Jump to content

PUP removal


Recommended Posts

As requested created new post:  Herewith the DDS.txt and attach.txt pasted in

George_S

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428
Run by George at 13:24:02 on 2013-12-07
Microsoft Windows 7 Professional   6.1.7601.1.1252.27.1033.18.8133.5858 [GMT 2:00]
.
AV: Emsisoft Anti-Malware *Disabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Emsisoft Anti-Malware *Disabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Online Armor Firewall *Disabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\nvservice.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Online Armor\OAcat.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files (x86)\Password Safe\pwsafe.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files (x86)\MEDITECH\MTAppDwn.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2guard.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\George\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
mRun: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
mRun: [emsisoft anti-malware] "c:\program files (x86)\emsisoft anti-malware\a2guard.exe" /d=60
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\George\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PASSWO~1.LNK - C:\Program Files (x86)\Password Safe\pwsafe.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{3FC68F6B-411D-465A-A524-84B6160E5939} : DHCPNameServer = 172.16.8.105 172.16.9.105
TCP: Interfaces\{4C1259B8-827F-47F7-8151-4A69C327F07E} : DHCPNameServer = 192.168.1.1 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [@OnlineArmor GUI] "C:\Program Files (x86)\Online Armor\OAui.exe"
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 fltsrv;Acronis Storage Filter Management;C:\Windows\System32\drivers\fltsrv.sys [2013-11-12 108832]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-11-17 317808]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-11-8 22128]
R0 tib;Acronis TIB Manager;C:\Windows\System32\drivers\tib.sys [2013-11-12 1120032]
R0 tib_mounter;Acronis TIB Mounter;C:\Windows\System32\drivers\tib_mounter.sys [2013-11-12 183224]
R0 vididr;Acronis Virtual Disk;C:\Windows\System32\drivers\vididr.sys [2013-11-12 161568]
R0 vidsflt;Acronis Disk Storage Filter;C:\Windows\System32\drivers\vidsflt.sys [2013-11-12 117024]
R1 A2DDA;A2 Direct Disk Access Support Driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-11-11 26176]
R1 a2injectiondriver;a2injectiondriver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2013-11-11 45208]
R1 a2util;a-squared Malware-IDS utility driver;C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [2013-11-11 17384]
R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2013-11-11 64720]
R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2013-11-11 52360]
R1 RapportCerberus_59849;RapportCerberus_59849;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [2013-11-17 606672]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-10-25 284176]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-10-25 399312]
R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service;C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-11-11 4161512]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-11-12 3783672]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\George\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [2013-12-5 107520]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-11 418376]
R2 MTAppManager;MEDITECH Application Manager;C:\Program Files (x86)\MEDITECH\MTAppDwn.exe [2013-11-8 96712]
R2 nvservice;NVIDIA GuardService;C:\Windows\System32\nvservice.exe [2013-11-18 192800]
R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\OAcat.exe [2013-11-12 584864]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-10-25 1444120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-10 383264]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-3-20 7084696]
R2 VMCService;Vodafone Mobile Connect Service;C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-11-4 14336]
R2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode [?]
R3 a2acc;a2acc;C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys [2013-11-11 70960]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2013-11-12 367200]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-11-8 135720]
R3 cleanhlp;cleanhlp;C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-11-11 57024]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2013-11-8 47752]
R3 d554gps;Dell Wireless  HSPA Mini-Card GPS Port;C:\Windows\System32\drivers\d554gps64.sys [2013-11-8 103184]
R3 d554scard;Dell Wireless  HSPA Mini-Card USIM Port;C:\Windows\System32\drivers\d554scard.sys [2013-11-8 61992]
R3 ecnssndis; Mobile Broadband Driver;C:\Windows\System32\drivers\wwuss64.sys [2013-11-8 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\Windows\System32\drivers\wwussf64.sys [2013-11-8 29736]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-11-8 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-11-8 788760]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-11-11 25928]
R3 Mbm3CBus;Dell Wireless 5560 HSPA+ Mini-Card Device (WDM);C:\Windows\System32\drivers\Mbm3CBus.sys [2013-11-8 443208]
R3 Mbm3DevMt;Dell Wireless  HSPA Mini-Card Device Management Driver (WDM);C:\Windows\System32\drivers\Mbm3DevMt.sys [2013-11-8 453960]
R3 Mbm3mdfl;Dell Wireless  HSPA Mini-Card Modem Filter;C:\Windows\System32\drivers\Mbm3mdfl.sys [2013-11-8 21832]
R3 Mbm3Mdm;Dell Wireless  HSPA Mini-Card Modem Driver;C:\Windows\System32\drivers\Mbm3Mdm.sys [2013-11-8 506184]
R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2013-11-11 35368]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_Accel.sys [2013-11-8 89312]
R3 WwanUsbServ;Mobile Broadband Driver;C:\Windows\System32\drivers\WwanUsbMp64.sys [2013-11-8 280448]
S1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2013-11-11 62008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-10-7 573952]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-11 701512]
S2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\OAsrv.exe [2013-11-12 4457688]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-11-18 111616]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-18 19456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-18 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-11-18 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-11-12 1255736]
.
=============== Created Last 30 ================
.
2013-12-07 06:40:43 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1B6BC5A9-968C-4FC4-97F1-EE7ABB91BBDD}\mpengine.dll
2013-12-06 13:53:00 -------- d-----w- C:\Users\George\AppData\Local\Diagnostics
2013-12-05 05:51:59 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-12-05 05:51:45 -------- d-----w- C:\Users\George\AppData\Roaming\defaulttab
2013-12-04 08:13:34 -------- d-----w- C:\Users\George\.RippleDown
2013-12-04 08:08:15 -------- d-----w- C:\RippleDown 6.37
2013-12-03 09:59:32 -------- d-----w- C:\Program Files\Microsoft Synchronization Services
2013-12-03 09:59:06 -------- d-----w- C:\Windows\PCHEALTH
2013-12-03 09:59:06 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition
2013-12-03 09:56:13 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8
2013-12-03 09:55:13 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-12-03 09:55:13 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-11-24 06:39:00 224768 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpzpp4v2.dll
2013-11-24 06:38:26 130048 ----a-w- C:\Windows\System32\hpz3l4v2.dll
2013-11-23 10:32:16 -------- d-----w- C:\Users\George\AppData\Roaming\HpUpdate
2013-11-23 10:31:50 -------- d-----w- C:\Windows\Hewlett-Packard
2013-11-18 21:03:25 192800 ----a-w- C:\Windows\System32\nvservice.exe
2013-11-18 20:34:04 -------- d-----w- C:\Program Files\Speccy
2013-11-18 20:33:01 -------- d-----w- C:\Program Files\CCleaner
2013-11-18 17:58:27 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-11-18 17:58:26 366592 ----a-w- C:\Windows\System32\qdvd.dll
2013-11-18 17:36:29 -------- d--h--w- C:\Windows\msdownld.tmp
2013-11-18 04:53:06 -------- d-----w- C:\Program Files (x86)\MSXML 4.0
2013-11-17 06:19:15 317808 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-11-17 06:17:14 -------- d-----w- C:\Users\George\AppData\Local\Trusteer
2013-11-17 06:17:05 -------- d-----w- C:\Program Files (x86)\Trusteer
2013-11-17 06:14:15 -------- d-----w- C:\ProgramData\Trusteer
2013-11-17 05:53:43 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-11-17 05:53:43 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2013-11-17 05:53:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2013-11-17 05:53:43 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2013-11-17 05:53:43 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2013-11-17 05:53:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2013-11-17 05:53:43 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2013-11-15 20:14:51 114688 ----a-w- C:\Windows\keymail.dll
2013-11-15 14:10:49 -------- d-----w- C:\UniScan
2013-11-15 14:09:14 803840 ----a-w- C:\Windows\System32\hpxp2436.dll
2013-11-15 14:09:14 728064 ----a-w- C:\Windows\System32\hp2436co.dll
2013-11-15 14:09:14 561664 ----a-w- C:\Windows\System32\hpgt2436.dll
2013-11-15 11:36:52 -------- d-----w- C:\ProgramData\WEBREG
2013-11-15 11:28:06 -------- d-----w- C:\Program Files (x86)\Common Files\HP
2013-11-15 11:23:04 -------- d-----w- C:\Program Files (x86)\Common Files\Hewlett-Packard
2013-11-15 11:22:46 -------- d-----w- C:\Program Files (x86)\HP
2013-11-12 19:59:45 -------- d-----w- C:\Windows\SysWow64\Wat
2013-11-12 19:59:45 -------- d-----w- C:\Windows\System32\Wat
2013-11-12 08:32:38 367200 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2013-11-12 08:32:32 1462560 ----a-w- C:\Windows\System32\drivers\tdrpman.sys
2013-11-12 08:32:25 183224 ----a-w- C:\Windows\System32\drivers\tib_mounter.sys
2013-11-12 08:32:24 1120032 ----a-w- C:\Windows\System32\drivers\tib.sys
2013-11-12 08:32:17 161568 ----a-w- C:\Windows\System32\drivers\vididr.sys
2013-11-12 08:32:15 117024 ----a-w- C:\Windows\System32\drivers\vidsflt.sys
2013-11-12 08:32:13 233760 ----a-w- C:\Windows\System32\drivers\snapman.sys
2013-11-12 08:32:09 108832 ----a-w- C:\Windows\System32\drivers\fltsrv.sys
2013-11-11 19:56:18 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Games
2013-11-11 19:55:18 -------- d-----w- C:\Program Files\Microsoft Games
2013-11-11 16:56:08 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2013-11-11 16:32:19 -------- d-----w- C:\Users\George\AppData\Local\Apps
2013-11-11 16:32:18 -------- d-----w- C:\Users\George\AppData\Local\Deployment
2013-11-11 13:09:50 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-11-11 13:09:50 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-11-11 13:09:50 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-11-11 13:09:50 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-11-11 13:09:50 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-11-11 13:09:50 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-11-11 13:09:50 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-11-11 12:51:36 -------- d-----w- C:\Windows\System32\MRT
2013-11-11 12:45:24 -------- d-----w- C:\Program Files (x86)\cGPSmapper
2013-11-11 12:40:35 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-11-11 12:40:35 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2013-11-11 12:40:35 5120 ----a-w- C:\Windows\System32\wmi.dll
2013-11-11 12:40:35 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2013-11-11 12:40:35 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-11-11 12:39:30 -------- d-----w- C:\Users\George\T4A Previewer
2013-11-11 12:02:58 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll
2013-11-11 12:01:33 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-11-11 12:00:49 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2013-11-11 11:59:51 478208 ----a-w- C:\Windows\System32\dpnet.dll
2013-11-11 11:59:51 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2013-11-11 11:59:46 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-11-11 11:59:46 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-11-11 11:59:45 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-11-11 11:59:45 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-11-11 11:59:31 81920 ----a-w- C:\Windows\SysWow64\davclnt.dll
2013-11-11 11:59:31 259584 ----a-w- C:\Windows\System32\WebClnt.dll
2013-11-11 11:59:31 205824 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2013-11-11 11:59:31 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys
2013-11-11 11:59:31 102400 ----a-w- C:\Windows\System32\davclnt.dll
2013-11-11 11:59:00 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-11-11 11:57:36 800768 ----a-w- C:\Windows\System32\usp10.dll
2013-11-11 11:56:59 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2013-11-11 11:53:31 -------- d-----w- C:\Users\George\AppData\Roaming\NVIDIA
2013-11-11 11:53:29 -------- d-----w- C:\Users\George\AppData\Local\Garmin
2013-11-11 11:53:28 -------- d-----w- C:\ProgramData\Garmin
2013-11-11 11:53:00 -------- d-----w- C:\Users\George\AppData\Local\GARMIN_Corp
2013-11-11 11:48:08 -------- d-----w- C:\Program Files (x86)\Garmin
2013-11-11 11:48:07 -------- d-----w- C:\Users\George\AppData\Roaming\Garmin
2013-11-11 11:38:16 -------- d-----w- C:\Users\George\AppData\Roaming\Malwarebytes
2013-11-11 11:38:04 -------- d-----w- C:\ProgramData\Malwarebytes
2013-11-11 11:38:01 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-11-11 11:38:01 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-11 11:25:45 10285968 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-11-11 11:21:26 77312 ----a-w- C:\Windows\System32\packager.dll
2013-11-11 11:21:26 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2013-11-11 11:14:23 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2013-11-11 11:14:23 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2013-11-11 11:14:23 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2013-11-11 11:03:40 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-11-11 11:03:31 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-11-11 11:03:19 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-11-11 11:03:19 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-11-11 08:26:05 -------- d-----w- C:\Program Files (x86)\Emsisoft Anti-Malware
2013-11-11 06:49:31 -------- d-----w- C:\Users\George\AppData\Local\Adobe
2013-11-11 06:45:03 -------- d-----w- C:\Users\George\AppData\Local\PasswordSafe
2013-11-11 06:38:25 -------- d-----w- C:\Users\George\AppData\Roaming\OnlineArmor
2013-11-11 06:38:25 -------- d-----w- C:\ProgramData\OnlineArmor
2013-11-11 06:37:01 64720 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys
2013-11-11 06:37:01 62008 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys
2013-11-11 06:37:01 52360 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys
2013-11-11 06:37:01 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys
2013-11-11 06:36:52 -------- d-----w- C:\Program Files (x86)\Online Armor
2013-11-11 06:34:21 -------- d-----w- C:\Users\George\AppData\Roaming\IrfanView
2013-11-11 06:34:18 -------- d-----w- C:\Program Files (x86)\IrfanView
2013-11-11 06:26:22 -------- d-----w- C:\Program Files (x86)\Password Safe
2013-11-08 16:21:32 -------- d-----w- C:\Windows\Panther
2013-11-08 16:20:53 -------- d-----w- C:\Windows\System32\OEM
2013-11-08 16:20:53 -------- d-----w- C:\Hotfix
2013-11-08 09:54:13 -------- d-----w- C:\GEORGE
2013-11-08 08:45:10 -------- d-----w- C:\Users\George\AppData\Local\Microsoft Help
2013-11-08 08:23:21 -------- d-----w- C:\Users\George\AppData\Roaming\Vodafone
2013-11-08 08:20:17 -------- d-----w- C:\Users\George\AppData\Local\Programs
2013-11-08 08:20:05 -------- d-----w- C:\ProgramData\Vodafone
2013-11-08 08:19:57 -------- d-----w- C:\Program Files (x86)\Vodafone
2013-11-08 08:19:26 8464 ----a-w- C:\Windows\SysWow64\SpOrder.dll
2013-11-08 08:19:10 -------- d-----w- C:\Users\George\AppData\Local\{F27ACCDD-3291-41C8-B815-948CA954C05F}
2013-11-08 08:17:47 -------- d-----w- C:\Program Files (x86)\Quest Software
2013-11-08 08:16:42 -------- d-----w- C:\Windows\System32\log
2013-11-08 08:16:21 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-11-08 08:15:58 -------- d-----w- C:\Users\George\AppData\Local\Trend Micro
2013-11-08 08:14:28 -------- d-----w- C:\Users\George\AppData\Local\Google
2013-11-08 08:13:20 -------- d-----w- C:\Program Files\MEDITECH
2013-11-08 08:13:15 -------- d-----w- C:\ProgramData\MEDITECH
2013-11-08 08:13:14 -------- d-----w- C:\Program Files (x86)\MEDITECH
2013-11-08 08:01:26 -------- d-----w- C:\Program Files\DellTPad
2013-11-08 07:59:58 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2013-11-08 07:59:26 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-11-08 07:59:26 6382880 ----a-w- C:\Windows\System32\nvcpl.dll
2013-11-08 07:59:26 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-11-08 07:59:26 3460896 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-11-08 07:59:26 2558240 ----a-w- C:\Windows\System32\nvsvcr.dll
2013-11-08 07:59:26 118560 ----a-w- C:\Windows\System32\nvmctray.dll
2013-11-08 07:59:14 60776 ----a-w- C:\Windows\System32\OpenCL.dll
2013-11-08 07:59:14 52584 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-11-08 07:59:14 -------- d-----w- C:\temp
2013-11-08 07:59:09 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2013-11-08 07:58:54 31080 ----a-w- C:\Windows\System32\nvhdap64.dll
2013-11-08 07:58:54 2824504 ----a-w- C:\Windows\System32\nvapi64.dll
2013-11-08 07:58:54 189288 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2013-11-08 07:58:54 1814304 ----a-w- C:\Windows\System32\nvdispco64.dll
2013-11-08 07:58:54 1510176 ----a-w- C:\Windows\System32\nvdispgenco64.dll
2013-11-08 07:58:54 15052728 ----a-w- C:\Windows\System32\nvwgf2umx.dll
2013-11-08 07:58:54 1472360 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2013-11-08 07:58:44 -------- d-----w- C:\Program Files\NVIDIA Corporation
2013-11-08 07:58:24 135720 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-11-08 07:58:00 113048 ----a-w- C:\Windows\System32\Vxdif.dll
2013-11-08 07:57:58 447864 ----a-w- C:\Windows\System32\drivers\Apfiltr.sys
2013-11-08 07:57:54 47752 ----a-w- C:\Windows\System32\drivers\cvusbdrv.sys
2013-11-08 07:57:46 788760 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2013-11-08 07:57:46 62784 ----a-w- C:\Windows\System32\drivers\HECIx64.sys
2013-11-08 07:57:46 356120 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2013-11-08 07:53:30 22128 ----a-w- C:\Windows\System32\drivers\stdcfltn.sys
2013-11-08 07:52:54 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-11-08 07:52:54 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-11-08 07:52:54 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-11-08 07:52:46 -------- d-----w- C:\Program Files\STMicroelectronics
2013-11-08 07:52:44 89312 ----a-w- C:\Windows\System32\drivers\ST_Accel.sys
2013-11-08 07:52:44 66640 ----a-w- C:\Windows\System32\stdcfltnco05.dll
2013-11-08 07:52:44 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2013-11-08 07:52:06 -------- d-----w- C:\Program Files (x86)\ST Microelectronics
2013-11-08 07:48:07 -------- d-sh--w- C:\Windows\Installer
2013-11-08 07:47:47 -------- d-----w- C:\Users\George\AppData\Local\Dell
2013-11-08 07:47:04 544568 ----a-w- C:\Windows\System32\PROUnstl.exe
2013-11-08 07:46:32 73032 ----a-w- C:\Windows\System32\e1cmsg.dll
2013-11-08 07:46:32 495888 ----a-w- C:\Windows\System32\drivers\e1c62x64.sys
2013-11-08 07:46:32 36472 ----a-w- C:\Windows\System32\NicCo36.dll
2013-11-08 07:46:32 101224 ----a-w- C:\Windows\System32\NicInstC.dll
2013-11-08 07:45:47 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2013-11-08 07:45:34 -------- d-----w- C:\Intel
2013-11-08 07:45:32 -------- d-----w- C:\Dell
2013-11-08 06:30:07 -------- d-----w- C:\Users\George\AppData\Local\VirtualStore
.
==================== Find3M  ====================
.
2013-11-12 19:43:59 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-11-11 03:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll
2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll
2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll
2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll
2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll
2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll
2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll
2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe
.
============= FINISH: 13:24:48.20 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 2013/11/08 08:29:52 AM
System Uptime: 2013/12/06 05:02:54 PM (20 hours ago)
.
Motherboard: Dell Inc. |  | 0H3MT5
Processor: Intel® Core i5-3320M CPU @ 2.60GHz | SOCKET 0 | 2601/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 178.456 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP54: 2013/12/05 07:00:12 AM - Windows Update
RP55: 2013/12/05 07:22:34 AM - Restore point (PeaZip Setup)
RP56: 2013/12/05 06:06:43 PM - Windows Update
RP57: 2013/12/05 10:27:32 PM - Windows Update
RP58: 2013/12/06 07:00:16 AM - Windows Update
RP59: 2013/12/06 10:20:46 AM - Windows Update
RP60: 2013/12/06 03:56:40 PM - Windows Update
RP61: 2013/12/07 08:30:30 AM - Windows Update
RP62: 2013/12/07 09:42:55 AM - Restore point (C:\Users\George\Downloads\-1266489332TemplateDisk
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 10 ActiveX
Adobe Reader X (10.1.8)
BufferChm
CCleaner
cGPSmapper Free 0100d
DefaultTab
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dell Touchpad
Dell Wireless HSPA Mini-Card Drivers
Destinations
DocProc
DW WLAN Card Utility
Emsisoft Anti-Malware
Garmin BaseCamp
Garmin MapInstall
Garmin MapSource
Garmin MapSource Beta
Garmin USB Drivers
Google Chrome
Google Update Helper
GPBaseService2
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Scanjet 2400
HP Solution Center 13.0
HP Update
hpg2410
HPPhotosmartEssential
HPProductAssistant
Intel® Network Connections Drivers
IrfanView (remove only)
Malwarebytes Anti-Malware version 1.75.0.1300
MEDITECH Workstation3.x
MEDITECH Workstation4.x
Microsoft .NET Framework 4 Client Profile
Microsoft Mouse and Keyboard Center
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Notepad++
NVIDIA 3D Vision Driver 311.00
NVIDIA Control Panel 311.00
NVIDIA Graphics Driver 311.00
NVIDIA Guard Service 1.0
NVIDIA HD Audio Driver 1.3.18.0
NVIDIA Install Application
NVIDIA nView 136.53
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.0613
NVIDIA Stereoscopic 3D Driver
OCR Software by I.R.I.S. 13.0
Online Armor 6.0
Password Safe
Quest PuTTY 0.60_q1.129
Rapport
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2597166) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 64-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597981) 64-Bit Edition
SolutionCenter
Speccy
ST Microelectronics 3 Axis Digital Accelerometer Solution
Striata Reader
T4A Maps Botswana 
T4A Maps Free State/Eastern Cape/KZN
T4A Maps Gauteng and North
T4A Maps Namibia 
T4A Maps Western /Northern Cape 
True Image 2013
Trusteer Endpoint Protection
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Vodafone Mobile Connect
WebReg
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (04/26/2007 9.0.0.0)
.
==== Event Viewer Messages From Past Week ========
.
2013/12/07 08:38:56 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Service Pack 1 for Microsoft Office 2010 (KB2510690 ) 64-bit Edition.
2013/12/07 08:30:14 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the syncagentsrv service.
2013/12/06 05:05:55 PM, Error: Service Control Manager [7034]  - The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
2013/12/06 02:55:11 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2013/12/06 02:54:39 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2013/12/06 02:54:38 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2013/12/06 02:53:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2013/12/06 02:53:33 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2013/12/06 02:53:32 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000]  - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error Code: 21
2013/12/06 02:53:26 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2013/12/06 02:53:15 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  a2injectiondriver discache OADevice oahlpXX RapportKE64 snapman spldr Wanarpv6
2013/12/05 07:52:15 AM, Error: Service Control Manager [7030]  - The DefaultTabSearch service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
2013/12/05 06:29:30 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
2013/12/05 06:24:45 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wscsvc service.
2013/12/05 06:24:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
2013/12/05 06:23:45 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
2013/12/05 06:23:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CryptSvc service.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [616]  - Reader monitor 'Mobile Broadband SIM Card Reader 0' received uncaught error code:  The device does not recognize the command.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [612]  - Reader insertion monitor error retry threshold reached:  The device does not recognize the command.
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610]  - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL POWER: The device does not recognize the command.  If this error persists, your smart card or reader may not be functioning correctly. Command Header: 00 00 00 00
2013/12/04 10:53:55 AM, Error: Microsoft-Windows-Smartcard-Server [610]  - Smart Card Reader 'Mobile Broadband SIM Card Reader 0' rejected IOCTL GET_STATE: The device does not recognize the command.  If this error persists, your smart card or reader may not be functioning correctly. Command Header: XX XX XX XX
2013/12/02 08:20:14 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hello George_S! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall this program: DefaultTab

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
Step 4
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.