[Inactive-A] HELP! - Page 3
Page 3 of 5 FirstFirst 12345 LastLast
Results 31 to 45 of 62

Thread: [Inactive-A] HELP!

  1. #31
    Join Date
    Jul 2003
    Posts
    130
    Broni
    I MUST DL to f drive *first* and then YES, I did save it to a desktop folder.
    If I try to DL and save to Desktop it claims it has a virus and will NOT allow me, so I DL to f drive from another PC first. Then I put all on my desktop.

    I will carefully re read your instructions, but one thing I know for sure- 'it' does not allow me to DL your fixlist file and save to my desktop.
    Thanks for your continued patience.
    Share on Google+

  2. #32
    Join Date
    Jul 2003
    Posts
    130
    Download attached fixlist.txt file and save it to the Desktop.


    Reading this verbatim...cannot be done. Get message saying fixlist contained a virus and was deleted.
    Share on Google+

  3. #33
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    Let's go back to recovery mode...

    For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
    For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:

    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.



    To enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.



    On the System Recovery Options menu you will get the following options:


    • Startup Repair
    • System Restore
    • Windows Complete PC Restore
    • Windows Memory Diagnostic Tool
    • Command Prompt



    • Select Command Prompt
    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
      Note: Replace letter e with the drive letter of your flash drive.
    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
    Share on Google+

  4. #34
    Join Date
    Jul 2003
    Posts
    130

    OK

    [QUOTE=Broni;1433619]Let's go back to recovery mode...

    Will do, Broni

    Many Thanks
    Share on Google+

  5. #35
    Join Date
    Jul 2003
    Posts
    130

    Here is the new log

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2013
    Ran by SYSTEM on 24-07-2013 20:28:31
    Running from H:\
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()
    HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-03-03] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [3478752 2012-12-18] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
    HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
    HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
    HKU\laurelhome\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
    HKU\laurelhome\...\Run: [Logitech Vid] - "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode [6129496 2011-01-12] (Logitech Inc.)
    HKU\laurelhome\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()

    ==================== Services (Whitelisted) =================

    S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
    S2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
    S2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
    S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
    S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()

    ==================== Drivers (Whitelisted) ====================

    S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
    S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
    S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
    S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
    S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-02-03] (Symantec Corporation)
    S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
    S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
    S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
    S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
    S0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
    S0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
    S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-01-07] (Symantec Corporation)
    S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
    S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-07-24 03:06 - 2013-07-24 15:48 - 00000000 ____D C:\Users\laurelhome\Desktop\fixlist
    2013-07-21 16:10 - 2013-07-21 16:10 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
    2013-07-21 05:13 - 2013-07-21 05:13 - 00000000 ____D C:\FRST
    2013-07-20 05:29 - 2013-07-20 05:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
    2013-07-18 02:32 - 2013-07-18 15:49 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
    2013-07-14 04:41 - 2013-07-14 04:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
    2013-07-10 23:08 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-10 23:08 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-10 23:08 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-10 23:08 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-07-10 23:08 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-07-10 23:08 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
    2013-07-10 23:08 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-07-10 23:08 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
    2013-07-10 23:08 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-10 23:08 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
    2013-07-10 23:08 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-07-10 23:08 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-10 14:36 - 2013-07-10 14:36 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
    2013-07-10 14:33 - 2013-07-20 03:06 - 00000000 ____D C:\Users\laurelhome\Desktop\library
    2013-07-10 03:27 - 2013-06-04 19:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
    2013-07-10 03:27 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
    2013-07-10 03:27 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2013-07-10 03:27 - 2013-05-05 22:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
    2013-07-10 03:27 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-07-10 03:27 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-07-10 03:27 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
    2013-07-07 13:41 - 2013-07-07 13:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
    2013-07-06 09:27 - 2013-07-06 09:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
    2013-07-05 02:55 - 2013-07-05 02:56 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
    2013-07-04 04:02 - 2013-07-04 04:02 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
    2013-07-01 03:16 - 2013-07-01 03:32 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
    2013-06-30 15:34 - 2013-06-30 15:34 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
    2013-06-25 09:54 - 2013-06-25 09:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
    2013-06-25 09:41 - 2013-06-25 09:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
    2013-06-25 09:26 - 2013-07-24 13:42 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
    2013-06-25 08:59 - 2013-06-25 08:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
    2013-06-25 08:57 - 2013-06-25 08:57 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
    2013-06-25 08:33 - 2013-07-21 16:11 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi

    ==================== One Month Modified Files and Folders =======

    2013-07-24 16:26 - 2012-01-07 14:08 - 00196608 _____ C:\Windows\System32\Ikeext.etl
    2013-07-24 16:26 - 2009-07-06 23:39 - 01748447 _____ C:\Windows\WindowsUpdate.log
    2013-07-24 16:17 - 2012-05-03 05:47 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Skype
    2013-07-24 15:49 - 2013-04-02 16:06 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-24 15:48 - 2013-07-24 03:06 - 00000000 ____D C:\Users\laurelhome\Desktop\fixlist
    2013-07-24 15:43 - 2012-09-02 15:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-24 15:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
    2013-07-24 14:05 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-24 14:05 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-24 14:02 - 2009-07-13 21:13 - 00727310 _____ C:\Windows\System32\PerfStringBackup.INI
    2013-07-24 13:57 - 2013-04-02 16:06 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-24 13:57 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-24 13:57 - 2009-07-13 20:51 - 00040499 _____ C:\Windows\setupact.log
    2013-07-24 13:57 - 2009-07-06 23:38 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-07-24 13:42 - 2013-06-25 09:26 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
    2013-07-21 17:45 - 2012-01-07 13:02 - 00000000 __SHD C:\Recovery
    2013-07-21 16:11 - 2013-06-25 08:33 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi
    2013-07-21 16:10 - 2013-07-21 16:10 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
    2013-07-21 13:35 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
    2013-07-21 05:13 - 2013-07-21 05:13 - 00000000 ____D C:\FRST
    2013-07-20 05:31 - 2013-04-20 08:48 - 00000000 __HDC C:\Users\laurelhome\AppData\Local\~0
    2013-07-20 05:29 - 2013-07-20 05:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
    2013-07-20 03:06 - 2013-07-10 14:33 - 00000000 ____D C:\Users\laurelhome\Desktop\library
    2013-07-18 17:44 - 2013-04-02 16:06 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-07-18 17:44 - 2013-04-02 16:06 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-07-18 17:44 - 2012-01-07 13:02 - 00000000 ____D C:\users\laurelhome
    2013-07-18 15:51 - 2012-11-08 15:03 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-07-18 15:51 - 2011-03-31 01:13 - 00000000 ____D C:\ProgramData\Skype
    2013-07-18 15:49 - 2013-07-18 02:32 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
    2013-07-18 15:49 - 2011-03-31 01:24 - 00000000 ____D C:\ProgramData\Norton
    2013-07-18 15:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
    2013-07-18 15:47 - 2012-01-07 15:09 - 00000000 __RHD C:\MSOCache
    2013-07-17 15:24 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp
    2013-07-14 04:53 - 2012-08-19 12:24 - 00000000 ____D C:\Users\laurelhome\Desktop\jwlry
    2013-07-14 04:43 - 2013-06-17 15:37 - 00000000 ____D C:\Users\laurelhome\Desktop\H.POTTER
    2013-07-14 04:41 - 2013-07-14 04:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
    2013-07-12 11:34 - 2012-01-08 14:39 - 00000000 ____D C:\Users\laurelhome\AppData\Local\CrashDumps
    2013-07-11 13:38 - 2012-10-17 13:58 - 00000000 ____D C:\Users\laurelhome\Desktop\recipes
    2013-07-10 23:35 - 2009-07-13 20:45 - 00416200 _____ C:\Windows\System32\FNTCACHE.DAT
    2013-07-10 23:34 - 2013-03-13 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-07-10 23:34 - 2013-03-13 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-07-10 23:33 - 2010-11-20 23:17 - 00000000 ____D C:\Program Files\Windows Journal
    2013-07-10 23:10 - 2012-01-18 14:29 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-07-10 23:09 - 2012-08-25 03:10 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-07-10 14:36 - 2013-07-10 14:36 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
    2013-07-07 13:41 - 2013-07-07 13:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
    2013-07-06 09:27 - 2013-07-06 09:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
    2013-07-06 07:14 - 2012-01-07 13:13 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\SoftGrid Client
    2013-07-05 17:29 - 2013-04-16 18:59 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2013
    2013-07-05 17:28 - 2012-01-14 19:53 - 00000000 ____D C:\Users\laurelhome\Desktop\gipics january 2012
    2013-07-05 17:27 - 2012-11-06 13:45 - 00000000 ____D C:\Users\laurelhome\Desktop\coaster
    2013-07-05 17:25 - 2012-09-05 01:57 - 00000000 ____D C:\Users\laurelhome\Desktop\favs
    2013-07-05 17:24 - 2012-09-03 18:19 - 00000000 ____D C:\Users\laurelhome\Desktop\gpics
    2013-07-05 02:56 - 2013-07-05 02:55 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
    2013-07-04 05:52 - 2012-10-28 14:32 - 00000000 ____D C:\Users\laurelhome\Desktop\halloween2012
    2013-07-04 04:02 - 2013-07-04 04:02 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 105 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 104 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 103 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 096 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 095 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 055 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 053 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 052 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 051 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001696 _____ C:\Users\laurelhome\Desktop\lake george 117 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001691 _____ C:\Users\laurelhome\Desktop\lake george 101 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001687 _____ C:\Users\laurelhome\Desktop\lake george 091 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001686 _____ C:\Users\laurelhome\Desktop\lake george 054 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001671 _____ C:\Users\laurelhome\Desktop\lake george 100 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 093 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 092 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 090 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 089 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 088 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 087 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 086 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 081 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 079 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 078 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 077 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 076 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 072 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 070 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 067 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 066 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 065 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 064 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 063 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 062 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 061 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 060 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 059 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 058 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 057 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001666 _____ C:\Users\laurelhome\Desktop\lake george 116 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 111 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 102 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001651 _____ C:\Users\laurelhome\Desktop\lake george 068 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 080 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 073 - Shortcut.lnk
    2013-07-04 04:00 - 2012-08-19 11:45 - 00001595 _____ C:\Users\laurelhome\Desktop\lake george 069 - Shortcut.lnk
    2013-07-04 04:00 - 2012-04-06 15:43 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2012
    2013-07-04 03:57 - 2012-02-26 07:13 - 00000000 ____D C:\Users\laurelhome\Desktop\giannafeb2012
    2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 050 - Shortcut.lnk
    2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 049 - Shortcut.lnk
    2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 048 - Shortcut.lnk
    2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 047 - Shortcut.lnk
    2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 046 - Shortcut.lnk
    2013-07-03 13:31 - 2012-07-29 14:47 - 00000000 ____D C:\Users\laurelhome\Desktop\gbday
    2013-07-03 13:30 - 2012-07-26 18:09 - 00000000 ____D C:\Users\laurelhome\Desktop\cuban pete
    2013-07-03 13:29 - 2012-11-25 04:57 - 00000000 ____D C:\Users\laurelhome\Desktop\NOVDEC2012
    2013-07-03 13:26 - 2012-08-19 11:42 - 00000000 ____D C:\Users\laurelhome\Desktop\lake george pics2012
    2013-07-01 03:32 - 2013-07-01 03:16 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
    2013-07-01 03:30 - 2012-12-02 05:40 - 00000000 ____D C:\Users\laurelhome\Desktop\Le
    2013-07-01 03:16 - 2012-08-05 03:48 - 00000000 ____D C:\Users\laurelhome\Desktop\hoedown
    2013-06-30 15:34 - 2013-06-30 15:34 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
    2013-06-25 09:54 - 2013-06-25 09:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
    2013-06-25 09:41 - 2013-06-25 09:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
    2013-06-25 09:26 - 2012-01-14 19:55 - 00000000 ____D C:\Users\laurelhome\AppData\Local\Windows Live
    2013-06-25 08:59 - 2013-06-25 08:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
    2013-06-25 08:57 - 2013-06-25 08:57 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}

    ==================== Known DLLs (Whitelisted) ================


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: "%1" %* => OK

    ==================== Restore Points =========================

    Restore point made on: 2013-06-21 17:16:39
    Restore point made on: 2013-06-28 12:36:29
    Restore point made on: 2013-07-02 11:35:42
    Restore point made on: 2013-07-10 23:00:41
    Restore point made on: 2013-07-11 23:01:06
    Restore point made on: 2013-07-18 15:13:01
    Restore point made on: 2013-07-18 15:45:51
    Restore point made on: 2013-07-18 23:00:45
    Restore point made on: 2013-07-20 05:33:32
    Restore point made on: 2013-07-20 05:34:14
    Restore point made on: 2013-07-21 13:41:39
    Restore point made on: 2013-07-21 13:42:05
    Restore point made on: 2013-07-21 13:42:11
    Restore point made on: 2013-07-21 13:42:31
    Restore point made on: 2013-07-22 02:36:15

    ==================== Memory info ===========================

    Percentage of memory in use: 22%
    Total physical RAM: 2815.37 MB
    Available physical RAM: 2168.33 MB
    Total Pagefile: 2813.57 MB
    Available Pagefile: 2152.98 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.86 MB

    ==================== Drives ================================

    Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:852.44 GB) NTFS (Disk=0 Partition=3)
    Drive e: (PQSERVICE) (Fixed) (Total:19.53 GB) (Free:8.54 GB) NTFS (Disk=0 Partition=1)
    Drive h: (OPTIMA PRO) (Removable) (Total:1.92 GB) (Free:0.35 GB) FAT (Disk=2 Partition=1)
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: 35D5C1F3)
    Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=912 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 2 GB) (Disk ID: 814DAD2E)
    Partition 1: (Not Active) - (Size=2 GB) - (Type=06)


    LastRegBack: 2013-07-21 13:27

    ==================== End Of Log ============================
    Share on Google+

  6. #36
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    OK. You're doing something wrong.

    Reboot back to your desktop.

    Look at your reply #24...
    The log says:

    Running from F:\
    [...]
    Boot Mode: Normal
    If you keep FRST on USB drive and you run it from there it's fine with me.
    But then...

    In my reply #27 I attached "fixlist".

    You can download it on another computer and put it on the very same USB flash drive.
    Then while still booted to your Desktop run FRST (from USB flash drive) and click on "Fix" button.

    Instead you boot to recovery option and you run the tool from there (your reply #29):

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-07-2013
    Ran by SYSTEM at 2013-07-24 17:47:48 Run:2
    Running from H:\
    Boot Mode: Recovery
    You have to run my fix from normal boot not from recovery.

    Please retry or ask any question if something is not clear.
    Share on Google+

  7. #37
    Join Date
    Jul 2003
    Posts
    130

    still tryin!

    [QUOTE=Broni;1433627]OK. You're doing something wrong.
    Yep

    I pretty much figured that much out .

    OK, so now I am going back to other PC and will put the fixlist on the f drive.

    I will then run the scan from the normal mode...both from the f drive I guess.

    If this is wrong, pls tell me.

    THX!:
    Share on Google+

  8. #38
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    You already ran scan from normal mode.
    All you need to do is to have FRST and "fixlist" on the very same USB drive.

    Plug that USB into bad computer start it in normal mode.
    Run FRST (located on USB) and click "Fix" button.
    Share on Google+

  9. #39
    Join Date
    Jul 2003
    Posts
    130
    OK, knocking on wood here. I believe it is fixed! I just tested by (again) trying to DL fixlist (AFTER following your steps) and MY pc let me !!!

    YAAAAAAAY! How does a person thank you for all this ?
    Patience of a saint !
    Thank you SO much!
    Share on Google+

  10. #40
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    Good news

    BUT....we just started...

    Please complete all steps listed here: http://discussions.virtualdr.com/sho...d-4-28-2013%29
    Share on Google+

  11. #41
    Join Date
    Jul 2003
    Posts
    130

    Scans done.....



    Thank you again !!!!!!! Norton updated / Constant Guard. Finally makes appearance.
    LOGS:
    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.07.25.02

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16635
    laurelhome :: LAURELHOME-PC [administrator]

    Protection: Enabled

    7/25/2013 6:40:48 AM
    mbam-log-2013-07-25 (06-40-48).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 256705
    Time elapsed: 6 minute(s), 3 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 1/7/2012 4:02:51 PM
    System Uptime: 7/25/2013 5:43:22 AM (1 hours ago)
    .
    Motherboard: eMachines | | EL1358G
    Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 912 GiB total, 852.855 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP158: 6/21/2013 9:16:24 PM - Windows Update
    RP159: 6/28/2013 4:36:14 PM - Windows Update
    RP160: 7/2/2013 3:35:28 PM - Windows Update
    RP161: 7/11/2013 3:00:27 AM - Windows Update
    RP162: 7/12/2013 3:00:42 AM - Windows Update
    RP163: 7/18/2013 7:12:45 PM - Removed Microsoft Silverlight
    RP164: 7/18/2013 7:45:19 PM - Restore Operation
    RP165: 7/19/2013 3:00:28 AM - Windows Update
    RP166: 7/20/2013 9:33:15 AM - Removed Google Drive
    RP167: 7/20/2013 9:33:56 AM - Removed Microsoft Silverlight
    RP168: 7/22/2013 6:36:01 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe Acrobat XI Pro
    Adobe AIR
    Adobe Download Assistant
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.3 MUI
    Agatha Christie - 4:50 from Paddington
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    Ask Toolbar Updater
    Avery Template
    Avery Template - U_0088_01_P
    Bejeweled 2 Deluxe
    Bing Bar
    Bonjour
    Browser Manager
    Build-a-lot 2
    CameraHelperMsi
    Chuzzle Deluxe
    Coupon Printer for Windows
    Create and Print Plugin 4.0.8045
    D3DX10
    Diner Dash 2 Restaurant Rescue
    Dora's World Adventure
    eBay Worldwide
    eMachines Games
    eMachines Recovery Management
    eMachines Registration
    eMachines ScreenSaver
    eMachines Updater
    erLT
    Final Drive: Nitro
    Galerie de photos Windows Live
    Google Drive
    Google Update Helper
    Hotkey Utility
    Identity Card
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 33
    Jewel Quest Heritage
    Junk Mail filter update
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 1.75.0.1300
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft PowerPoint Viewer
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery P.I. - Stolen in San Francisco
    Namco All-Stars: PAC-MAN
    Nero Control Center 10
    Nero ControlCenter 10 Help (CHM)
    Nero Core Components 10
    Nero DiscSpeed 10
    Nero DiscSpeed 10 Help (CHM)
    Nero Express 10
    Nero Express 10 Help (CHM)
    Nero Multimedia Suite 10 Essentials
    Nero StartSmart 10
    Nero StartSmart 10 Help (CHM)
    Nero Update
    NOOK for PC
    Norton Online Backup
    Norton Security Suite
    NVIDIA Control Panel 307.83
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIA ForceWare Network Access Manager
    NVIDIA Graphics Driver 307.83
    NVIDIA Install Application
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.10.8
    NVIDIA Update Components
    Penguins!
    Plants vs. Zombies - Game of the Year
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    QuickTime
    Realtek High Definition Audio Driver
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Skype Click to Call
    Skype™ 6.3
    Times Reader
    Torchlight
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update Installer for WildTangent Games App
    Virtual Villagers 4 - The Tree of Life
    Welcome Center
    WildTangent Games App (eMachines Games)
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Zuma's Revenge
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/24/2013 8:33:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
    7/24/2013 5:35:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    7/24/2013 10:24:00 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
    7/21/2013 9:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user laurelhome-PC\laurelhome SID (S-1-5-21-2943752849-2961130617-1043429671-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    7/21/2013 7:46:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
    7/19/2013 7:49:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
    7/18/2013 7:42:28 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
    7/18/2013 7:42:28 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not start due to a logon failure.
    Share on Google+

  12. #42
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    I still need DDS.txt log.
    Share on Google+

  13. #43
    Join Date
    Jul 2003
    Posts
    130

    oops...sorry

    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 10.0.9200.16635
    Run by laurelhome at 6:52:20 on 2013-07-25
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1044 [GMT -4:00]
    .
    AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
    FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
    C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
    C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\70512b0b\20.1.0.24\InstStub.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
    C:\Windows\System32\StikyNot.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
    C:\Windows\SysWOW64\schtasks.exe
    C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe
    C:\Program Files (x86)\Nero\Update\NASvc.exe
    C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
    C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
    C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe
    C:\Windows\system32\wuauclt.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\splwow64.exe
    C:\Windows\system32\PrintIsolationHost.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.comcast.net/
    uDefault_Page_URL = hxxp://emachines.msn.com
    mWinlogon: Userinit = userinit.exe
    BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\CoIEPlg.dll
    BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\IPS\IPSBHO.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
    TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
    TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\CoIEPlg.dll
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
    uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
    mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
    mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
    DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
    TCP: NameServer = 75.75.75.75 75.75.76.76
    TCP: Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0} : DHCPNameServer = 75.75.75.75 75.75.76.76
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    SSODL: WebCheck - <orphaned>
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
    x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1401000.018\SymDS64.sys [2013-7-24 493216]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1401000.018\SymEFA64.sys [2013-7-24 1132192]
    R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-15 1393240]
    R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1401000.018\ccSetx64.sys [2013-7-24 168096]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130724.001\IDSviA64.sys [2013-7-24 513184]
    R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1401000.018\Ironx64.sys [2013-7-24 224416]
    R1 SYMNETS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1401000.018\symnets.sys [2013-7-24 432800]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
    R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-1-8 23584]
    R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-3-31 244624]
    R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-25 418376]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-25 701512]
    R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe [2013-7-24 143928]
    R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
    R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
    R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-7-12 3289472]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-26 378984]
    R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
    R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
    R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
    R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-25 25928]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
    S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-9 1255736]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2013-07-25 10:39:21 -------- d-----w- C:\Users\laurelhome\AppData\Roaming\Malwarebytes
    2013-07-25 10:39:12 -------- d-----w- C:\ProgramData\Malwarebytes
    2013-07-25 10:39:11 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2013-07-25 10:39:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2013-07-25 10:38:45 -------- d-----w- C:\Users\laurelhome\AppData\Local\Programs
    2013-07-25 02:25:41 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
    2013-07-25 02:25:41 -------- d-----w- C:\Program Files\Symantec
    2013-07-25 02:25:41 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
    2013-07-25 02:24:38 776352 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\srtsp64.sys
    2013-07-25 02:24:38 493216 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymDS64.sys
    2013-07-25 02:24:38 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\symnets.sys
    2013-07-25 02:24:38 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\srtspx64.sys
    2013-07-25 02:24:38 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymELAM.sys
    2013-07-25 02:24:38 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\Ironx64.sys
    2013-07-25 02:24:38 168096 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\ccSetx64.sys
    2013-07-25 02:24:38 1132192 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymEFA64.sys
    2013-07-25 02:24:21 -------- d-----w- C:\Windows\System32\drivers\N360x64\1401000.018
    2013-07-25 02:24:21 -------- d-----w- C:\Windows\System32\drivers\N360x64
    2013-07-25 02:24:20 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
    2013-07-25 02:22:12 -------- d-----w- C:\ProgramData\PCSettings
    2013-07-22 00:10:35 -------- d-----w- C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
    2013-07-21 13:13:54 -------- d-----w- C:\FRST
    2013-07-20 13:29:48 -------- d-----w- C:\Users\laurelhome\AppData\Roaming\Tific
    2013-07-18 10:32:46 -------- d-----w- C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
    2013-07-14 12:41:07 -------- d-----w- C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
    2013-07-10 22:36:31 -------- d-----w- C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
    2013-07-10 11:27:29 624128 ----a-w- C:\Windows\System32\qedit.dll
    2013-07-10 11:27:29 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2013-07-10 11:27:28 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
    2013-07-10 11:27:27 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
    2013-07-10 11:27:15 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2013-07-10 11:27:15 3153920 ----a-w- C:\Windows\System32\win32k.sys
    2013-07-10 11:27:15 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
    2013-07-10 11:27:15 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
    2013-07-10 11:27:15 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
    2013-07-10 11:27:15 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
    2013-07-10 11:27:11 1643520 ----a-w- C:\Windows\System32\DWrite.dll
    2013-07-10 11:27:11 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
    2013-07-07 21:41:32 -------- d-----w- C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
    2013-07-05 10:55:52 -------- d-----w- C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
    2013-07-04 12:02:29 -------- d-----w- C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
    2013-07-02 19:36:06 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C42BDDC4-111A-4C28-8DB4-71D2D1332A14}\mpengine.dll
    2013-06-30 23:34:37 -------- d-----w- C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
    2013-06-25 16:57:29 -------- d-----w- C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
    .
    ==================== Find3M ====================
    .
    2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
    2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
    2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
    2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
    2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
    2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
    2013-06-11 21:43:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-06-11 21:43:14 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2013-05-28 13:05:16 163328 ----a-w- C:\Windows\SysWow64\FlashPlayerUpdateService.exe
    2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
    2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
    2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
    2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
    2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
    2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
    2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
    2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
    2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
    2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
    2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
    2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
    2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
    .
    ============= FINISH: 6:53:14.03 ===============

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 1/7/2012 4:02:51 PM
    System Uptime: 7/25/2013 5:43:22 AM (1 hours ago)
    .
    Motherboard: eMachines | | EL1358G
    Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 912 GiB total, 852.855 GiB free.
    D: is CDROM ()
    E: is Removable
    F: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP158: 6/21/2013 9:16:24 PM - Windows Update
    RP159: 6/28/2013 4:36:14 PM - Windows Update
    RP160: 7/2/2013 3:35:28 PM - Windows Update
    RP161: 7/11/2013 3:00:27 AM - Windows Update
    RP162: 7/12/2013 3:00:42 AM - Windows Update
    RP163: 7/18/2013 7:12:45 PM - Removed Microsoft Silverlight
    RP164: 7/18/2013 7:45:19 PM - Restore Operation
    RP165: 7/19/2013 3:00:28 AM - Windows Update
    RP166: 7/20/2013 9:33:15 AM - Removed Google Drive
    RP167: 7/20/2013 9:33:56 AM - Removed Microsoft Silverlight
    RP168: 7/22/2013 6:36:01 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe Acrobat XI Pro
    Adobe AIR
    Adobe Download Assistant
    Adobe Flash Player 11 ActiveX
    Adobe Reader 9.5.3 MUI
    Agatha Christie - 4:50 from Paddington
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    Ask Toolbar Updater
    Avery Template
    Avery Template - U_0088_01_P
    Bejeweled 2 Deluxe
    Bing Bar
    Bonjour
    Browser Manager
    Build-a-lot 2
    CameraHelperMsi
    Chuzzle Deluxe
    Coupon Printer for Windows
    Create and Print Plugin 4.0.8045
    D3DX10
    Diner Dash 2 Restaurant Rescue
    Dora's World Adventure
    eBay Worldwide
    eMachines Games
    eMachines Recovery Management
    eMachines Registration
    eMachines ScreenSaver
    eMachines Updater
    erLT
    Final Drive: Nitro
    Galerie de photos Windows Live
    Google Drive
    Google Update Helper
    Hotkey Utility
    Identity Card
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 33
    Jewel Quest Heritage
    Junk Mail filter update
    Logitech Vid HD
    Logitech Webcam Software
    LWS Facebook
    LWS Gallery
    LWS Help_main
    LWS Launcher
    LWS Motion Detection
    LWS Pictures And Video
    LWS Twitter
    LWS Video Mask Maker
    LWS VideoEffects
    LWS Webcam Software
    LWS WLM Plugin
    LWS YouTube Plugin
    Malwarebytes Anti-Malware version 1.75.0.1300
    Mesh Runtime
    Microsoft .NET Framework 4 Client Profile
    Microsoft Application Error Reporting
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Office 64-bit Components 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared 64-bit MUI (English) 2007
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft PowerPoint Viewer
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery P.I. - Stolen in San Francisco
    Namco All-Stars: PAC-MAN
    Nero Control Center 10
    Nero ControlCenter 10 Help (CHM)
    Nero Core Components 10
    Nero DiscSpeed 10
    Nero DiscSpeed 10 Help (CHM)
    Nero Express 10
    Nero Express 10 Help (CHM)
    Nero Multimedia Suite 10 Essentials
    Nero StartSmart 10
    Nero StartSmart 10 Help (CHM)
    Nero Update
    NOOK for PC
    Norton Online Backup
    Norton Security Suite
    NVIDIA Control Panel 307.83
    NVIDIA Display Control Panel
    NVIDIA Drivers
    NVIDIA ForceWare Network Access Manager
    NVIDIA Graphics Driver 307.83
    NVIDIA Install Application
    NVIDIA Stereoscopic 3D Driver
    NVIDIA Update 1.10.8
    NVIDIA Update Components
    Penguins!
    Plants vs. Zombies - Game of the Year
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    QuickTime
    Realtek High Definition Audio Driver
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
    Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
    Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
    Skype Click to Call
    Skype™ 6.3
    Times Reader
    Torchlight
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
    Update for Microsoft Office Access 2007 Help (KB963663)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office Infopath 2007 Help (KB963662)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
    Update for Microsoft Office Outlook 2007 Help (KB963677)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Publisher 2007 Help (KB963667)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    Update Installer for WildTangent Games App
    Virtual Villagers 4 - The Tree of Life
    Welcome Center
    WildTangent Games App (eMachines Games)
    Windows Live
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Zuma's Revenge
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/24/2013 8:33:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
    7/24/2013 5:35:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
    7/24/2013 10:24:00 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
    7/21/2013 9:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user laurelhome-PC\laurelhome SID (S-1-5-21-2943752849-2961130617-1043429671-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    7/21/2013 7:46:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
    7/19/2013 7:49:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
    7/18/2013 7:42:28 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
    7/18/2013 7:42:28 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
    7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not start due to a logon failure.
    .
    ==== End Of File ===========================
    Share on Google+

  14. #44
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,430
    Good

    Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.

    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • Wait until the Status box shows Scan Finished
    • Click on Delete.
    • Wait until the Status box shows Deleting Finished.
    • Click on Report and copy/paste the content of the Notepad into your next reply.
    • RKreport.txt could also be found on your desktop.
    • If more than one log is produced post all logs.
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again



    Create new restore point before proceeding with the next step....
    How to:
    - Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
    - Windows 7: http://www.howtogeek.com/howto/3195/...-in-windows-7/
    - Vista: http://www.howtogeek.com/howto/windo...ystem-restore/
    - XP: http://support.microsoft.com/kb/948247

    Download Malwarebytes Anti-Rootkit (MBAR) from HERE

    • Unzip downloaded file.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
    Share on Google+

  15. #45
    Join Date
    Jul 2003
    Posts
    130

    Yes, good! :>)

    [QUOTE=Broni;1433727]Good


    But I see there is more work to do - you weren't kidding! OK, I'm with you.
    Share on Google+

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •