Jump to content

Recommended Posts

I've been looking for answers for three days with no luck, and I'd appreciate any guidance you could offer.  Here are the results of the two log files:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 10.0.9200.16750  BrowserJavaVersion: 10.7.2
Run by Michelle at 19:46:22 on 2014-02-03
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3071.2570 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atashost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
.
============== Pseudo HJT Report ===============
.

uWindow Title = Windows Internet Explorer provided by Yahoo!



uURLSearchHooks: Synapse UrlSearchHook Class: {3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B} - c:\program files\fuji medical system\synapse\workstation\FujiFldL.dll
dURLSearchHooks: Synapse UrlSearchHook Class: {3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B} - c:\program files\fuji medical system\synapse\workstation\FujiFldL.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Synapse BHO Class: {33414365-E6C7-460d-880A-A163BD69E84D} - c:\program files\fuji medical system\synapse\workstation\FujiFldL.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Google Update] "c:\users\michelle\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [intuit SyncManager] c:\program files\common files\intuit\sync\IntuitSyncManager.exe  startup
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [YMailAdvisor] "c:\program files\yahoo!\common\YMailAdvisor.exe"
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [iJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\programdata\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
StartupFolder: c:\users\michelle\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\michelle\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\michelle\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\crashp~1.lnk - c:\program files\crashplan\CrashPlanTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mozyho~1.lnk - c:\program files\mozyhome\mozystat.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableVirtualization = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll





DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll














TCP: NameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{138AD1CB-E94B-4994-A666-D64739C8FACD} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
TCP: Interfaces\{1BCB095A-5488-488B-9072-E87E3E3A069C} : DHCPNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\intuit\quickbooks 2009\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~1\google\google~1\GO36F4~1.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2012-9-17 134456]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 65584]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\adobe\elements 10 organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2009-1-28 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-9-24 176128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files\crashplan\CrashPlanService.exe [2013-4-8 152576]
S2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-1 375120]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 13624]
S2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-2-12 47640]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 104768]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2009-1-28 27648]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\seagate\seagate dashboard\SeagateDashboardService.exe [2011-6-1 14088]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-9-24 101904]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\bcl technologies\easyconverter sdk 3\common\becldr.exe [2013-7-3 225280]
S3 DLKRT32;D-Link DGE-530T Gigabit Ethernet Adapter Driver;c:\windows\system32\drivers\DLKRT32.sys [2012-8-23 277536]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-11-24 49664]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-9-12 1512448]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-1-28 30192]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-2-4 34248]
S3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-2-4 40552]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S3 SynapseUpdateSvc;Synapse Update Manager;c:\program files\fuji medical system\synapse\workstation\SynapseUpdateManager.exe [2010-10-22 199680]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-19 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-4-19 1343400]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
.
=============== Created Last 30 ================
.
2014-02-04 00:45:09 -------- d--h--w- c:\users\michelle\appdata\roaming\Malwarebytes
2014-02-04 00:44:59 -------- d-----w- c:\programdata\Malwarebytes
2014-02-04 00:44:58 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-04 00:44:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-04 00:44:30 -------- d-----w- c:\users\michelle\appdata\local\Programs
2014-02-01 20:30:54 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{80e720d1-595d-4f98-8497-45b1e30f62fb}\mpengine.dll
2014-01-31 20:31:05 7760024 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-01-30 05:00:04 -------- d--h--w- c:\users\michelle\appdata\roaming\CrashPlan
2014-01-26 03:09:25 -------- d-----w- c:\programdata\CrashPlan
2014-01-26 03:09:25 -------- d-----w- c:\program files\CrashPlan
2014-01-24 04:35:51 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{726ad82d-b6c6-4094-a8ac-fef92fb9bb61}\gapaengine.dll
2014-01-21 05:08:37 -------- d-----w- c:\users\michelle\appdata\local\LogMeIn Client
2014-01-15 20:07:23 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 20:07:22 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 20:07:21 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 20:07:20 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 20:07:20 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 20:07:20 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 20:07:20 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 20:07:20 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 20:07:20 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
.
==================== Find3M  ====================
.
2014-01-23 17:31:49 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2014-01-23 17:31:48 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2014-01-23 17:31:47 31560 ----a-w- c:\windows\system32\LMIport.dll
2014-01-23 17:31:46 85832 ----a-w- c:\windows\system32\LMIinit.dll
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-16 16:32:38 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2013-12-11 00:20:19 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 00:20:19 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-23 18:26:20 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07:29 2048 ----a-w- c:\windows\system32\tzres.dll
.
============= FINISH: 19:48:40.53 ===============

 

 

 

AND THE SECOND LOG FILE: ATTACH.TXT

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 10/24/2009 9:40:33 PM
System Uptime: 2/3/2014 7:44:02 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0P301D
Processor: Intel® Core2 Duo CPU     E7300  @ 2.66GHz | Socket 775 | 2660/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 223 GiB total, 32.602 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 3.569 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Canon MX860 ser Network
Device ID: ROOT\CANON_IJ_NETWORK\0001
Manufacturer: Canon
Name: Canon MX860 ser Network
PNP Device ID: ROOT\CANON_IJ_NETWORK\0001
Service: StillCam
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
==== System Restore Points ===================
.
RP571: 1/22/2014 11:41:35 AM - Windows Update
RP572: 1/25/2014 9:08:46 PM - Installed CrashPlan
RP573: 1/26/2014 12:46:59 AM - Windows Update
RP574: 1/27/2014 3:03:01 AM - Windows Backup
RP575: 1/29/2014 2:33:09 PM - Windows Update
.
==== Installed Programs ======================
.
3DVIA player 5.0
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 10
Adobe Photoshop.com Inspiration Browser
Adobe Reader X (10.1.9)
Adobe Shockwave Player 12.0
Amazon MP3 Downloader 1.0.17
AMD Drag and Drop Transcoding
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
ATI Catalyst Registration
BCL easyConverter SDK 3 (Word Version)
BlackBerry Desktop Software 6.0.1
BlackBerry Device Software Updater
Bonjour
Browser Address Error Redirector
Business Tools Launcher
Canon G.726 WMP-Decoder
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon MP Navigator EX 2.1
Canon MX860 series MP Drivers
Canon MX860 series User Registration
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities Easy-PhotoPrint EX
Canon Utilities My Printer
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities Solution Menu
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility
CCC Help English
CCleaner
Cisco Connect
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Citrix Presentation Server Client - Web Only
Citrix XenApp Web Plugin
Coupon Printer for Windows
CrashPlan
CutePDF Writer 2.7
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Getting Started Guide
Dell Support Center
DGE-530T Ethernet Controller All-In-One Windows Driver
Dropbox
EDocs
Elements 10 Organizer
Epocrates Essentials
Family Tree Maker 2010
Family Tree Maker 2012
Family Tree Maker 2014
Flickr Uploadr 3.2.1
FlipShare
Gadwin PrintScreen
Garmin USB Drivers
Garmin WebUpdater
Google Chrome
Google Desktop
Google Gears
Google Toolbar for Internet Explorer
Google Update Helper
iCloud
Intel® Matrix Storage Manager
iTunes
Java 2 Runtime Environment, SE v1.4.2_06
Java 7 Update 7
Java Auto Updater
Java 6 Update 15
Java 6 Update 7
Junk Mail filter update
KODAK EASYSHARE Gallery Upload ActiveX Control
KODAK Gallery Upload Software
Logitech Harmony Remote Software 7
LogMeIn
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Virtual Technician
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Primary Interoperability Assemblies 2005
Microsoft Search Enhancement Pack
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Store Download Manager
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft WSE 3.0
MobileMe Control Panel
Movie Maker
MozyHome
MSVCRT
MSVCRT110
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
OGA Notifier 2.0.0048.0
Palm Desktop by ACCESS
Personal Entertainment Launcher
Photo Common
Photo Gallery
PowerDVD
Product Support Launcher
PSE10 STI Installer
QuickBooks
QuickBooks Simple Start 2009
QuickTime
Realtek Ethernet Network Card Diagnostic tool for Windows Vista
Realtek High Definition Audio Driver
Remote Control USB Driver
Roxio Activation Module
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Safari
Seagate Dashboard
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shared C Run-time for x86
Shutterfly Express Uploader
Sid Meier's Civilization 4
Sid Meier's Civilization V
Sonic CinePlayer Decoder Pack
Sony RAW Driver
Spelling Dictionaries Support For Adobe Reader 9
Steam
SupportSoft Assisted Service
swMSM
Synapse Workstation
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
USB Storage Adapter FX/AT (WDC)
Visual Studio 2005 Tools for Office Second Edition Runtime
VZAccess Manager for RIM
Western Digital USB Mass Storage Driver Installation
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
WinMerge 2.14.0
WinZip 17.5
Yahoo! BrowserPlus 2.9.8
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Mail Advisor
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
2/3/2014 7:48:46 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
2/3/2014 7:46:46 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:45:15 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:45:14 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/3/2014 7:45:14 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/3/2014 7:45:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/3/2014 7:44:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/3/2014 7:44:50 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  ctxusbm discache mozyFilter MpFilter spldr Wanarpv6
2/3/2014 7:44:41 PM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 7:36:59 PM, Error: Service Control Manager [7000]  - The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error:  The system cannot find the file specified.
2/3/2014 7:31:07 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.   New Signature Version:    Previous Signature Version: 1.165.3119.0   Update Source: Microsoft Update Server   Update Stage: Search   Source Path: Default URL   Signature Type: AntiVirus   Update Type: Full   User: NT AUTHORITY\SYSTEM   Current Engine Version:    Previous Engine Version: 1.1.10201.0   Error code: 0x8007043c   Error description: This service cannot be started in Safe Mode
2/3/2014 7:31:07 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/3/2014 7:09:05 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2/3/2014 6:43:41 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:43:38 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/3/2014 6:43:38 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/3/2014 6:42:11 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD ctxusbm DfsC discache mozyFilter MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx Wanarpv6 WfpLwf
2/3/2014 6:42:10 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 6:42:10 PM, Error: Service Control Manager [7000]  - The Microsoft Antimalware Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2014 9:20:40 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
2/2/2014 9:20:40 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
2/2/2014 8:58:42 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user WOPR-2\Guest SID (S-1-5-21-2291196780-457562327-217995532-501) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/2/2014 8:05:35 AM, Error: Service Control Manager [7034]  - The Google Update Service (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:05:35 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the MozyHome Backup Service service to connect.
2/2/2014 8:05:35 AM, Error: Service Control Manager [7000]  - The MozyHome Backup Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2014 8:05:34 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Adobe Active File Monitor V10 service to connect.
2/2/2014 8:05:12 AM, Error: Service Control Manager [7034]  - The LogMeIn service terminated unexpectedly.  It has done this 2 time(s).
2/2/2014 8:05:12 AM, Error: Service Control Manager [7034]  - The LMIGuardianSvc service terminated unexpectedly.  It has done this 2 time(s).
2/2/2014 8:05:12 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the iPod Service service to connect.
2/2/2014 8:05:12 AM, Error: Service Control Manager [7000]  - The iPod Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2014 8:05:12 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
2/2/2014 8:04:34 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Apple Mobile Device service to connect.
2/2/2014 8:04:34 AM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2014 8:03:36 AM, Error: Service Control Manager [7034]  - The iPod Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:36 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the FlipShare Server service to connect.
2/2/2014 8:03:35 AM, Error: Service Control Manager [7034]  - The LogMeIn service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:35 AM, Error: Service Control Manager [7034]  - The Intel® Matrix Storage Event Monitor service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:35 AM, Error: Service Control Manager [7034]  - The CrashPlan Backup Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:35 AM, Error: Service Control Manager [7034]  - The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The Yahoo! Updater service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The SeaPort service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The Seagate Dashboard Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The QBCFMonitorService service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The LogMeIn Maintenance Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The LMIGuardianSvc service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The FlipShare Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
2/2/2014 8:03:34 AM, Error: Service Control Manager [7031]  - The FlipShare Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
2/2/2014 8:03:34 AM, Error: Service Control Manager [7031]  - The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/2/2014 7:48:33 AM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
2/2/2014 7:48:33 AM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2014 7:46:35 AM, Error: Service Control Manager [7031]  - The FlipShare Server service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
2/2/2014 7:46:35 AM, Error: Service Control Manager [7031]  - The FlipShare Server service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
2/2/2014 7:44:47 AM, Error: Service Control Manager [7024]  - The Volume Shadow Copy service terminated with service-specific error %%-2147212542.
2/2/2014 7:44:47 AM, Error: Service Control Manager [7023]  - The Windows Update service terminated with the following error:  %%-2147467243
2/2/2014 7:43:01 AM, Error: Service Control Manager [7038]  - The VSS service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:  The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/2/2014 7:43:01 AM, Error: Service Control Manager [7038]  - The netprofm service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:  The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
2/2/2014 7:43:01 AM, Error: Service Control Manager [7000]  - The Volume Shadow Copy service failed to start due to the following error:  The service did not start due to a logon failure.
2/2/2014 7:43:01 AM, Error: Service Control Manager [7000]  - The Portable Device Enumerator Service service failed to start due to the following error:  A system shutdown is in progress.
2/2/2014 7:43:01 AM, Error: Service Control Manager [7000]  - The Network List Service service failed to start due to the following error:  The service did not start due to a logon failure.
2/2/2014 7:43:01 AM, Error: Service Control Manager [7000]  - The Diagnostic System Host service failed to start due to the following error:  A system shutdown is in progress.
2/2/2014 7:43:01 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service VSS with arguments "" in order to run the server: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
2/2/2014 7:43:01 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1069" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/1/2014 9:36:41 PM, Error: Disk [11]  - The driver detected a controller error on \Device\Harddisk1\DR3.
2/1/2014 6:29:42 AM, Error: volsnap [36]  - The shadow copies of volume F: were aborted because the shadow copy storage could not grow due to a user imposed limit.
2/1/2014 4:30:18 AM, Error: Schannel [36888]  - The following fatal alert was generated: 43. The internal error state is 252.
2/1/2014 10:40:18 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the LogMeIn service to connect.
2/1/2014 10:40:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service LogMeIn with arguments "" in order to run the server: {C3ADA61A-4E0E-48D4-A2B1-AE5F76D01044}
2/1/2014 10:39:52 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Yahoo! Updater service to connect.
2/1/2014 10:39:52 PM, Error: Service Control Manager [7000]  - The Yahoo! Updater service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/1/2014 10:39:42 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the SeaPort service to connect.
2/1/2014 10:39:42 PM, Error: Service Control Manager [7000]  - The SeaPort service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/1/2014 10:39:35 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the Seagate Dashboard Service service to connect.
2/1/2014 10:39:35 PM, Error: Service Control Manager [7000]  - The Seagate Dashboard Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/1/2014 10:39:34 PM, Error: Service Control Manager [7009]  - A timeout was reached (120000 milliseconds) while waiting for the QBCFMonitorService service to connect.
2/1/2014 10:37:15 PM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The pipe has been ended.
2/1/2014 10:36:20 PM, Error: Service Control Manager [7034]  - The Adobe Active File Monitor V10 service terminated unexpectedly.  It has done this 1 time(s).
2/1/2014 10:36:20 PM, Error: Service Control Manager [7031]  - The MozyHome Backup Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/1/2014 10:35:47 PM, Error: Service Control Manager [7034]  - The Office Software Protection Platform service terminated unexpectedly.  It has done this 1 time(s).
1/28/2014 1:17:09 PM, Error: Schannel [36888]  - The following fatal alert was generated: 40. The internal error state is 252.
.
==== End Of File ===========================

 

Link to post
Share on other sites

Welcome to the forum.

Please download and run RogueKiller 32 Bit to your desktop.

RogueKiller 64 Bit <---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

Here's the log (it was run in Safe Mode):

 

RogueKiller V8.8.5 [Feb  3 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com

Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Safe mode with network support
User : Michelle [Admin rights]
Mode : Scan -- Date : 02/03/2014 20:36:10
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][sUSP PATH] HKLM\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [x][7][x]) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0xc000035f] ¤¤¤

¤¤¤ External Hives: ¤¤¤
-> D:\windows\system32\config\SYSTEM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]
-> D:\windows\system32\config\SOFTWARE | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]
-> D:\windows\system32\config\SECURITY | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]
-> D:\windows\system32\config\SAM | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]
-> D:\windows\system32\config\DEFAULT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]
-> D:\Users\Default\NTUSER.DAT | DRVINFO [Drv - D:] | SYSTEMINFO [sys - x:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND]

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250310AS +++++
--- User ---
[MBR] bcabd184084b4c9e6cdd63f4d21e5801
[bSP] 346b64ba3606b9c23b53a66f6abcac30 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21100544 | Size: 228114 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Flash Disk USB Device +++++
--- User ---
[MBR] 7025502a067682c0f775ad835f7b89e1
[bSP] 6525e5fc4103f514071e5ea80e2422f4 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 32 | Size: 499 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] The request is not supported. )

Finished : << RKreport[0]_S_02032014_203610.txt >>
RKreport[0]_D_02032014_191626.txt;RKreport[0]_H_02032014_191633.txt;RKreport[0]_S_02032014_190506.txt
RKreport[0]_S_02032014_190902.txt

Link to post
Share on other sites

OK, run this one (safe mode is fine)

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

Will do.  Here's the first log file:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-02-2014
Ran by Michelle (administrator) on WOPR-2 on 03-02-2014 20:50:26
Running from C:\Users\Michelle\Downloads
Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Cisco WebEx LLC) C:\Windows\System32\atashost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6265376 2008-08-19] (Realtek Semiconductor)
HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation)
HKLM\...\Run: [intuit SyncManager] - C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [623880 2008-09-09] (Intuit Inc. All rights reserved.)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2008-07-24] (LogMeIn, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [YMailAdvisor] - C:\Program Files\Yahoo!\Common\YMailAdvisor.exe [125208 2008-06-05] (Yahoo! Inc.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-10-20] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1848648 2008-03-17] (CANON INC.)
HKLM\...\Run: [iJNetworkScanUtility] - C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [124512 2007-05-21] (CANON INC.)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [ConnectionCenter] - C:\Program Files\Citrix\ICA Client\concentr.exe [300400 2010-03-10] (Citrix Systems, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [bCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\Run: [iSUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [205480 2007-08-30] (Macrovision Corporation)
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-01-21] (Google Inc.)
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\Run: [Google Update] - C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-31] (Google Inc.)
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\Run: [MobileDocuments] - C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-2291196780-457562327-217995532-1002\...\MountPoints2: {40ad6d7b-f1ab-11dd-84e3-00219b23e55b} - H:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-10] (Google)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (No File)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
URLSearchHook: HKCU - Synapse UrlSearchHook Class - {3D31A26E-04D4-4B45-AFD4-DA4E1AE4AF1B} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFldL.dll (FUJIFILM Medical Systems U.S.A., Inc.)
SearchScopes: HKCU - {1F1960F7-E08E-4A30-92F5-193E3D34B758} URL = http://delicious.com/search?p={searchTerms}
SearchScopes: HKCU - {6979DAD7-F563-4A76-BBD1-D1A01A527AF1} URL = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = http://127.0.0.1:4664/search&s=4lrV5WiALReTYsW7x9FPpZops5k?q={searchTerms}
SearchScopes: HKCU - {A3545100-1808-4E9B-89C6-E7FE3F11448C} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {E200635D-764F-4982-B839-0BB7AFE34E1D} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO: Synapse BHO Class - {33414365-E6C7-460d-880A-A163BD69E84D} - C:\Program Files\Fuji Medical System\Synapse\Workstation\FujiFldL.dll (FUJIFILM Medical Systems U.S.A., Inc.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} http://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1FBD11EF-1260-11D1-87A7-444553540001} https://pacs.caregate.net/osd/SynapseWorkstationInf.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {556EEC63-31E2-47C3-BF29-DFF799D2FE04} https://secure.logmein.com/activex/RACtrl.cab
DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.mpix.com/customer/uploading/activex/ImageUploader5.cab
DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_2/axofupld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/products/plugin/autodl/jinstall-160-windows-i586.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D965D483-9F35-47D9-AF34-D448CACE97F7} https://slhaa.caregate.net/AccessANYware/AAInstall.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com//activex/ractrl.cab?lmi=1058
DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-latest.cab
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

Chrome:
=======

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Michelle\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Michelle\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Michelle\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.122.1_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Platform SE 6 U13) - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java Platform SE 6 U15) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (PalmSource Package Installer) - C:\PROGRA~1\palmOne\PACKAG~1\NPInstal.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll No File
CHR Plugin: (RIM Handheld Application Loader) - C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll (McAfee, Inc.)
CHR Plugin: (3DVIA player) - C:\Program Files\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Michelle\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\progra~1\mcafee\msc\npmcsn~1.dll No File
CHR Extension: (YouTube) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-04]
CHR Extension: (Google Search) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-04]
CHR Extension: (Google Wallet) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-04]
CHR StartMenuInternet: Google Chrome - C:\Users\Jeff\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

S2 AdobeActiveFileMonitor10.0; C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
S2 AERTFilters; C:\Windows\system32\AERTSrv.exe [81920 2008-08-19] (Andrea Electronics Corporation)
R2 atashost; C:\Windows\system32\atashost.exe [134456 2012-09-17] (Cisco WebEx LLC)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-07-03] ()
S2 CrashPlanService; C:\Program Files\CrashPlan\CrashPlanService.exe [152576 2013-04-08] (CrashPlan)
S2 FlipShare Service; C:\Program Files\Flip Video\FlipShare\FlipShareService.exe [460144 2011-05-06] ()
S2 FlipShareServer; C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe [1085440 2011-05-06] ()
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-10] (Google)
S2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54160 2012-08-02] (Mozy, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
S2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2011-06-01] (Memeo)
S3 SynapseUpdateSvc; C:\Program Files\Fuji Medical System\Synapse\Workstation\SynapseUpdateManager.exe [199680 2010-10-22] (FUJIFILM Medical Systems U.S.A., Inc.)
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW73.sys [101904 2010-09-24] (ATI Technologies, Inc.)
S3 DLKRT32; C:\Windows\System32\DRIVERS\DLKRT32.sys [277536 2010-11-23] (D-Link Corp.                               )
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [79960 2008-08-19] (JMicron Technology Corp.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-09-16] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-09-16] (McAfee, Inc.)
S1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [55520 2013-05-02] (Mozy, Inc.)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16640 2007-12-04] (PalmSource, Inc.)
S2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-08-19] (Windows ® Codename Longhorn DDK provider)
S4 LMIRfsClientNP; No ImagePath
U3 TrueSight; \??\C:\Windows\system32\TrueSight.sys [X]
U3 mbr; \??\C:\Users\Michelle\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-03 20:50 - 2014-02-03 20:50 - 00019391 _____ () C:\Users\Michelle\Downloads\FRST.txt
2014-02-03 20:49 - 2014-02-03 20:50 - 00000000 ____D () C:\FRST
2014-02-03 20:49 - 2014-02-03 20:48 - 01137152 _____ (Farbar) C:\Users\Michelle\Downloads\FRST.exe
2014-02-03 20:36 - 2014-02-03 20:36 - 00002953 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_203610.txt
2014-02-03 19:49 - 2014-02-03 19:49 - 00031204 _____ () C:\Users\Michelle\Desktop\attach.txt
2014-02-03 19:49 - 2014-02-03 19:48 - 00016912 _____ () C:\Users\Michelle\Desktop\dds.txt
2014-02-03 19:41 - 2014-02-03 19:41 - 00688992 ____R (Swearware) C:\Users\Michelle\Desktop\dds.com
2014-02-03 19:41 - 2014-02-03 19:41 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
2014-02-03 19:16 - 2014-02-03 19:16 - 00003496 _____ () C:\Users\Michelle\Desktop\RKreport[0]_D_02032014_191626.txt
2014-02-03 19:16 - 2014-02-03 19:16 - 00001727 _____ () C:\Users\Michelle\Desktop\RKreport[0]_H_02032014_191633.txt
2014-02-03 19:09 - 2014-02-03 19:09 - 00003387 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_190902.txt
2014-02-03 19:05 - 2014-02-03 19:05 - 00003354 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_190506.txt
2014-02-03 19:02 - 2014-02-03 19:16 - 00000000 ____D () C:\Users\Michelle\Desktop\RK_Quarantine
2014-02-03 18:45 - 2014-02-03 18:45 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\Malwarebytes
2014-02-03 18:44 - 2014-02-03 18:45 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-03 18:44 - 2014-02-03 18:44 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-03 18:44 - 2014-02-03 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-03 18:44 - 2014-02-03 18:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-03 18:44 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-03 07:11 - 2014-02-03 07:11 - 00000835 _____ () C:\Users\Jeff\Desktop\hosts.txt
2014-02-01 22:38 - 2014-02-03 19:35 - 00001728 _____ () C:\Windows\PFRO.log
2014-01-29 23:00 - 2014-01-29 23:00 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\CrashPlan
2014-01-25 21:09 - 2014-01-25 21:09 - 00000000 ____D () C:\ProgramData\CrashPlan
2014-01-25 21:09 - 2014-01-25 21:09 - 00000000 ____D () C:\Program Files\CrashPlan
2014-01-25 21:07 - 2014-01-25 21:10 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\CrashPlan
2014-01-25 21:07 - 2014-01-25 21:07 - 40070640 _____ (CrashPlan) C:\Users\Jeff\Downloads\CrashPlan_3.5.3_Win.exe
2014-01-20 23:08 - 2014-01-21 00:10 - 00000000 ____D () C:\Users\Michelle\AppData\Local\LogMeIn Client
2014-01-16 16:25 - 2014-01-16 16:25 - 00016896 _____ () C:\Users\Michelle\Downloads\December 2013 Expenses.xls
2014-01-15 14:07 - 2013-11-26 19:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 14:07 - 2013-11-26 19:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 14:07 - 2013-11-26 05:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 14:07 - 2013-11-26 04:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== One Month Modified Files and Folders =======

2014-02-03 20:50 - 2014-02-03 20:50 - 00019391 _____ () C:\Users\Michelle\Downloads\FRST.txt
2014-02-03 20:50 - 2014-02-03 20:49 - 00000000 ____D () C:\FRST
2014-02-03 20:48 - 2014-02-03 20:49 - 01137152 _____ (Farbar) C:\Users\Michelle\Downloads\FRST.exe
2014-02-03 20:36 - 2014-02-03 20:36 - 00002953 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_203610.txt
2014-02-03 19:56 - 2009-10-24 20:27 - 01877447 _____ () C:\Windows\WindowsUpdate.log
2014-02-03 19:49 - 2014-02-03 19:49 - 00031204 _____ () C:\Users\Michelle\Desktop\attach.txt
2014-02-03 19:48 - 2014-02-03 19:49 - 00016912 _____ () C:\Users\Michelle\Desktop\dds.txt
2014-02-03 19:41 - 2014-02-03 19:41 - 00688992 ____R (Swearware) C:\Users\Michelle\Desktop\dds.com
2014-02-03 19:41 - 2014-02-03 19:41 - 00688992 _____ (Swearware) C:\Users\Michelle\Desktop\dds.scr
2014-02-03 19:40 - 2010-01-30 14:05 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 19:40 - 2010-01-30 14:05 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-03 19:40 - 2009-01-28 01:07 - 00000276 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job
2014-02-03 19:39 - 2013-12-27 21:05 - 00230765 _____ () C:\Windows\setupact.log
2014-02-03 19:39 - 2009-07-13 22:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-03 19:35 - 2014-02-01 22:38 - 00001728 _____ () C:\Windows\PFRO.log
2014-02-03 19:16 - 2014-02-03 19:16 - 00003496 _____ () C:\Users\Michelle\Desktop\RKreport[0]_D_02032014_191626.txt
2014-02-03 19:16 - 2014-02-03 19:16 - 00001727 _____ () C:\Users\Michelle\Desktop\RKreport[0]_H_02032014_191633.txt
2014-02-03 19:16 - 2014-02-03 19:02 - 00000000 ____D () C:\Users\Michelle\Desktop\RK_Quarantine
2014-02-03 19:09 - 2014-02-03 19:09 - 00003387 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_190902.txt
2014-02-03 19:05 - 2014-02-03 19:05 - 00003354 _____ () C:\Users\Michelle\Desktop\RKreport[0]_S_02032014_190506.txt
2014-02-03 18:45 - 2014-02-03 18:45 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\Malwarebytes
2014-02-03 18:45 - 2014-02-03 18:44 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-03 18:44 - 2014-02-03 18:44 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-03 18:44 - 2014-02-03 18:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-03 18:42 - 2014-02-03 18:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Michelle\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-03 18:40 - 2009-02-12 23:31 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-02-03 07:11 - 2014-02-03 07:11 - 00000835 _____ () C:\Users\Jeff\Desktop\hosts.txt
2014-02-03 07:10 - 2009-10-24 20:37 - 00782838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 08:58 - 2010-01-29 16:36 - 00000000 ____D () C:\Users\Guest\Tracing
2014-02-02 08:07 - 2009-10-24 19:49 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 08:07 - 2009-10-24 19:49 - 00010048 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 07:47 - 2012-02-04 10:34 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002UA.job
2014-02-02 07:47 - 2012-02-04 10:34 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002Core.job
2014-02-01 22:29 - 2010-11-16 20:14 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001UA.job
2014-02-01 22:20 - 2012-07-21 06:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 15:29 - 2010-11-16 20:14 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001Core.job
2014-02-01 14:02 - 2010-11-13 12:30 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-02-01 12:55 - 2012-08-02 11:43 - 00008046 _____ () C:\Windows\mozy.flt
2014-02-01 12:55 - 2012-08-02 11:43 - 00005822 _____ () C:\Windows\mozy.blk
2014-02-01 10:54 - 2011-05-23 21:02 - 00000000 ___RD () C:\Users\Michelle\Dropbox
2014-02-01 10:54 - 2011-05-23 21:01 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\Dropbox
2014-02-01 01:00 - 2011-03-26 14:55 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox
2014-01-31 02:00 - 2009-02-03 19:43 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Adobe
2014-01-30 22:48 - 2013-09-16 21:24 - 00000000 ____D () C:\Users\Michelle\Documents\Alexi Forbes
2014-01-29 23:00 - 2014-01-29 23:00 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\CrashPlan
2014-01-29 03:54 - 2012-02-04 10:34 - 00002383 _____ () C:\Users\Michelle\Desktop\Google Chrome.lnk
2014-01-28 22:35 - 2010-11-16 20:16 - 00002361 _____ () C:\Users\Jeff\Desktop\Google Chrome.lnk
2014-01-25 21:10 - 2014-01-25 21:07 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\CrashPlan
2014-01-25 21:09 - 2014-01-25 21:09 - 00000000 ____D () C:\ProgramData\CrashPlan
2014-01-25 21:09 - 2014-01-25 21:09 - 00000000 ____D () C:\Program Files\CrashPlan
2014-01-25 21:07 - 2014-01-25 21:07 - 40070640 _____ (CrashPlan) C:\Users\Jeff\Downloads\CrashPlan_3.5.3_Win.exe
2014-01-24 19:02 - 2009-02-03 00:05 - 00000000 ____D () C:\ProgramData\Apple
2014-01-24 18:57 - 2009-02-12 23:31 - 00000000 ____D () C:\Program Files\LogMeIn
2014-01-23 11:31 - 2009-02-12 23:31 - 00086888 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2014-01-23 11:31 - 2009-02-12 23:31 - 00085832 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2014-01-23 11:31 - 2009-02-12 23:31 - 00031560 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2014-01-22 20:32 - 2011-12-06 20:01 - 01122816 ___SH () C:\Users\Jeff\Downloads\Thumbs.db
2014-01-22 18:11 - 2011-03-26 15:20 - 00000000 ___RD () C:\Users\Jeff\Dropbox
2014-01-22 16:16 - 2013-11-27 09:25 - 00001346 _____ () C:\Users\Guest\Desktop\ROBLOX Player.lnk
2014-01-22 16:16 - 2013-11-27 09:24 - 00001165 _____ () C:\Users\Guest\Desktop\ROBLOX Studio 2013.lnk
2014-01-22 16:16 - 2013-11-27 09:24 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-01-21 00:10 - 2014-01-20 23:08 - 00000000 ____D () C:\Users\Michelle\AppData\Local\LogMeIn Client
2014-01-20 11:34 - 2009-02-02 23:57 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Microsoft Help
2014-01-19 14:29 - 2009-09-10 19:10 - 00000000 ____D () C:\Users\Jeff\Documents\Family Tree Maker
2014-01-19 11:20 - 2011-05-23 21:02 - 00001030 _____ () C:\Users\Michelle\Desktop\Dropbox.lnk
2014-01-19 11:20 - 2011-05-23 21:02 - 00000000 ___HD () C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-19 01:32 - 2011-01-31 10:00 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-17 18:26 - 2009-01-28 01:10 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-01-16 16:25 - 2014-01-16 16:25 - 00016896 _____ () C:\Users\Michelle\Downloads\December 2013 Expenses.xls
2014-01-15 22:22 - 2009-07-13 22:33 - 00430288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 19:46 - 2013-08-11 02:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-13 18:59 - 2011-07-26 18:51 - 00007669 _____ () C:\Users\Michelle\AppData\Local\Resmon.ResmonCfg
2014-01-08 19:03 - 2011-03-26 15:20 - 00001016 _____ () C:\Users\Jeff\Desktop\Dropbox.lnk
2014-01-08 19:03 - 2011-03-26 14:55 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-07 03:21 - 2010-11-13 12:30 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-01-06 16:20 - 2009-11-11 22:29 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\contentDATs.exe
C:\Users\Guest\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Guest\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Michelle\AppData\Local\Temp\ntdll_dump.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-19 01:47

==================== End Of Log ===========================

 

 

AND THE SECOND (ADDITION.TXT) LOG FILE:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-02-2014
Ran by Michelle at 2014-02-03 20:50:47
Running from C:\Users\Michelle\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

3DVIA player 5.0 (Version: 5.0.0.15 - 3DVIA)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Community Help (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (Version: 3.09 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (Version: 3.09 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.17 (Version: 1.0.17 - Amazon Services LLC)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apple Application Support (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (Version: 3.0.790.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (Version: 3.00.0000 - ATI Technologies Inc.) Hidden
BCL easyConverter SDK 3 (Word Version) (Version: 3.0.64 - BCL Technologies)
BlackBerry Desktop Software 6.0.1 (Version: 6.0.1.18 - Research In Motion Ltd.)
BlackBerry Desktop Software 6.0.1 (Version: 6.0.1.18 - Research In Motion Ltd.) Hidden
BlackBerry Device Software Updater (Version: 4.7.0.58 - Research In Motion Ltd)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Browser Address Error Redirector (Version: 1.00.0000 - Dell)
Business Tools Launcher (Version: 1.00.0000 - Dell Inc.)
Canon G.726 WMP-Decoder (Version: 1.1.0.4 - )
Canon IJ Network Scan Utility (Version:  - )
Canon IJ Network Tool (Version:  - )
Canon MOV Decoder (Version: 1.4.0.15 - Canon Inc.)
Canon MOV Encoder (Version: 1.2.0.10 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.3.0.15 - Canon Inc.)
Canon MP Navigator EX 2.1 (Version:  - )
Canon MX860 series MP Drivers (Version:  - )
Canon MX860 series User Registration (Version:  - )
Canon RAW Image Task for ZoomBrowser EX (Version: 2.6.0.13 - )
Canon Utilities CameraWindow (Version: 7.3.0.4 - Canon Inc.)
Canon Utilities CameraWindow DC (Version: 7.4.1.10 - Canon Inc.)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.5.0.3 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (Version:  - )
Canon Utilities My Printer (Version:  - )
Canon Utilities MyCamera (Version: 7.3.0.5 - Canon Inc.)
Canon Utilities MyCamera DC (Version: 7.2.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (Version: 3.1.19.43 - )
Canon Utilities RemoteCapture DC (Version: 3.1.0.5 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities Solution Menu (Version:  - )
Canon Utilities ZoomBrowser EX (Version: 6.4.1.11 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.2.2.11 - Canon Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0825.2146.37182 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2010.0825.2146.37182 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0825.2146.37182 - ATI Technologies, Inc.) Hidden
CCC Help English (Version: 2010.0825.2145.37182 - ATI) Hidden
ccc-core-static (Version: 2010.0825.2146.37182 - ATI) Hidden
ccc-utility (Version: 2010.0825.2146.37182 - ATI) Hidden
CCleaner (Version: 4.09 - Piriform)
Cisco Connect (Version: 1.4.12100.0 - Cisco Consumer Products LLC)
Citrix online plug-in - web (Version: 12.0.0.6410 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (Version: 12.0.0.6410 - Citrix Systems, Inc.) Hidden
Citrix Presentation Server Client - Web Only (Version: 10.200.2650 - Citrix Systems, Inc.)
Citrix XenApp Web Plugin (Version: 11.0.0.5357 - Citrix Systems, Inc.)
Coupon Printer for Windows (Version: 5.0.0.0 - Coupons.com Incorporated) <==== ATTENTION
CrashPlan (Version: 3.5.3 - CrashPlan)
CutePDF Writer 2.7 (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version:  - Microsoft)
Dell Getting Started Guide (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Version: 3.0.5694.21 - Dell Inc.)
Dell Support Center (Version: 3.0.5694.21 - PC-Doctor, Inc.) Hidden
DGE-530T Ethernet Controller All-In-One Windows Driver (Version: 1.12.0013 - D-Link)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
EDocs (Version:  - )
Elements 10 Organizer (Version: 10.0 - Adobe Systems Incorporated) Hidden
Epocrates Essentials (Version:  - )
Family Tree Maker 2010 (Version: 19.0.180 - Ancestry.com)
Family Tree Maker 2010 (Version: 19.0.180 - Ancestry.com) Hidden
Family Tree Maker 2012 (Version: 21.0.388 - Ancestry.com, Inc.)
Family Tree Maker 2012 (Version: 21.0.388 - Ancestry.com, Inc.) Hidden
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
Flickr Uploadr 3.2.1 (Version:  - )
FlipShare (Version: 5.12.3.0 - Flip Video)
Gadwin PrintScreen (Version: 4.7 - Gadwin Systems, Inc.)
Garmin USB Drivers (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKCU Version: 32.0.1700.102 - Google Inc.)
Google Desktop (Version: 5.9.1005.12335 - Google)
Google Gears (Version: 0.5.3600 - Google)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
iCloud (Version: 3.1.0.40 - Apple Inc.)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_06 (Version: 1.4.2_06 - Sun Microsystems, Inc.)
Java 7 Update 7 (Version: 7.0.70 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java 6 Update 15 (Version: 6.0.150 - Sun Microsystems, Inc.)
Java 6 Update 7 (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KODAK EASYSHARE Gallery Upload ActiveX Control (Version:  - )
KODAK Gallery Upload Software (Version: 1.00.0000 - EASTMAN KODAK Company)
Logitech Harmony Remote Software 7 (Version: 7.4.0.5 - Logitech) Hidden
Logitech Harmony Remote Software 7 (Version: 7.7.0.0 - Logitech)
LogMeIn (Version: 4.0.784 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Virtual Technician (Version: 6.0.0.0 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Store Download Manager (Version: 2.5.2219.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 (Version: 3.0.5305.0 - Microsoft Corporation)
MobileMe Control Panel (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozyHome (Version: 2.24.2.360 - Mozy, Inc.)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Palm Desktop by ACCESS (Version: 6.4.0.0 - Palm, Inc.)
Personal Entertainment Launcher (Version: 1.00.0000 - Dell Inc.)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerDVD (Version: 8.1 - Dell)
Product Support Launcher (Version: 1.00.0000 - Dell Inc.) <==== ATTENTION
PSE10 STI Installer (Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickBooks (Version: 19.0.4008.703 - Intuit Inc.) Hidden
QuickBooks Simple Start 2009 (Version: 19.0.4008.703 - Intuit Inc.)
QuickTime (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Network Card Diagnostic tool for Windows Vista (Version: 1.00 - Realtek)
Realtek High Definition Audio Driver (Version:  - )
Remote Control USB Driver (Version: 2.3.2.317 - )
Roxio Activation Module (Version: 1.0 - Roxio)
Roxio Creator Audio (Version: 3.5.0 - Roxio)
Roxio Creator BDAV Plugin (Version: 3.5.0 - Roxio)
Roxio Creator Copy (Version: 3.5.0 - Roxio)
Roxio Creator Data (Version: 3.5.0 - Roxio)
Roxio Creator DE (Version: 3.5.0 - Roxio)
Roxio Creator Tools (Version: 3.5.0 - Roxio)
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio)
Roxio Update Manager (Version: 6.0.0 - Roxio)
Safari (Version: 5.34.57.2 - Apple Inc.)
Seagate Dashboard (Version: 1.1.0.1421 - Memeo Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Shutterfly Express Uploader (Version: 1.2.0 - Shutterfly, Inc.) Hidden
Shutterfly Express Uploader (Version: 1.2.0.0 - Shutterfly, Inc.)
Sid Meier's Civilization 4 (HKCU Version: 1.00.0000 - Firaxis Games)
Sid Meier's Civilization V (Version:  - 2K Games, Inc.)
Sonic CinePlayer Decoder Pack (Version: 4.2.0 - Sonic Solutions)
Sony RAW Driver (Version: 2.0.00.08130 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (Version: 1.0.0.0 - Valve Corporation)
SupportSoft Assisted Service (Version: 15 - SupportSoft)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synapse Workstation (Version: 3.2.15111 - FUJIFILM Medical Systems U.S.A., Inc.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version:  - Microsoft)
USB Storage Adapter FX/AT (WDC) (Version:  - )
Visual Studio 2005 Tools for Office Second Edition Runtime (Version:  - Microsoft Corporation)
VZAccess Manager for RIM (Version: 6.7.3 - Smith Micro Software Inc.)
Western Digital USB Mass Storage Driver Installation (Version: 6.03 - Western Digital Technologies, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Sync (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
WinMerge 2.14.0 (Version: 2.14.0 - Thingamahoochie Software)
WinZip 17.5 (Version: 17.5.10480 - WinZip Computing, S.L. )
Yahoo! BrowserPlus 2.9.8 (HKCU Version:  - Yahoo! Inc.)
Yahoo! Install Manager (Version:  - )
Yahoo! Internet Mail (Version:  - )
Yahoo! Mail Advisor (Version:  - )
Yahoo! Software Update (Version:  - )

==================== Restore Points  =========================

22-01-2014 17:41:35 Windows Update
26-01-2014 03:08:46 Installed CrashPlan
26-01-2014 06:46:59 Windows Update
27-01-2014 09:03:01 Windows Backup
29-01-2014 20:33:09 Windows Update

==================== Hosts content: ==========================

2006-11-02 04:23 - 2014-02-03 19:16 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0D02DA23-2C4E-485C-9476-B22119F187A6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-10-27] (PC-Doctor, Inc.)
Task: {188D2C34-29D4-4F9A-8684-B9B23B42A95C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {328D337C-88BF-4C27-BEA8-7193F011200E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {48CA8DE2-D245-41F3-BB4C-057DE4C0DBAE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {586D0851-19D8-442E-87A3-BC81301BD2BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002Core => C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {60A66ED4-1B6A-443B-808C-219E62C31585} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {62B1D1B4-D45E-4759-88A7-27339A8FA253} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-10-27] (PC-Doctor, Inc.)
Task: {86B43DD6-283F-4E31-9D08-A2C481E5B5FB} - System32\Tasks\AdobeAAMUpdater-1.0-WOPR-2-Michelle => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {94039DCB-55C2-43FA-97AF-0988858B6E7A} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-08-19] (Realtek)
Task: {9B6C1960-85B3-4325-BD19-69CDF7C4F553} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {CE5EB475-558A-4FBC-8F3C-444F457FAC68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {CF4ED56E-FFB8-42C0-9FE0-5A2936335C09} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-13] (Microsoft Corporation)
Task: {D31DBEB6-B8B0-439E-AC14-F31EF413CD29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001Core => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17] (Google Inc.)
Task: {D9FE6D8A-8B33-4906-9A27-58EE74FC57F8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001UA => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-17] (Google Inc.)
Task: {DD13839E-7DCA-4D2D-BFFA-DC6547BCD194} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002UA => C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-31] (Google Inc.)
Task: {DD895622-C284-4ECA-BDF2-571714DE700A} - System32\Tasks\Leader Technologies\PowerRegister\D-Link DGE-530T Registration (Jeff) => C:\Users\Jeff\AppData\Roaming\Leadertech\PowerRegister\D-Link DGE-530T Registration.exe [2010-11-23] (Leader Technologies/D-Link)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {FC2D5CD9-F3A9-4879-94D4-AFD1DA990369} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-10-27] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001Core.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001UA.job => C:\Users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002Core.job => C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002UA.job => C:\Users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\RtlNICDiagVistaStart.job => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Faulty Device Manager Devices =============

Name: Canon MX860 ser Network
Description: Canon MX860 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2014 08:01:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2014 08:01:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2014 07:58:46 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (02/03/2014 07:58:46 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x8007043C

Error: (02/03/2014 07:54:15 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.

Error: (02/03/2014 07:54:15 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
0x8007043C

Error: (02/03/2014 07:46:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/03/2014 07:45:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2014 07:45:20 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2014 07:44:56 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x00000000.

System errors:
=============
Error: (02/03/2014 08:50:50 PM) (Source: Ntfs) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (02/03/2014 08:50:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:50:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:50:50 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:48:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:48:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:48:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:43:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:43:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (02/03/2014 08:43:42 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (02/03/2014 08:01:55 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\msert32.exe

Error: (02/03/2014 08:01:55 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\msert.exe

Error: (02/03/2014 07:58:46 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001

Error: (02/03/2014 07:58:46 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C

Error: (02/03/2014 07:54:15 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001

Error: (02/03/2014 07:54:15 PM) (Source: Software Protection Platform Service)(User: )
Description: 0x8007043C

Error: (02/03/2014 07:46:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/03/2014 07:45:20 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\msert32.exe

Error: (02/03/2014 07:45:20 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"F:\msert.exe

Error: (02/03/2014 07:44:56 PM) (Source: Winlogon)(User: )
Description: 0x000000000x00000001

CodeIntegrity Errors:
===================================
  Date: 2009-10-23 14:28:26.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-10-23 14:28:26.128
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~1\McAfee\SITEAD~1\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:16:32.895
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:16:32.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:14:28.802
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:14:28.797
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:09:49.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:09:49.262
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:07:48.689
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

  Date: 2009-08-27 13:07:48.681
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\McAfee\SiteAdvisor\sahook.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 3070.99 MB
Available physical RAM: 2206.5 MB
Total Pagefile: 6140.27 MB
Available Pagefile: 5452.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.87 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.77 GB) (Free:32.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:3.57 GB) NTFS
Drive f: (DISTRIBOPP) (Removable) (Total:0.49 GB) (Free:0.16 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: A0000000)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=223 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 499 MB) (Disk ID: BFA2E58A)
Partition 1: (Active) - (Size=499 MB) - (Type=06)

==================== End Of Log ============================

Link to post
Share on other sites

Feb 1 is when everything went upside down.  I believe there was a system restore created on 1/29 when Windows Update ran, but I can't seem to access the system restore menu in Safe Mode.  When I boot up in regular mode, I get a blank screen which is amazingly aggravating!  Am I to the point of reformatting the hard drive and starting over?

Link to post
Share on other sites

This will work if you have a good system restore point and can get to the Command prompt: (If it doesn't work the first time keep trying...you may be able get it)

Step 1: Use F8 to Boot to SafeMode With Command Prompt or Command Prompt

Step 2: Type the word "explorer" in black screen > enter

Step 3: Then Navigate to:

Win XP: C:\windows\system32\restore\rstrui.exe and press Enter

Win Vista/Seven: C:\windows\system32\rstrui.exe and press Enter (double click rstrui.exe)

Step 4: Restore Computer to Date you know you were virus free

Step 5: See if it boots up normally.....post on the forum so we can ensure the computers clean

Let me know...MrC

Link to post
Share on other sites

Been tied up with work the last couple of nights, but I appreciate you checking in!  As of right now, the desktop is tentatively back online - one of the boot up sequences offered the chance to "boot to last known good configuration" so I took it.  Everything's working, but I haven't yet rebooted so I don't know if it will hold together once that happens.  Is it worth following your instructions about running rstrui.exe to make sure everything's clean?  Regards - JC

Link to post
Share on other sites

No don't do that if you got your desktop back.

We should run some scans.

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

bleep-crop.jpg

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

Link to post
Share on other sites

Here's the ComboFix.txt log file (took a bit longer to run than I anticipated, so I let it finish up overnight):

 

ComboFix 14-02-05.02 - Michelle 02/07/2014  22:18:31.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3071.1685 [GMT -6:00]
Running from: c:\users\Michelle\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\COUPon~1.ocx
c:\windows\TEMP\jna1056028227930153328.dll
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-08 to 2014-02-08  )))))))))))))))))))))))))))))))
.
.
2014-02-08 04:29 . 2014-02-08 04:29 -------- d-----w- c:\users\Jeff\AppData\Local\temp
2014-02-08 04:29 . 2014-02-08 04:29 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-02-08 04:29 . 2014-02-08 04:35 -------- d-----w- c:\users\Michelle\AppData\Local\temp
2014-02-08 04:29 . 2014-02-08 04:29 -------- d-----w- c:\users\McAfeeMVSUser\AppData\Local\temp
2014-02-08 03:52 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8A9CFB90-EC3A-45EE-A87E-4AE5F56E3B09}\mpengine.dll
2014-02-07 03:51 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-04 02:49 . 2014-02-04 02:50 -------- d-----w- C:\FRST
2014-02-04 00:45 . 2014-02-04 00:45 -------- d--h--w- c:\users\Michelle\AppData\Roaming\Malwarebytes
2014-02-04 00:44 . 2014-02-04 00:44 -------- d-----w- c:\programdata\Malwarebytes
2014-02-04 00:44 . 2014-02-04 00:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-04 00:44 . 2013-04-04 20:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-04 00:44 . 2014-02-04 00:44 -------- d-----w- c:\users\Michelle\AppData\Local\Programs
2014-01-30 05:00 . 2014-01-30 05:00 -------- d--h--w- c:\users\Michelle\AppData\Roaming\CrashPlan
2014-01-26 03:09 . 2014-01-26 03:09 -------- d-----w- c:\programdata\CrashPlan
2014-01-26 03:09 . 2014-01-26 03:09 -------- d-----w- c:\program files\CrashPlan
2014-01-26 03:07 . 2014-01-26 03:10 -------- d-----w- c:\users\Jeff\AppData\Roaming\CrashPlan
2014-01-24 04:35 . 2013-10-20 05:05 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{726AD82D-B6C6-4094-A8AC-FEF92FB9BB61}\gapaengine.dll
2014-01-21 05:08 . 2014-01-21 06:10 -------- d-----w- c:\users\Michelle\AppData\Local\LogMeIn Client
2014-01-15 20:07 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 20:07 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-15 20:07 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 20:07 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 20:07 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 20:07 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 20:07 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 20:07 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 20:07 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-05 06:20 . 2012-04-12 00:20 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-05 06:20 . 2011-05-20 23:25 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-23 17:31 . 2009-02-13 05:31 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2014-01-23 17:31 . 2009-02-13 05:31 53064 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2014-01-23 17:31 . 2009-02-13 05:31 31560 ----a-w- c:\windows\system32\LMIport.dll
2014-01-23 17:31 . 2009-02-13 05:31 85832 ----a-w- c:\windows\system32\LMIinit.dll
2014-01-19 07:32 . 2011-01-31 16:00 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-16 16:32 . 2009-02-13 05:31 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak
2013-11-23 18:26 . 2013-12-11 18:59 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07 . 2013-12-11 18:59 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ---ha-w- c:\users\Michelle\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ---ha-w- c:\users\Michelle\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09 131248 ---ha-w- c:\users\Michelle\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]
@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"
[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]
2013-12-11 19:14 4856648 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]
@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"
[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]
2013-12-11 19:14 4856648 ----a-w- c:\program files\MozyHome\mozyshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-22 39408]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-19 6265376]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-25 63048]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"YMailAdvisor"="c:\program files\Yahoo!\Common\YMailAdvisor.exe" [2008-06-05 125208]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2008-10-21 722256]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-18 1848648]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-05-21 124512]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-11 300400]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]
.
c:\users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Michelle\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [2013-4-8 209920]
MozyHome Status.lnk - c:\program files\MozyHome\mozystat.exe [2013-12-11 4645704]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2009-7-16 984352]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableVirtualization"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57 959904 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-01-20 19:16 43848 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-03-04 19:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FujiSynapseBridge]
2010-10-22 22:11 243072 ----a-w- c:\program files\Fuji Medical System\Synapse\Workstation\FujiSynapseBridge.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
2010-06-11 03:56 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-18 05:18 136176 ----atw- c:\users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2012-09-12 22:07 4272640 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2008-05-23 19:06 128296 ----a-w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 08:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seagate Dashboard]
2010-04-30 14:47 79112 ----a-w- c:\program files\Seagate\Seagate Dashboard\MemeoLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-08-26 02:37 98304 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-12-30 16:58 1354736 ----a-w- c:\program files\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-01-22 05:28 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synapse URLSearchHook Configuration]
2010-10-22 22:05 3364224 ----a-w- c:\progra~1\FUJIME~1\Synapse\WORKST~1\FujiFldL.dll
.
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [2013-07-03 225280]
R3 DLKRT32;D-Link DGE-530T Gigabit Ethernet Adapter Driver;c:\windows\system32\DRIVERS\DLKRT32.sys [2010-11-24 277536]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-11 30192]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 SynapseUpdateSvc;Synapse Update Manager;c:\program files\Fuji Medical System\Synapse\Workstation\SynapseUpdateManager.exe [2010-10-22 199680]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-20 1343400]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-10-05 65584]
S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-01 169624]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2008-08-19 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-25 176128]
S2 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2012-09-18 134456]
S2 CrashPlanService;CrashPlan Backup Service;c:\program files\CrashPlan\CrashPlanService.exe [2013-04-08 152576]
S2 FlipShareServer;FlipShare Server;c:\program files\Flip Video\FlipShareServer\FlipShareServer.exe [2011-05-06 1085440]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2014-01-23 375120]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2013-05-25 13624]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2008-08-19 27648]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-09-25 101904]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk
*Deregistered* - mfebopk
*Deregistered* - mfehidk
*Deregistered* - MPFP
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 06:20]
.
2014-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 20:05]
.
2014-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 20:05]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001Core.job
- c:\users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-17 05:18]
.
2014-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1001UA.job
- c:\users\Jeff\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-17 05:18]
.
2014-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002Core.job
- c:\users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 02:08]
.
2014-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2291196780-457562327-217995532-1002UA.job
- c:\users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-04 02:08]
.
2014-02-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-10-27 16:39]
.
2014-02-08 c:\windows\Tasks\RtlNICDiagVistaStart.job
- c:\program files\Realtek\RTNICDiag\RTNICDiag.exe [2009-01-28 07:02]
.
2014-02-08 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-10-27 16:40]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe
c:\users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe
MSConfigStartUp-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
MSConfigStartUp-PhotoshopElements8SyncAgent - c:\program files\Adobe\Elements Organizer 8.0\ElementsOrganizerSyncAgent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{0C1EB979-8EC7-46E8-8097-246957D6B94C}]
@DACL=(02 0000)
@="BbClientManager Class"
"AppID"="{4848DD90-EDA2-461F-8FE9-B47A067A5225}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{1434DD3D-0AF6-41E0-BB71-8C86010D9AF5}]
@DACL=(02 0000)
@="DeviceManager Class"
"AppID"="{3943117E-57A9-4ED1-9EAA-2566BA544BFB}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{326787D9-37B9-47A6-B539-EE13E7B04B8B}]
@DACL=(02 0000)
@="PropertiesRIMDeviceManagerStatistics Class"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{47F64EC4-1AD6-4168-9D4C-00F3842F7CFB}]
@DACL=(02 0000)
@="PropertiesDialogs Class"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{4B66DD3F-2E6E-4F7C-B38C-E32608820825}]
@DACL=(02 0000)
@="VSPMgr Class"
"AppID"="{4848DD90-EDA2-461F-8FE9-B47A067A5225}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{53DBCD97-3FDF-4B60-975B-2596B57482EF}]
@DACL=(02 0000)
@="WebSLLauncher Class"
"AppID"="{6326880C-E92B-4AE2-BC06-78DF910A7F7B}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{82D1C283-A637-4A07-B1EC-8C7AE661EAF1}]
@DACL=(02 0000)
@="PropertiesRIMDeviceManagerBBRConfig Class"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{BA3D0120-E617-4F66-ADCA-585CC2FB86DB}]
@DACL=(02 0000)
@="BlackBerry Device Manager"
"AppID"="{4848DD90-EDA2-461F-8FE9-B47A067A5225}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{C8992C14-DF59-4518-808F-CCFBB5850282}]
@DACL=(02 0000)
@="PropertiesRIMDeviceManager Class"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{CAFCE71A-72F0-41AD-A8A4-4F70CDD72381}]
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{D41C1E5B-0566-4BB1-BE72-1A5407349CA6}]
@DACL=(02 0000)
@="VSPConnection Class"
"AppID"="{4848DD90-EDA2-461F-8FE9-B47A067A5225}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{EB59852D-B38E-4A4C-94BA-6731836E5538}]
@DACL=(02 0000)
@="PropertiesRIMDeviceManagerAbout Class"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{EE7F6B66-AC97-41CF-BD88-372DDB786DB6}]
@DACL=(02 0000)
@="EmulatorManager Class"
"AppID"="{4848DD90-EDA2-461F-8FE9-B47A067A5225}"
.
[HKEY_USERS\S-1-5-21-2291196780-457562327-217995532-1002_Classes\CLSID\{F6CF0104-4F4A-4EBE-999D-A12D838E65B5}]
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3056)
c:\program files\MozyHome\mozyshell.dll
c:\program files\Fuji Medical System\Synapse\Workstation\FujiFldL.dll
c:\progra~1\FUJIME~1\Synapse\WORKST~1\FujiFldR.dll
c:\program files\Fuji Medical System\Synapse\Workstation\DBCmds.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Flip Video\FlipShare\FlipShareService.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\RtHDVCpl.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\DllHost.exe
c:\program files\MozyHome\mozybackup.exe
c:\program files\MozyHome\mozybackup.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Completion time: 2014-02-07  23:15:04 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-08 05:15
.
Pre-Run: 35,424,526,336 bytes free
Post-Run: 35,365,679,104 bytes free
.
- - End Of File - - BE6378C34E9BDA8335829B4FDBED3D80
A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites

Log looks OK.....How is it????

----------------------

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

Link to post
Share on other sites

Hi MrC - Here's the log file from the AdwCleaner result.  Looks pretty light to my untrained eye, which seems like good news?

 

# AdwCleaner v3.018 - Report created 08/02/2014 at 11:11:53
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Michelle - WOPR-2
# Running from : C:\Users\Michelle\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found C:\Users\Jeff\AppData\Local\PackageAware
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16750
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2027 octets] - [08/02/2014 11:11:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2087 octets] ##########
Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.