11-08 11:05 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\48230029.sys
2013-11-08 11:05 - 2013-11-08 11:05 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\1C044AF1.sys
2013-11-08 11:04 - 2013-11-08 11:04 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Marissa\Downloads\mbar-1.07.0.1007.exe
2013-11-08 11:03 - 2013-11-08 11:03 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Marissa\Downloads\tdsskiller.exe
2013-11-08 10:57 - 2013-11-08 10:57 - 04976148 _____ C:\Users\Marissa\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-11-08 10:57 - 2013-11-08 10:57 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2013-11-08 10:50 - 2013-09-13 17:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-08 10:39 - 2009-07-13 21:08 - 00032556 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-11-07 23:22 - 2013-11-07 23:22 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\AVAST Software
2013-11-07 23:21 - 2013-03-14 02:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-11-07 23:21 - 2013-03-14 02:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-11-07 23:19 - 2013-09-19 18:13 - 01032416 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00409832 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys.1384587285
2013-11-07 23:19 - 2013-09-19 18:13 - 00334648 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2013-11-07 23:19 - 2013-09-19 18:13 - 00205320 _____ C:\windows\system32\Drivers\aswVmm.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00084328 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00065776 _____ C:\windows\system32\Drivers\aswRvrt.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00065264 _____ (AVAST Software) C:\windows\system32\Drivers\aswTdi.sys
2013-11-07 23:19 - 2013-09-19 18:13 - 00038984 _____ (AVAST Software) C:\windows\system32\Drivers\aswFsBlk.sys
2013-11-07 23:19 - 2013-09-19 18:12 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2013-11-07 23:18 - 2013-09-19 18:13 - 00000000 _____ C:\windows\SysWOW64\config.nt
2013-11-07 23:18 - 2013-09-19 18:11 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-07 23:12 - 2013-11-07 23:12 - 00702632 _____ C:\Users\Marissa\Downloads\ZipOpenerSetup.exe
2013-11-07 23:07 - 2009-07-13 19:20 - 00000000 __RHD C:\Users\Default
2013-11-07 22:44 - 2013-09-19 18:46 - 00000060 _____ C:\Users\Marissa\AppData\Roaming\mbam.context.scan
2013-11-07 21:08 - 2013-11-07 21:08 - 01440846 _____ C:\Users\Marissa\Downloads\mbam-chameleon-1.62.1.1000.zip
2013-11-07 21:05 - 2013-11-07 21:04 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marissa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-10-18 10:50 - 2013-09-24 18:06 - 00000000 ____D C:\Users\Marissa\AppData\Roaming\QuickScan
2013-10-18 10:05 - 2013-08-11 17:52 - 00000000 ____D C:\windows\system32\MRT
2013-10-18 10:03 - 2013-07-09 14:49 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
 
Files to move or delete:
====================
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll
C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
C:\Users\Public\AlexaNSISPlugin.9364.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-15 19:27
 
==================== End Of Log ============================

addition.txt


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2013
Ran by Marissa at 2013-11-15 23:41:44
Running from C:\Users\Marissa\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Kaspersky Internet Security (Disabled - Out of date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Disabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
 
==================== Installed Programs ======================
 
Accidental Damage Services Agreement (x32 Version: 2.0.0)
Adobe AIR (x32 Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
Advanced Audio FX Engine (x32 Version: 1.12.05)
Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17)
Apple Application Support (x32 Version: 2.3)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Free Antivirus (x32 Version: 9.0.2007)
Banctec Service Agreement (x32 Version: 2.0.0)
Bing Bar (x32 Version: 7.0.765.0)
Blio (x32 Version: 2.3.7140)
Bluetooth Win7 Suite (64) (Version: 7.2.0.83)
Bonjour (Version: 3.0.0.10)
Complete Care Business Service Agreement (x32 Version: 2.0.0)
Consumer In-Home Service Agreement (x32 Version: 2.0.0)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.67)
Dell DataSafe Local Backup (x32 Version: 9.4.67)
Dell DataSafe Online (x32 Version: 2.1.19634)
Dell Digital Delivery (x32 Version: 2.1.1002.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (x32 Version: 1.00.0000)
Dell Home Systems Service Agreement (x32 Version: 2.0.0)
Dell MusicStage (x32 Version: 1.6.225.0)
Dell PhotoStage (x32 Version: 1.5.0.130)
Dell Stage (x32 Version: 1.7.209.0)
Dell Stage Remote (x32 Version: 2.0.0.43)
Dell Touchpad (Version: 7.1207.101.225)
Dell VideoStage  (x32 Version: 1.3.0.2513)
Dell Webcam Central (x32 Version: 2.00.44)
Dell WLAN and Bluetooth Client Installation (x32 Version: 9.0)
ERUNT 1.1j (x32)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
Google Chrome (x32 Version: 29.0.1547.66)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
IDT Audio (x32 Version: 1.0.6341.0)
iLivid (x32 Version: 4.0.0.3451)
Intel® Control Center (x32 Version: 1.2.1.1007)
Intel® Management Engine Components (x32 Version: 7.0.0.1144)
Intel® Processor Graphics (x32 Version: 8.15.10.2342)
Intel® Rapid Storage Technology (x32 Version: 10.1.2.1004)
Internet TV for Windows Media Center (x32 Version: 4.2.2.0)
iTunes (Version: 10.6.3.25)
Java 7 Update 17 (x32 Version: 7.0.170)
Java Auto Updater (x32 Version: 2.1.9.0)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) (x32 Version: 1.5.0.0)
Movies Toolbar for Internet Explorer (Dist. by Bandoo Media, Inc.) (x32 Version: 1.5.0.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
My Dell (Version: 3.4.6308.28)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800)
Nero Core Components 10 (x32 Version: 2.0.20500.9.16)
Nero Update (x32 Version: 11.0.11500.28.0)
Picasa 3 (x32 Version: 3.9)
PlayReady PC Runtime x86 (x32 Version: 1.3.0)
Premium Service Agreement (x32 Version: 2.0.0)
QualxServ Service Agreement (x32 Version: 2.0.0)
Quickset64 (Version: 10.09.25)
QuickTime (x32 Version: 7.73.80.64)
Realtek Ethernet Controller Driver (x32 Version: 7.45.516.2011)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126)
Skype Click to Call (x32 Version: 6.11.13348)
Skype™ 5.10 (x32 Version: 5.10.116)
SyncUP (x32 Version: 1.12.12400.17.102)
SyncUP (x32 Version: 10.2.16500)
Tweaking.com - Windows Repair (All in One) (x32 Version: 2.0.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Video Downloader (x32 Version: 1.14)
VIO Player version 1.0.1 (x32 Version: 1.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Center Add-in for Flash (x32 Version: 4.1.2.0)
Zinio Reader 4 (x32 Version: 4.2.4164)
 
==================== Restore Points  =========================
 
26-09-2013 10:01:14 Windows Update
04-10-2013 06:12:31 Windows Update
12-10-2013 20:49:30 Windows Update
18-10-2013 18:02:13 Windows Update
08-11-2013 05:11:02 Windows Update
08-11-2013 11:00:32 Windows Update
09-11-2013 11:02:13 Windows Update
16-11-2013 02:37:51 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 18:34 - 2013-11-15 22:42 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {03A93606-E9DE-4356-A910-25116729C4D9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-22] (Facebook Inc.)
Task: {21C2CE05-4167-4F34-809F-5AF7A9A2F8F6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12] (Adobe Systems Incorporated)
Task: {35113D1B-4797-4EAC-8822-8B5D4266660C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-22] (Facebook Inc.)
Task: {5FF97128-64D8-4E86-BF03-D59B475A7860} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {83B7DE07-7620-48F6-B9AE-1AD41B0DFB4B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {84E7BDDD-DFAD-45C2-91D3-84458F7C8749} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {88561FF9-304A-49AF-965C-5DB3376851D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {A14C84A4-E270-4A4D-9688-562DB0785128} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-09-05] (PC-Doctor, Inc.)
Task: {A95CE0E4-573B-4D96-A113-BF4F408253F1} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {C29F76C3-004C-4E8F-8132-DF31CBDF7368} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core.job => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA.job => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-31 10:51 - 2013-08-13 09:26 - 00647680 _____ () c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll
2012-06-17 22:56 - 2011-03-25 17:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/15/2013 11:37:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83c8a
Exception code: 0xc0000005
Fault offset: 0x00014a67
Faulting process id: 0x1040
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 11:35:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 11:34:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Exception code: 0xc0000005
Fault offset: 0x0000290a
Faulting process id: 0x1040
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 08:07:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 08:07:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83c8a
Exception code: 0xc0000005
Fault offset: 0x00014a67
Faulting process id: 0x112c
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 08:06:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Exception code: 0xc0000005
Fault offset: 0x0000290a
Faulting process id: 0x112c
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 07:52:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 07:52:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18015, time stamp: 0x50b83c8a
Exception code: 0xc0000005
Fault offset: 0x00014a67
Faulting process id: 0xf34
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 07:52:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Faulting module name: Skype.exe, version: 5.10.0.116, time stamp: 0x50001496
Exception code: 0xc0000005
Fault offset: 0x0000290a
Faulting process id: 0xf34
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
 
Error: (11/15/2013 07:49:42 PM) (Source: RasClient) (User: )
Description: CoId={A147B92E-BA04-4BD8-894C-62E0A246979F}: The user Marissa-PC\Marissa dialed a connection named Broadband Connection which has failed. The error code returned on failure is 0.
 
 
System errors:
=============
Error: (11/15/2013 11:36:05 PM) (Source: Service Control Manager) (User: )
Description: The Nero Update service terminated with the following error: 
%%-2147467262
 
Error: (11/15/2013 11:36:04 PM) (Source: Service Control Manager) (User: )
Description: The Dell Digital Delivery Service service failed to start due to the following error: 
%%1053
 
Error: (11/15/2013 11:36:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.
 
Error: (11/15/2013 11:30:30 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES (X86)\MOVIES TOOLBAR\DATAMNGR\DATAMNGRUI.EXE
 
Error: (11/15/2013 11:30:29 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
 
Error: (11/15/2013 11:30:28 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES (X86)\MOVIES TOOLBAR\DATAMNGR\DATAMNGRCOORDINATOR.EXE
 
Error: (11/15/2013 11:30:28 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
 
Error: (11/15/2013 11:21:59 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES (X86)\MOVIES TOOLBAR\DATAMNGR\DATAMNGRUI.EXE
 
Error: (11/15/2013 11:21:59 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
 
Error: (11/15/2013 11:21:59 PM) (Source: mbamchameleon) (User: )
Description: \Device\HarddiskVolume3\PROGRAM FILES (X86)\MOVIES TOOLBAR\DATAMNGR\DATAMNGRCOORDINATOR.EXE
 
 
Microsoft Office Sessions:
=========================
Error: (11/15/2013 11:37:58 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496KERNELBASE.dll6.1.7601.1801550b83c8ac000000500014a67104001cee29e3b46570bC:\Program Files (x86)\Skype\Phone\Skype.exeC:\windows\syswow64\KERNELBASE.dll02ea841c-4e92-11e3-8e94-844bf51b68a0
 
Error: (11/15/2013 11:35:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 11:34:39 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496Skype.exe5.10.0.11650001496c00000050000290a104001cee29e3b46570bC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe8c3ee0f7-4e91-11e3-8e94-844bf51b68a0
 
Error: (11/15/2013 08:07:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 08:07:12 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496KERNELBASE.dll6.1.7601.1801550b83c8ac000000500014a67112c01cee2813db8afc2C:\Program Files (x86)\Skype\Phone\Skype.exeC:\windows\syswow64\KERNELBASE.dll91adf9d9-4e74-11e3-a757-844bf51b68a0
 
Error: (11/15/2013 08:06:39 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496Skype.exe5.10.0.11650001496c00000050000290a112c01cee2813db8afc2C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe7d817efa-4e74-11e3-a757-844bf51b68a0
 
Error: (11/15/2013 07:52:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/15/2013 07:52:04 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496KERNELBASE.dll6.1.7601.1801550b83c8ac000000500014a67f3401cee27f1e9b23d6C:\Program Files (x86)\Skype\Phone\Skype.exeC:\windows\syswow64\KERNELBASE.dll7415f38a-4e72-11e3-a73d-844bf51b68a0
 
Error: (11/15/2013 07:52:00 PM) (Source: Application Error)(User: )
Description: Skype.exe5.10.0.11650001496Skype.exe5.10.0.11650001496c00000050000290af3401cee27f1e9b23d6C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Skype\Phone\Skype.exe71da04ea-4e72-11e3-a73d-844bf51b68a0
 
Error: (11/15/2013 07:49:42 PM) (Source: RasClient)(User: )
Description: {A147B92E-BA04-4BD8-894C-62E0A246979F}Marissa-PC\MarissaBroadband Connection0
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-11-15 22:41:56.864
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-15 22:41:56.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-15 22:41:56.734
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-15 22:41:56.662
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-07 23:03:27.843
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-11-07 23:03:27.775
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 33%
Total physical RAM: 6052.27 MB
Available physical RAM: 3998.18 MB
Total Pagefile: 12102.73 MB
Available Pagefile: 9686.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:911.88 GB) (Free:811.23 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 664BFF29)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please uninstall ALL versions of Java from Control Panel, Add\Remove

 

Then run the following.

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

 

fixlist.txt

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

Still unable to attach. So here is the pasted txt.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-11-2013
Ran by Marissa at 2013-11-16 10:14:46 Run:1
Running from C:\Users\Marissa\Desktop\New folder
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll [17408 2013-08-13] ()
AppInit_DLLs: c:\progra~3\wincert\win64c~1.dll c:\progra~2\movies~1\datamngr\x64\mgrldr.dll [8704 2013-04-09] ()
BHO-x32: No Name - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -  No File
BHO-x32: No Name - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} -  No File
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -  No File
BHO-x32: No Name - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -  No File
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO-x32: No Name - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  No File
BHO-x32: No Name - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  No File
BHO-x32: No Name - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -  No File
BHO-x32: No Name - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -  No File
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: No Name - {E33CF602-D945-461A-83F0-819F76A199F8} -  No File
BHO-x32: No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
C:\Program Files (x86)\Movies Toolbar
C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll
C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob
C:\Users\Public\AlexaNSISPlugin.9364.dll
CHR Extension: () - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir_1132_25245
CHR Extension: (Bitdefender QuickScan) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0
CHR Extension: (Movies Toolbar) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\21.56092_0
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\Marissa\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.as...&v=n8811-91&t=4
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll [647680 2013-08-13] () <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll [476672 2013-08-13] () <===== ATTENTION
R2 DatamngrCoordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [3362816 2013-08-13] (Bandoo Media Inc.)
SearchScopes: HKCU - {34e26447-bf30-4c78-a5b9-61dfa8a55e67} URL = http://search.mywebs...cc3e&searchfor={searchTerms}
SearchScopes: HKCU - {85FF67E1-33E6-43B6-8604-AD977D9FAE67} URL = http://search.genieo...4,19841,6,0,&q={searchTerms}
SearchScopes: HKCU - {8E6D7AC1-1A3D-4A6B-BE08-BC7C6CE2AC3B} URL = http://dts.search.as...pn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...pn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {34e26447-bf30-4c78-a5b9-61dfa8a55e67} URL = http://search.mywebs...cc3e&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...pn_ptnrs=AG6&q={searchTerms}
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  No File
Toolbar: HKLM-x32 - No Name - {8dcb7100-df86-4384-8842-8fa844297b3f} -  No File
Toolbar: HKLM-x32 - No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-07] (AVAST Software)
CHR Extension: (avast! Online Security) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (Bitdefender QuickScan) - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-07] (AVAST Software)
R2 aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [38984 2013-11-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [84328 2013-11-07] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2013-11-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-07] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1032416 2013-11-07] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [409832 2013-11-15] (AVAST Software)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [65264 2013-11-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-07] ()
Task: {03A93606-E9DE-4356-A910-25116729C4D9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-22] (Facebook Inc.)
Task: {35113D1B-4797-4EAC-8822-8B5D4266660C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-22] (Facebook Inc.)
Task: {5FF97128-64D8-4E86-BF03-D59B475A7860} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {84E7BDDD-DFAD-45C2-91D3-84458F7C8749} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {88561FF9-304A-49AF-965C-5DB3376851D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core.job => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA.job => C:\Users\Marissa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
*****************
 
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E33CF602-D945-461A-83F0-819F76A199F8} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8} => Key deleted successfully.
HKCR\CLSID\{E33CF602-D945-461A-83F0-819F76A199F8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => Key deleted successfully.
C:\Program Files (x86)\Movies Toolbar => Moved successfully.
"C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll" => File/Directory not found.
"C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll" => File/Directory not found.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.9364.dll => Moved successfully.
CHR Extension: () - C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir_1132_25245 directory not found.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie => Moved successfully.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj => Moved successfully.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob => Key deleted successfully.
C:\Users\Marissa\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} => Key not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\swg => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
DatamngrCoordinator => Service deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} => Key deleted successfully.
HKCR\CLSID\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{85FF67E1-33E6-43B6-8604-AD977D9FAE67} => Key deleted successfully.
HKCR\CLSID\{85FF67E1-33E6-43B6-8604-AD977D9FAE67} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8E6D7AC1-1A3D-4A6B-BE08-BC7C6CE2AC3B} => Key deleted successfully.
HKCR\CLSID\{8E6D7AC1-1A3D-4A6B-BE08-BC7C6CE2AC3B} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{34e26447-bf30-4c78-a5b9-61dfa8a55e67} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{ec2bae47-25af-4ce9-9e78-10627a49c9ea} => Key not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvastUI.exe => Unable to delete value
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => Moved successfully.
C:\Users\Marissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie directory not found.
avast! Antivirus => Service not found.
aswFsBlk => Service not found.
aswMonFlt => Service not found.
aswRdr => Service not found.
aswRvrt => Service not found.
aswSnx => Service not found.
aswSP => Service not found.
aswTdi => Service not found.
aswVmm => Service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03A93606-E9DE-4356-A910-25116729C4D9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03A93606-E9DE-4356-A910-25116729C4D9} => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35113D1B-4797-4EAC-8822-8B5D4266660C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35113D1B-4797-4EAC-8822-8B5D4266660C} => Key deleted successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FF97128-64D8-4E86-BF03-D59B475A7860} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF97128-64D8-4E86-BF03-D59B475A7860} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{84E7BDDD-DFAD-45C2-91D3-84458F7C8749} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84E7BDDD-DFAD-45C2-91D3-84458F7C8749} => Key deleted successfully.
C:\Windows\System32\Tasks\Apple\AppleSoftwareUpdate => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88561FF9-304A-49AF-965C-5DB3376851D3} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88561FF9-304A-49AF-965C-5DB3376851D3} => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => Key deleted successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000Core.job => Moved successfully.
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-181987139-3828086990-681685550-1000UA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
 
 
The system needs a manual reboot. 
 
==== End of Fixlog ====
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please restart the computer and then review and follow the directions in this post.

Runtime error 0, 440, and 339 automation errors

Try the following removal and reinstall as part of that once all access denied errors have been removed

MBAM Clean Removal Process

I'm going to be going on vacation in a couple of days so we need to try and finish things up here

Thanks

Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

I really appreciate you helping me. But this laptop seems to have a very serious issue. After following the above instructions, the "Runtime error 0 and 440" still appear when attempting to run mbam, I ran the clean removal process, and then tried to re-install mbam, but was given the following error multiple times:
CoCreateInstance failed; code 0x80040154.
Class not registered.
 

There are also other various issues I have noticed. In the start menu, under all programs, most of the folders are "empty" including mbam. I am also unable to right click my computer and select "properties", nothing happens when I do so. I suspect a virus has perhaps infected the registry but I am not certain. 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please run the following again.
 
Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop
dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool.
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop
  • Please include the following logs in your next reply as an attachment: DDS.txt and Attach.txt
  • You can ignore the note about zipping the Attach.txt file and just post it or attach it.
Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted

Nothing happens when I try to attach the file, so I have to paste it.
 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.17.2
Run by Marissa at 20:08:08 on 2013-11-18
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6052.4059 [GMT -8:00]
.
AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskhost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
StartupFolder: C:\Users\Marissa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - <orphaned>
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - <orphaned>
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - <orphaned>
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - <orphaned>
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - <orphaned>
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38}\34F6666656560234F64747167656 : DHCPNameServer = 192.168.1.1 184.16.33.54
TCP: Interfaces\{B4EF1AFF-AFDE-48BC-9E2C-FB777B78EA38}\B44514D4 : DHCPNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
AppInit_DLLs= c:\progra~2\movies~1\datamngr\mgrldr.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - <is not referencing any dll>
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [stage Remote] C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
x64-Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-9-19 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-9-19 205320]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-9-19 1032416]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswsp.sys [2013-9-19 409832]
R1 kl2;kl2;C:\windows\System32\drivers\kl2.sys [2011-3-4 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\System32\drivers\klim6.sys [2011-3-10 29488]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2012-6-17 89600]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-9-19 38984]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-9-19 84328]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-5-20 146592]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2011-5-20 80032]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-18 50344]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-17 13336]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-6-17 1695040]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-14 3291008]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-17 2656280]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2011-5-20 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2011-5-20 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2011-5-20 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2011-5-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2011-5-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2011-5-20 154272]
R3 BtFilter;BtFilter;C:\windows\System32\drivers\btfilter.sys [2011-5-20 282272]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\windows\System32\drivers\CtClsFlt.sys [2012-6-17 176096]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2012-6-17 317440]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-9 166912]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 206448]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-6-17 250984]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-17 533096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-7-25 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-11-18 11:21:18 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{924C7B2B-808F-4F86-9228-B19CA7455A7E}\offreg.dll
2013-11-18 11:01:32 -------- d-----w- C:\74064e71211ec217f03d3dee0f
2013-11-18 08:14:23 -------- d-----w- C:\Users\Marissa\AppData\Roaming\Malwarebytes
2013-11-18 08:11:46 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2013-11-18 08:11:46 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-18 08:11:46 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-18 07:54:11 -------- d-----w- C:\Users\Marissa\AppData\Roaming\Wise Registry Cleaner
2013-11-18 07:49:44 -------- d-----w- C:\Program Files (x86)\Wise
2013-11-18 07:31:31 -------- d-----w- C:\Users\Marissa\AppData\Roaming\ParetoLogic
2013-11-18 07:31:31 -------- d-----w- C:\Users\Marissa\AppData\Roaming\DriverCure
2013-11-18 07:31:19 -------- d-----w- C:\Program Files (x86)\Common Files\ParetoLogic
2013-11-18 07:31:13 -------- d-----w- C:\ProgramData\ParetoLogic
2013-11-18 07:31:13 -------- d-----w- C:\Program Files (x86)\ParetoLogic
2013-11-16 07:52:12 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{924C7B2B-808F-4F86-9228-B19CA7455A7E}\mpengine.dll
2013-11-16 07:39:58 -------- d-----w- C:\FRST
2013-11-16 06:44:11 -------- d-sh--w- C:\$RECYCLE.BIN
2013-11-08 19:07:43 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-08 19:05:37 116440 ----a-w- C:\windows\System32\drivers\48230029.sys
2013-11-08 19:05:08 91352 ----a-w- C:\windows\System32\drivers\1C044AF1.sys
2013-11-08 18:57:50 -------- d-----w- C:\Program Files (x86)\Tweaking.com
2013-11-08 07:22:44 -------- d-----w- C:\Users\Marissa\AppData\Roaming\AVAST Software
2013-11-08 06:51:31 98816 ----a-w- C:\windows\sed.exe
2013-11-08 06:51:31 256000 ----a-w- C:\windows\PEV.exe
2013-11-08 06:51:31 208896 ----a-w- C:\windows\MBR.exe
.
==================== Find3M  ====================
.
2013-11-18 08:38:11 1032416 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-11-18 08:38:10 84328 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-11-18 08:38:10 43152 ----a-w- C:\windows\avastSS.scr
2013-11-08 07:19:51 92544 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-11-08 07:19:51 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-11-08 07:19:51 205320 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-10-12 20:27:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-03 21:35:10 278800 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 20:08:32.33 ===============
Link to post
Share on other sites
brendanboo

brendanboo

Posted
  • Author
Posted
.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 7/23/2012 2:42:05 PM

System Uptime: 11/18/2013 6:30:01 PM (2 hours ago)

.

Motherboard: Dell Inc. |  | 01HXXJ

Processor: Intel® Core i3-2370M CPU @ 2.40GHz | CPU 1 | 2400/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 912 GiB total, 812.266 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Realtek PCIe FE Family Controller

Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_05041028&REV_05\4&11A9D17&0&00E1

Manufacturer: Realtek

Name: Realtek PCIe FE Family Controller

PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_05041028&REV_05\4&11A9D17&0&00E1

Service: RTL8167

.

==== System Restore Points ===================

.

RP123: 11/7/2013 9:11:02 PM - Windows Update

RP124: 11/8/2013 3:00:32 AM - Windows Update

RP125: 11/9/2013 3:02:13 AM - Windows Update

RP126: 11/15/2013 6:37:51 PM - Windows Update

RP127: 11/16/2013 3:00:28 AM - Windows Update

RP128: 11/17/2013 3:01:16 AM - Windows Update

RP129: 11/18/2013 3:00:44 AM - Windows Update

.

==== Installed Programs ======================

.

Accidental Damage Services Agreement

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.7) MUI

Advanced Audio FX Engine

Apple Application Support

Apple Mobile Device Support

Apple Software Update

avast! Free Antivirus

Banctec Service Agreement

Bing Bar

Blio

Bluetooth Win7 Suite (64)

Bonjour

Complete Care Business Service Agreement

Consumer In-Home Service Agreement

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Digital Delivery

Dell Edoc Viewer

Dell Getting Started Guide

Dell Home Systems Service Agreement

Dell MusicStage

Dell PhotoStage

Dell Stage

Dell Stage Remote

Dell Touchpad

Dell VideoStage 

Dell Webcam Central

Dell WLAN and Bluetooth Client Installation

ERUNT 1.1j

Facebook Video Calling 1.2.0.287

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

IDT Audio

iLivid

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Internet TV for Windows Media Center

iTunes

Java 7 Update 17

Java Auto Updater

Junk Mail filter update

Kaspersky Internet Security 2012

Malwarebytes Anti-Malware version 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319

MSVCRT

MSVCRT_amd64

My Dell

Nero 10 Movie ThemePack Basic

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero Update

Picasa 3

PlayReady PC Runtime x86

Premium Service Agreement

QualxServ Service Agreement

Quickset64

QuickTime

Realtek Ethernet Controller Driver

Realtek USB 2.0 Card Reader

RegCure Pro

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Outlook 2010 (KB2794707) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760769) 32-Bit Edition

Skype Click to Call

Skype™ 5.10

SyncUP

Tweaking.com - Windows Repair (All in One)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2836939)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Video Downloader

VIO Player version 1.0.1

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Center Add-in for Flash

Wise Registry Cleaner 7.89

Zinio Reader 4

.

==== Event Viewer Messages From Past Week ========

.

11/18/2013 3:02:13 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition.

11/18/2013 3:01:54 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition.

11/18/2013 3:01:54 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition.

11/18/2013 3:01:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition.

11/18/2013 3:01:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition.

11/18/2013 3:01:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition.

11/18/2013 3:01:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition.

11/18/2013 3:01:39 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2858302).

11/18/2013 3:01:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition.

11/18/2013 3:01:34 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition.

11/18/2013 3:01:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft .NET Framework 4 on XP, Server 2003, Vista, Windows 7, Server 2008, Server 2008 R2 for x64 (KB2836939).

11/18/2013 3:01:25 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition.

11/18/2013 3:01:11 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition.

11/18/2013 12:41:21 AM, Error: Service Control Manager [7023]  - The Nero Update service terminated with the following error:  %%-2147467262

11/18/2013 12:41:19 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dell Digital Delivery Service service to connect.

11/18/2013 12:41:19 AM, Error: Service Control Manager [7000]  - The Dell Digital Delivery Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

11/15/2013 8:56:19 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00-04-4B-03-14-92. Network operations on this system may be disrupted as a result.

11/15/2013 6:51:53 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.

11/15/2013 6:50:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

11/15/2013 6:50:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

11/15/2013 6:50:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/15/2013 6:50:03 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

11/15/2013 6:49:31 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm discache KLIF spldr Wanarpv6

11/15/2013 11:30:30 PM, Error: mbamchameleon [61440]  - 

11/15/2013 10:42:30 PM, Error: Service Control Manager [7030]  - The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

11/15/2013 10:41:56 PM, Error: Application Popup [1060]  - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

11/15/2013 10:35:36 PM, Error: Service Control Manager [7034]  - The Skype C2C Service service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Let's see if this tool can fix some items on the functionality of Windows.

Please download Windows Repair (All in One) from here and run it.

http://www.tweaking.com/content/page/windows_repair_all_in_one.html

Then post back the results and what issues remain.

Thanks

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.