Jump to content

Recommended Posts

Hello and Thank-you,

 

I have tried installing and running Malwarebytes Anti-Malware to clean up a suspected infection.  Nothing found / fixed.  Below are the DDS.txt and Attach.txt per the next-step instructions in the pinned topic.  

 

But briefly before the logs, here are the various symptoms:  

1) System frequently hangs within 1-2 minutes of a reboot, especially if I try to launch any programs, feels like computer is "doing something" to consume resources.  Blank screen, or frozen desktop.  Sometimes cursor moves with mouse, but that's it. 

2) System will almost always hang after 6-12 hours of being up.  I will either return to a frozen desktop (with clock frozen at time many hours ago) or a blank screen.  Sometimes cursor will still work.

3) WiFi connections are flaky, must use ethernet cable to get good network connection (This may actually be hardware starting to fail--but I hope it is solved by a malware cleaning)

4) General slowness, klunkyness, and long (~10, 30, or 60+ second) periods of system non-responsiveness

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16750  BrowserJavaVersion: 10.15.2
Run by rrichey at 22:27:36 on 2014-02-03
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.4056.2155 [GMT -7:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe
C:\Windows\System32\svchost.exe -k yksvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Windows\system32\lxbmcoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\WizMouse\WizMouse.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\RescueTime\RescueTime.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files (x86)\mozybackup.exe
C:\Program Files (x86)\mozybackup.exe
C:\Program Files (x86)\mozystat.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
mWinlogon: Userinit = userinit.exe,
BHO: AutorunsDisabled - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: The Weather Channel Toolbar: {2E5E800E-6AC0-411E-940A-369530A35E43} - C:\Windows\SysWOW64\TwcToolbarIe7.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
mRun: [cwcptray] C:\Program Files (x86)\ContentWatch\Internet Protection\cwtray.exe
mRun: [CWPhoenixApp] C:\Program Files (x86)\ContentWatch\Internet Protection\Updater\Phoenix.exe /r
StartupFolder: C:\Users\rrichey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\rrichey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\CLEARP~1.LNK - C:\Program Files (x86)\ClearPlay\ClearPlay Easy Updates\ClearPlayEasyUpdates.exe
StartupFolder: C:\Users\rrichey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\rrichey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\rrichey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\OPENOF~2.LNK - C:\Program Files (x86)\OpenOffice.org 3.4.1\program\quickstart.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files (x86)\mozystat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RESCUE~1.LNK - C:\Program Files (x86)\RescueTime\RescueTime.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\DATAVI~1.LNK - C:\Program Files (x86)\Common Files\DataViz\DvzIncMsgr.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\HOTSYN~1.LNK - C:\Program Files (x86)\Palm\Hotsync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\MONITO~1.LNK - C:\Program Files (x86)\Apache Group\Apache2\bin\ApacheMonitor.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\QUICKB~1.LNK - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\SNAGIT~1.LNK - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\TRUSTK~1.LNK - C:\Windows\Installer\{9B6790CD-7801-4D87-ABD8-2E495A56D3C1}\Icon9B6790CD.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: C:\Windows\System32\cwalsp.dll
Trusted Zone: hotmail.com
Trusted Zone: intuit.com
Trusted Zone: live.com
Trusted Zone: nsn.com
Trusted Zone: passport.com
Trusted Zone: turbotax.com
Trusted Zone: turbotax.com
TCP: NameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{B5641165-42E1-4471-9281-3B5D13B97658} : DHCPNameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3} : NameServer = 205.171.3.65
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3} : DHCPNameServer = 192.168.0.1 205.171.3.65
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3}\16474777966696 : NameServer = 205.171.3.65
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3}\16474777966696 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3}\1765562796A7F6E60214442563430303C40233142364 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3}\D4E4354716B656 : NameServer = 205.171.3.65
TCP: Interfaces\{BBC194D3-8D82-42D0-88E5-53F8EDDA73C3}\D4E4354716B656 : DHCPNameServer = 68.87.85.102 68.87.85.150
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - C:\Program Files (x86)\Intuit\QuickBooks 2007\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - 
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: AutorunsDisabled - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: intu-help-qb3 - {c5e479ea-0a65-4b05-8c6c-2fc8cc682eb4} - <orphaned>
x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: AutorunsDisabled - <no file>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\rrichey\AppData\Roaming\Mozilla\Firefox\Profiles\bni22znm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - component: C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll
FF - component: C:\Users\rrichey\AppData\Roaming\Mozilla\Firefox\Profiles\bni22znm.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\PROGRA~2\Palm\PACKAG~1\NPInstal.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\rrichey\AppData\Local\Citrix\Plugins\97\npappdetector.dll
FF - plugin: C:\Users\rrichey\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll
FF - plugin: C:\Users\rrichey\AppData\Roaming\Mozilla\Firefox\Profiles\bni22znm.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\rrichey\AppData\Roaming\Mozilla\Firefox\Profiles\bni22znm.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\rrichey\AppData\Roaming\Mozilla\Firefox\Profiles\bni22znm.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-10-16 17:52; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-9-23 55024]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 CwAltaService20;ContentWatch;C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe [2012-6-6 3074624]
R2 lxbm_device;lxbm_device;C:\Windows\System32\lxbmcoms.exe -service --> C:\Windows\System32\lxbmcoms.exe -service [?]
R2 yksvc;Marvell Yukon Service;C:\Windows\System32\svchost.exe -k yksvcs [2009-7-13 27136]
R3 OA013Ufd;Creative Camera OA013 Upper Filter Driver;C:\Windows\System32\drivers\OA013Ufd.sys [2009-3-6 159840]
R3 OA013Vid;Creative Camera OA013 Function Driver;C:\Windows\System32\drivers\OA013Vid.sys [2009-3-9 311456]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2009-9-23 406016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2010-4-14 54824]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-11-3 36392]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2011-4-4 20992]
S3 ReportServer;SQL Server Reporting Services (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2012-6-15 2094520]
S3 SMSIVZAM5X64;SMSIVZAM5X64 NDIS Protocol Driver;C:\PROGRA~2\VERIZO~1\VZACCE~1\SMSIVZAM5X64.SYS [2009-3-20 43032]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-4 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-2-26 1255736]
S4 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-18 169312]
S4 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [2010-9-27 89600]
S4 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2010-7-30 401920]
S4 B-Service;B-Service;C:\Users\rrichey\AppData\Roaming\Mikogo\B-Service.exe [2011-2-11 185640]
S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S4 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
S4 M4-Service;M4-Service;C:\Users\rrichey\AppData\Roaming\Mikogo 4\M4-Service.exe [2012-1-16 1007472]
S4 MELCS;MailEnable List Connector;C:\Program Files (x86)\Mail Enable\Bin\MELSC.exe [2009-10-26 155648]
S4 MEMTAS;MailEnable Mail Transfer Agent;C:\Program Files (x86)\Mail Enable\Bin\MEMTA.exe [2009-10-26 159744]
S4 MEPOCS;MailEnable Postoffice Connector;C:\Program Files (x86)\Mail Enable\Bin\MEPOC.exe [2009-10-26 237628]
S4 MEPOPS;MailEnable POP Service;C:\Program Files (x86)\Mail Enable\Bin\MEPOPS.exe [2009-10-26 192512]
S4 MESMTPCS;MailEnable SMTP Connector;C:\Program Files (x86)\Mail Enable\Bin\MESMTPC.exe [2009-10-26 348160]
S4 MsDtsServer100;SQL Server Integration Services 10.0;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2012-6-15 220088]
S4 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2008-7-10 34840]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2008-7-10 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\System32\drivers\RsFx0103.sys [2009-3-30 311656]
S4 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2011-9-23 539248]
.
=============== File Associations ===============
.
FileExt: .inf: inffile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]
.
=============== Created Last 30 ================
.
2014-02-02 11:25:27 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B977B90D-E1A8-4FC0-ACDF-F0E5EDDB72D0}\offreg.dll
2014-02-01 01:08:03 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B977B90D-E1A8-4FC0-ACDF-F0E5EDDB72D0}\mpengine.dll
2014-01-19 03:15:21 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-19 03:15:20 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-19 03:15:20 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-19 03:15:20 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-19 03:15:20 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-19 03:15:20 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-19 03:15:20 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-19 03:15:19 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-19 03:15:18 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
.
==================== Find3M  ====================
.
2013-12-18 13:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-11 20:14:46 49992 ----a-w- C:\Program Files (x86)\mozyutil.exe
2013-12-11 20:14:44 8947528 ----a-w- C:\Program Files (x86)\mozyconf.exe
2013-12-11 20:14:44 6479688 ----a-w- C:\Program Files (x86)\mozystat.exe
2013-12-11 20:14:44 6469960 ----a-w- C:\Program Files (x86)\mozyshell.dll
2013-12-11 20:14:42 9826120 ----a-w- C:\Program Files (x86)\backup.dll
2013-12-11 20:14:42 1366344 ----a-w- C:\Program Files (x86)\oem.dll
2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-05-21 21:06:16 67808 ----a-w- C:\Program Files (x86)\mozy.sys
2012-07-12 18:37:20 309248 ----a-w- C:\Program Files (x86)\ssleay32.dll
2012-07-12 18:37:20 1503744 ----a-w- C:\Program Files (x86)\libeay32.dll
2012-02-07 17:41:42 2694768 ----a-w- C:\Program Files (x86)\horizon-api.dll
2011-08-04 21:15:30 54040 ----a-w- C:\Program Files (x86)\mozybackup.exe
.
============= FINISH: 22:33:25.65 ===============
 
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate 
Boot Device: \Device\HarddiskVolume3
Install Date: 10/16/2009 6:23:18 PM
System Uptime: 2/3/2014 9:59:06 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0F642T
Processor: Intel® Core2 Duo CPU     T6500  @ 2.10GHz | Microprocessor | 2100/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 209 GiB total, 10.271 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 12 GiB total, 4.854 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP908: 1/19/2014 3:00:11 AM - Windows Update
RP909: 1/26/2014 10:25:03 PM - Windows Update
RP910: 1/29/2014 11:50:40 PM - Windows Update
RP911: 2/1/2014 10:04:21 PM - Restore Operation
RP912: 2/3/2014 10:21:42 PM - Installed MozyHome
.
==== Installed Programs ======================
.
µTorrent
2007 Microsoft Office Suite Service Pack 1 (SP1)
ABBYY FineReader 5.0 Sprint Plus
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX 64-bit
Adobe Photoshop 5.5
Adobe Photoshop Elements 8.0
Adobe Photoshop.com Inspiration Browser
Adobe Premiere Elements 8.0
Adobe Premiere Elements 8.0 Templates
Adobe Reader for Palm OS, 3.05
Adobe Reader XI (11.0.02)
Adobe SVG Viewer 3.0
Advanced Audio FX Engine
AFPL Ghostscript 8.53
AFPL Ghostscript Fonts
Aimersoft DVD Creator(Build 2.6.5)
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Games & Software Downloader
AnswerWorks 5.0 English Runtime
Apache HTTP Server 2.0.55
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Verifier (x64)
ATI Catalyst Install Manager
Bonjour
CamStudio
CamStudio Lossless Codec
CamStudio Lossless Codec v1.4
ClearPlay Easy Updates
ColorPic
Compatibility Pack for the 2007 Office system
Crystal Reports Basic for Visual Studio 2008
Crystal Reports Basic Runtime for Visual Studio 2008 (x64)
D3DX10
Debugging Tools for Windows
Debugging Tools for Windows (x64)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Dock
Dell Edoc Viewer
Dell Support Center (Support Software)
Dell Touchpad
deskPDF 2.5 Professional Edition
Docudesk GPL Ghostscript 8.15
FamilySearch Indexing 3.12.1
FranklinCovey PlanPlus for Microsoft Outlook
FranklinCovey PlanPlus for the Palm OS
Free-Web-Buttons.com
Free Word Excel Password Wizard
GDR 4053 for SQL Server Database Services 2005 ENU (KB970892)
GDR 4053 for SQL Server Tools and Workstation Components 2005 ENU (KB970892)
GDR 4064 for SQL Server 2008 (KB2494089) (64-bit)
GDR 4067 for SQL Server 2008 (KB2716434) (64-bit)
Gemmico FolderInfo 2.25
Getting Things Done Outlook Add-In
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist Corporate
GoToMeeting 5.5.0.1133
Hex Workshop v4.22
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Microsoft Visual Studio 2008 Professional Edition - ENU (KB971092)
HP Officejet 6500 E710n-z Basic Device Software
HP Officejet 6500 E710n-z Help
HP Update
I.R.I.S. OCR
IDT Audio
Integrated Webcam Driver (1.00.04.0310)  
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iSEEK AnswerWorks English Runtime
Java 7 Update 15
Java Auto Updater
Java 6 Update 13 (64-bit)
KINAMU Connector
Lexmark 4200 Series
LG USB Modem driver
Live! Cam Avatar Creator
MailEnable Messaging Services for Windows NT/2000
Marketsplash Shortcuts
Microsoft .NET Compact Framework 2.0 SP2
Microsoft .NET Compact Framework 3.5
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Device Emulator (64 bit) version 3.0 - ENU
Microsoft Document Explorer 2008
Microsoft Office 2003 Primary Interop Assemblies
Microsoft Office 2003 Web Components
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office Visio Professional 2003
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Analysis Services
Microsoft SQL Server 2008 BI Development Studio
Microsoft SQL Server 2008 Books Online (English)
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Client Tools
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Full text search
Microsoft SQL Server 2008 Integration Services
Microsoft SQL Server 2008 Management Objects
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 Reporting Services
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files 
Microsoft SQL Server Compact 3.5 for Devices ENU
Microsoft SQL Server Compact 3.5 SP1 Design Tools English
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Database Publishing Wizard 1.3
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 (x64)
Microsoft Sync Services for ADO.NET v2.0 (x64)
Microsoft Visual C# Step by Step
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Visual Studio 2008 Professional Edition - ENU
Microsoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140)
Microsoft Visual Studio 2008 Remote Debugger - ENU
Microsoft Visual Studio 2008 Remote Debugger - ENU Service Pack 1 (KB945140)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Windows Performance Toolkit
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense
Microsoft Windows SDK for Visual Studio 2008 SP1 Tools
Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools
Microsoft Windows SDK for Windows 7 (7.1)
Microsoft Windows SDK for Windows 7 Common Utilities (30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
Microsoft Windows SDK for Windows 7 Samples (30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
Microsoft Works
Mikogo
Mikogo 4
Move Media Player
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MozyHome
MSDN Library for Visual Studio 2008 - ENU
MSN Entertainment Download Troubleshooter
MSN Music Assistant
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MuseScore 0.9 MuseScore score typesetter
MySQL Server 5.0
Net Nanny Parental Controls
Octoshape add-in for Adobe Flash Player
Office Password Recovery PRO v1.0 (remove only)
OpenOffice.org 3.4.1
OutlookTempCleaner
Palm Desktop by ACCESS
PlanPlus Online Sync
PocketMirror 3.1.6 (Standard Edition)
PowerArchiver
PowerDVD DX
PremiumSoft Navicat 2004
progeCAD 2009 Smart! ENG
QuickBooks
QuickBooks Pro 2010
QuickBooks Product Listing Service
Quicken 2006
Quicken 2009
Quicken 2013
Quickset64
QuickTime
RescueTime 2.2.3
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB982312)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972222)
Security Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB973675)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Service Pack 2 for SQL Server 2008 (KB2285068) (64-bit)
Shutdown Addin v1.16.6
SmartSound Quicktracks for Premiere Elements 8.0
Snagit 11
SpamBayes 1.1a6
Spelling Dictionaries Support For Adobe Reader 9
Sql Server Customer Experience Improvement Program
SQL Server System CLR Types
SupportSoft Assisted Service
TextPad 5
The Weather Channel Desktop 6
The Weather Channel Toolbar
Timez Attack Launcher
tools-freebsd
tools-linux
tools-netware
tools-solaris
tools-windows
tools-winPre2k
TortoiseSVN 1.6.5.16974 (32 bit)
TortoiseSVN 1.6.6.17493 (64 bit)
TurboTax 2009
TurboTax 2009 WinBizFedFormset
TurboTax 2009 WinBizReleaseEngine
TurboTax 2009 WinBizTaxSupport
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2009 wutiper
TurboTax 2010
TurboTax 2010 WinBizFedFormset
TurboTax 2010 WinBizReleaseEngine
TurboTax 2010 WinBizTaxSupport
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2010 wutiper
TurboTax 2011
TurboTax 2011 wcaiper
TurboTax 2011 WinBizFedFormset
TurboTax 2011 WinBizReleaseEngine
TurboTax 2011 WinBizTaxSupport
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax 2011 wutiper
TurboTax 2012
TurboTax 2012 wcaiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
TurboTax 2012 wutiper
TurboTax Business 2009
TurboTax Business 2010
TurboTax Business 2011
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Visual Studio Web Authoring Component (KB945140)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Van Dyke Technologies SecureCRT 3.4
VanDyke Software SecureFX 2.1
VC Runtimes MSI
Video to audio Converter 2.20
Video To WAV Converter 1.00
Visual C++ 2008 IA64 Runtime - (v9.0.30729)
Visual C++ 2008 IA64 Runtime - v9.0.30729.01
Visual C++ 2008 x64 Runtime - (v9.0.30729)
Visual C++ 2008 x64 Runtime - (v9.0.30729.4148)
Visual C++ 2008 x64 Runtime - (v9.0.30729.6161)
Visual C++ 2008 x64 Runtime - KB2465361 - (v9.0.30729.5570)
Visual C++ 2008 x64 Runtime - v9.0.30729.01
Visual C++ 2008 x64 Runtime - v9.0.30729.4148
Visual C++ 2008 x64 Runtime - v9.0.30729.5570
Visual C++ 2008 x64 Runtime - v9.0.30729.6161
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - (v9.0.30729.4148)
Visual C++ 2008 x86 Runtime - (v9.0.30729.6161)
Visual C++ 2008 x86 Runtime - KB2465361 - (v9.0.30729.5570)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Visual C++ 2008 x86 Runtime - v9.0.30729.4148
Visual C++ 2008 x86 Runtime - v9.0.30729.5570
Visual C++ 2008 x86 Runtime - v9.0.30729.6161
Visual Studio .NET Prerequisites - English
Visual Studio 2005 Tools for Office Second Edition Runtime
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)
VMware Workstation
VZAccess Manager
WebEx
WIDCOMM Bluetooth Software 6.1.0.4400
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Diagnostic Tool
Windows Media Encoder 9 Series
Windows Mobile 5.0 SDK R2 for Pocket PC
Windows Mobile 5.0 SDK R2 for Smartphone
Windows Movie Maker 2.6
WinRAR archiver
WinSCP 4.3.7
WizMouse v1.6.0.0
.
==== Event Viewer Messages From Past Week ========
.
2/3/2014 9:44:25 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.
2/3/2014 9:43:36 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/3/2014 7:26:54 PM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:25:52 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:25:49 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/3/2014 7:25:49 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/3/2014 7:25:49 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
2/3/2014 7:25:48 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/3/2014 7:25:39 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/3/2014 7:25:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/3/2014 7:24:54 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache mozyFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 7:24:53 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
2/3/2014 10:02:04 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/2/2014 3:46:41 AM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
2/1/2014 5:50:12 PM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
2/1/2014 5:47:36 PM, Error: Service Control Manager [7022]  - The Windows Search service hung on starting.
2/1/2014 11:00:06 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HomeGroupListener service.
2/1/2014 11:00:06 PM, Error: Service Control Manager [7000]  - The HomeGroup Listener service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/1/2014 10:59:36 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
2/1/2014 10:59:21 PM, Error: Service Control Manager [7031]  - The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/1/2014 10:59:06 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
2/1/2014 10:58:32 PM, Error: Service Control Manager [7022]  - The Server service hung on starting.
2/1/2014 10:58:32 PM, Error: Service Control Manager [7001]  - The HomeGroup Listener service depends on the Server service which failed to start because of the following error:  After starting, the service hung in a start-pending state.
2/1/2014 10:56:42 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  After starting, the service hung in a start-pending state.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

I do not see any malware in those logs, there is however a very worrying entry in the event viewer section:

 

 

2/3/2014 9:44:25 PM, Error: Ntfs [55]  - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

 

Because of that entry it is beneficial to run chkdsk first and see if that issue can be fixed. Go to the following link and follow "Option one" with step 8 settings.

 

http://www.sevenforums.com/tutorials/433-disk-check.html

 

When that completes let me see the log, go here: http://www.sevenforums.com/tutorials/96938-check-disk-chkdsk-read-event-viewer-log.html follow option 2 and post that log...

 

If chkdsk is successful and makes necessary fixes check your system again, see how it responds.... If no change and you still suspect malware/infection run the following:

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin...

Link to post
Share on other sites

Here are the results of the chkdsk.  It did a few things.  The system has actually been behaving itself somewhat better--but it was actually doing pretty much that before I ran chkdsk.  In any case, here is the log.  I'll monitor for a week or so and see how it does before I take any further steps.  

 

 

 

 
 
TimeCreated : 2/7/2014 2:03:23 AM
Message     : 
              
              Checking file system on C:
              The type of the file system is NTFS.
              Volume label is OS.
              
              A disk check has been scheduled.
              Windows will now check the disk.                         
              
              CHKDSK is verifying files (stage 1 of 5)...
                568576 file records processed.                                 
                      
              File verification completed.
                3189 large file records processed.                             
                    
                0 bad file records processed.                                  
                 
                2 EA records processed.                                        
                 
                113 reparse records processed.                                 
                   
              CHKDSK is verifying indexes (stage 2 of 5)...
                706588 index entries processed.                                
                      
              Index verification completed.
                0 unindexed files scanned.                                     
                 
                0 unindexed files recovered.                                   
                 
              CHKDSK is verifying security descriptors (stage 3 of 5)...
                568576 file SDs/SIDs processed.                                
                      
              Cleaning up 209 unused index entries from index $SII of file 0x9.
              Cleaning up 209 unused index entries from index $SDH of file 0x9.
              Cleaning up 209 unused security descriptors.
              Security descriptor verification completed.
                69007 data files processed.                                    
                     
              CHKDSK is verifying Usn Journal...
                35970344 USN bytes processed.                                  
                        
              Usn Journal verification completed.
              CHKDSK is verifying file data (stage 4 of 5)...
                568560 files processed.                                        
                      
              File data verification completed.
              CHKDSK is verifying free space (stage 5 of 5)...
                2925235 free clusters processed.                               
                       
              Free space verification is complete.
              Windows has checked the file system and found no problems.
              
               219544759 KB total disk space.
               206865380 KB in 491305 files.
                  297596 KB in 69008 indexes.
                       0 KB in bad sectors.
                  680839 KB in use by the system.
                   65536 KB occupied by the log file.
                11700944 KB available on disk.
              
                    4096 bytes in each allocation unit.
                54886189 total allocation units on disk.
                 2925236 allocation units available on disk.
              
              Internal Info:
              00 ad 08 00 c4 8c 08 00 c6 2d 0e 00 00 00 00 00  .........-......
              07 2b 00 00 71 00 00 00 00 00 00 00 00 00 00 00  .+..q...........
              00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
              
              Windows has finished checking your disk.
              Please wait while your computer restarts.
              
 
TimeCreated : 5/24/2013 12:41:42 AM
Message     : 
              
              Checking file system on C:
              The type of the file system is NTFS.
              Volume label is OS.
              
              
              One of your disks needs to be checked for consistency. You
              may cancel the disk check, but it is strongly recommended
              that you continue.
              Windows will now check the disk.                         
              
              CHKDSK is verifying files (stage 1 of 3)...
                567296 file records processed.                                 
                      
              File verification completed.
                2515 large file records processed.                             
                    
                0 bad file records processed.                                  
                 
                2 EA records processed.                                        
                 
                113 reparse records processed.                                 
                   
              CHKDSK is verifying indexes (stage 2 of 3)...
                702584 index entries processed.                                
                      
              Index verification completed.
                0 unindexed files scanned.                                     
                 
                0 unindexed files recovered.                                   
                 
              CHKDSK is verifying security descriptors (stage 3 of 3)...
              Inserting an index entry with Id 5683 into index $SDH of file 9.
              Repairing the security file record segment.
                567296 file SDs/SIDs processed.                                
                      
              Cleaning up 77 unused index entries from index $SII of file 9.
              Cleaning up 77 unused index entries from index $SDH of file 9.
              Cleaning up 77 unused security descriptors.
              Security descriptor verification completed.
                67645 data files processed.                                    
                     
              CHKDSK is verifying Usn Journal...
                37229560 USN bytes processed.                                  
                        
              Usn Journal verification completed.
              Windows has made corrections to the file system.
              
               219544759 KB total disk space.
               182707724 KB in 491508 files.
                  293564 KB in 67646 indexes.
                       0 KB in bad sectors.
                  680135 KB in use by the system.
                   65536 KB occupied by the log file.
                35863336 KB available on disk.
              
                    4096 bytes in each allocation unit.
                54886189 total allocation units on disk.
                 8965834 allocation units available on disk.
              
              Internal Info:
              00 a8 08 00 3d 88 08 00 c1 28 0e 00 00 00 00 00  ....=....(......
              da 2a 00 00 71 00 00 00 00 00 00 00 00 00 00 00  .*..q...........
              00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
              
              Windows has finished checking your disk.
              Please wait while your computer restarts.
              
 
TimeCreated : 4/12/2013 5:18:40 PM
Message     : 
              
              Checking file system on C:
              The type of the file system is NTFS.
              Volume label is OS.
              
              
              One of your disks needs to be checked for consistency. You
              may cancel the disk check, but it is strongly recommended
              that you continue.
              Windows will now check the disk.                         
              
              CHKDSK is verifying files (stage 1 of 3)...
                567296 file records processed.                                 
                      
              File verification completed.
                2351 large file records processed.                             
                    
                0 bad file records processed.                                  
                 
                2 EA records processed.                                        
                 
                113 reparse records processed.                                 
                   
              CHKDSK is verifying indexes (stage 2 of 3)...
                702212 index entries processed.                                
                      
              Index verification completed.
              CHKDSK is scanning unindexed files for reconnect to their origina
              l directory.
              Recovering orphaned file FACEBO~1.HTM (4175) into directory file 
              481525.
              Recovering orphaned file facebook_com[1].htm (4175) into director
              y file 481525.
              Recovering orphaned file 276449~1.PNG (4266) into directory file 
              481520.
              Recovering orphaned file 276449379149296_367648155[1].png (4266) 
              into directory file 481520.
              Recovering orphaned file Z15ZZH~1.CSS (4275) into directory file 
              481522.
              Recovering orphaned file z15ZzhgIj4W[1].css (4275) into directory
               file 481522.
              Recovering orphaned file GSNJNW~1.GIF (4278) into directory file 
              481525.
              Recovering orphaned file GsNJNwuI-UM[1].gif (4278) into directory
               file 481525.
              Recovering orphaned file U8IA3K~1.CSS (4304) into directory file 
              481520.
              Recovering orphaned file u8iA3kXb8Y1[1].css (4304) into directory
               file 481520.
              Recovering orphaned file -PAXP-~1.GIF (4307) into directory file 
              481520.
              Recovering orphaned file -PAXP-deijE[1].gif (4307) into directory
               file 481520.
              Recovering orphaned file 276449~1.PNG (4309) into directory file 
              481522.
              Recovering orphaned file 276449379149296_1538611903[1].png (4309)
               into directory file 481522.
              Recovering orphaned file HVOQW7~1.CSS (4321) into directory file 
              481525.
              Recovering orphaned file hVOQw7IOizy[1].css (4321) into directory
               file 481525.
              Recovering orphaned file CAGXGH~1.CSS (4377) into directory file 
              481522.
              Recovering orphaned file cagxGHfLSIA[1].css (4377) into directory
               file 481522.
                10 unindexed files scanned.                                    
                  
              Recovering orphaned file SAFE_I~1.PNG (4393) into directory file 
              481525.
              Recovering orphaned file safe_image[1].png (4393) into directory 
              file 481525.
                0 unindexed files recovered.                                   
                 
              CHKDSK is verifying security descriptors (stage 3 of 3)...
                567296 file SDs/SIDs processed.                                
                      
              Cleaning up 568 unused index entries from index $SII of file 0x9.
              Cleaning up 568 unused index entries from index $SDH of file 0x9.
              Cleaning up 568 unused security descriptors.
              Security descriptor verification completed.
                67459 data files processed.                                    
                     
              CHKDSK is verifying Usn Journal...
                35365128 USN bytes processed.                                  
                        
              Usn Journal verification completed.
              CHKDSK discovered free space marked as allocated in the volume bi
              tmap.
              Windows has made corrections to the file system.
              
               219544759 KB total disk space.
               177675276 KB in 464495 files.
                  287176 KB in 67460 indexes.
                       0 KB in bad sectors.
                  678319 KB in use by the system.
                   65536 KB occupied by the log file.
                40903988 KB available on disk.
              
                    4096 bytes in each allocation unit.
                54886189 total allocation units on disk.
                10225997 allocation units available on disk.
              
              Internal Info:
              00 a8 08 00 fe 1d 08 00 0e 90 0d 00 00 00 00 00  ................
              b1 2a 00 00 71 00 00 00 00 00 00 00 00 00 00 00  .*..q...........
              00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
              
              Windows has finished checking your disk.
              Please wait while your computer restarts.
Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.