-
July 24th, 2013, 07:47 PM
#31
Broni
I MUST DL to f drive *first* and then YES, I did save it to a desktop folder.
If I try to DL and save to Desktop it claims it has a virus and will NOT allow me, so I DL to f drive from another PC first. Then I put all on my desktop.
I will carefully re read your instructions, but one thing I know for sure- 'it' does not allow me to DL your fixlist file and save to my desktop.
Thanks for your continued patience.
-
July 24th, 2013, 07:55 PM
#32
Download attached fixlist.txt file and save it to the Desktop.
Reading this verbatim...cannot be done. Get message saying fixlist contained a virus and was deleted.
-
July 24th, 2013, 08:08 PM
#33
Let's go back to recovery mode...
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.
Plug the flashdrive into the infected PC.
If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.
If you are using Vista or Windows 7 enter System Recovery Options.
To enter System Recovery Options from the Advanced Boot Options:
- Restart the computer.
- As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
- Use the arrow keys to select the Repair your computer menu item.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account an click Next.
To enter System Recovery Options by using Windows installation disc:
- Insert the installation disc.
- Restart your computer.
- If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
- Click Repair your computer.
- Select US as the keyboard language settings, and then click Next.
- Select the operating system you want to repair, and then click Next.
- Select your user account and click Next.
On the System Recovery Options menu you will get the following options:
- Startup Repair
- System Restore
- Windows Complete PC Restore
- Windows Memory Diagnostic Tool
- Command Prompt
- Select Command Prompt
- In the command window type in notepad and press Enter.
- The notepad opens. Under File menu select Open.
- Select "Computer" and find your flash drive letter and close the notepad.
- In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive. - The tool will start to run.
- When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
-
July 24th, 2013, 08:12 PM
#34
OK
[QUOTE=Broni;1433619]Let's go back to recovery mode...
Will do, Broni
Many Thanks
-
July 24th, 2013, 08:36 PM
#35
Here is the new log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2013
Ran by SYSTEM on 24-07-2013 20:28:31
Running from H:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-03-03] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [3478752 2012-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
HKU\laurelhome\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\laurelhome\...\Run: [Logitech Vid] - "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode [6129496 2011-01-12] (Logitech Inc.)
HKU\laurelhome\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\UpdatusUser\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
==================== Services (Whitelisted) =================
S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
S2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
S2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
S2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
==================== Drivers (Whitelisted) ====================
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-02-03] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-01-07] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-24 03:06 - 2013-07-24 15:48 - 00000000 ____D C:\Users\laurelhome\Desktop\fixlist
2013-07-21 16:10 - 2013-07-21 16:10 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
2013-07-21 05:13 - 2013-07-21 05:13 - 00000000 ____D C:\FRST
2013-07-20 05:29 - 2013-07-20 05:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
2013-07-18 02:32 - 2013-07-18 15:49 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
2013-07-14 04:41 - 2013-07-14 04:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
2013-07-10 23:08 - 2013-06-11 15:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-10 23:08 - 2013-06-11 15:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-10 23:08 - 2013-06-11 15:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 23:08 - 2013-06-11 15:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-10 23:08 - 2013-06-11 15:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-10 23:08 - 2013-06-11 15:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-10 23:08 - 2013-06-11 15:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-10 23:08 - 2013-06-11 15:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-10 23:08 - 2013-06-11 14:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-10 23:08 - 2013-06-11 14:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-10 23:08 - 2013-06-06 19:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-10 23:08 - 2013-06-06 18:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-10 14:36 - 2013-07-10 14:36 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
2013-07-10 14:33 - 2013-07-20 03:06 - 00000000 ____D C:\Users\laurelhome\Desktop\library
2013-07-10 03:27 - 2013-06-04 19:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-10 03:27 - 2013-06-03 22:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-10 03:27 - 2013-06-03 20:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-10 03:27 - 2013-05-05 22:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-10 03:27 - 2013-05-05 20:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-10 03:27 - 2013-04-09 15:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-10 03:27 - 2013-04-02 14:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-07 13:41 - 2013-07-07 13:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
2013-07-06 09:27 - 2013-07-06 09:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
2013-07-05 02:55 - 2013-07-05 02:56 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
2013-07-04 04:02 - 2013-07-04 04:02 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
2013-07-01 03:16 - 2013-07-01 03:32 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
2013-06-30 15:34 - 2013-06-30 15:34 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
2013-06-25 09:54 - 2013-06-25 09:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
2013-06-25 09:41 - 2013-06-25 09:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
2013-06-25 09:26 - 2013-07-24 13:42 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
2013-06-25 08:59 - 2013-06-25 08:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
2013-06-25 08:57 - 2013-06-25 08:57 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
2013-06-25 08:33 - 2013-07-21 16:11 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi
==================== One Month Modified Files and Folders =======
2013-07-24 16:26 - 2012-01-07 14:08 - 00196608 _____ C:\Windows\System32\Ikeext.etl
2013-07-24 16:26 - 2009-07-06 23:39 - 01748447 _____ C:\Windows\WindowsUpdate.log
2013-07-24 16:17 - 2012-05-03 05:47 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Skype
2013-07-24 15:49 - 2013-04-02 16:06 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 15:48 - 2013-07-24 03:06 - 00000000 ____D C:\Users\laurelhome\Desktop\fixlist
2013-07-24 15:43 - 2012-09-02 15:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 15:00 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\tracing
2013-07-24 14:05 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 14:05 - 2009-07-13 20:45 - 00016976 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 14:02 - 2009-07-13 21:13 - 00727310 _____ C:\Windows\System32\PerfStringBackup.INI
2013-07-24 13:57 - 2013-04-02 16:06 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 13:57 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 13:57 - 2009-07-13 20:51 - 00040499 _____ C:\Windows\setupact.log
2013-07-24 13:57 - 2009-07-06 23:38 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-24 13:42 - 2013-06-25 09:26 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
2013-07-21 17:45 - 2012-01-07 13:02 - 00000000 __SHD C:\Recovery
2013-07-21 16:11 - 2013-06-25 08:33 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi
2013-07-21 16:10 - 2013-07-21 16:10 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
2013-07-21 13:35 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-07-21 05:13 - 2013-07-21 05:13 - 00000000 ____D C:\FRST
2013-07-20 05:31 - 2013-04-20 08:48 - 00000000 __HDC C:\Users\laurelhome\AppData\Local\~0
2013-07-20 05:29 - 2013-07-20 05:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
2013-07-20 03:06 - 2013-07-10 14:33 - 00000000 ____D C:\Users\laurelhome\Desktop\library
2013-07-18 17:44 - 2013-04-02 16:06 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-18 17:44 - 2013-04-02 16:06 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-18 17:44 - 2012-01-07 13:02 - 00000000 ____D C:\users\laurelhome
2013-07-18 15:51 - 2012-11-08 15:03 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-18 15:51 - 2011-03-31 01:13 - 00000000 ____D C:\ProgramData\Skype
2013-07-18 15:49 - 2013-07-18 02:32 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
2013-07-18 15:49 - 2011-03-31 01:24 - 00000000 ____D C:\ProgramData\Norton
2013-07-18 15:49 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-07-18 15:47 - 2012-01-07 15:09 - 00000000 __RHD C:\MSOCache
2013-07-17 15:24 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-07-14 04:53 - 2012-08-19 12:24 - 00000000 ____D C:\Users\laurelhome\Desktop\jwlry
2013-07-14 04:43 - 2013-06-17 15:37 - 00000000 ____D C:\Users\laurelhome\Desktop\H.POTTER
2013-07-14 04:41 - 2013-07-14 04:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
2013-07-12 11:34 - 2012-01-08 14:39 - 00000000 ____D C:\Users\laurelhome\AppData\Local\CrashDumps
2013-07-11 13:38 - 2012-10-17 13:58 - 00000000 ____D C:\Users\laurelhome\Desktop\recipes
2013-07-10 23:35 - 2009-07-13 20:45 - 00416200 _____ C:\Windows\System32\FNTCACHE.DAT
2013-07-10 23:34 - 2013-03-13 23:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 23:34 - 2013-03-13 23:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 23:33 - 2010-11-20 23:17 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 23:10 - 2012-01-18 14:29 - 78185248 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-10 23:09 - 2012-08-25 03:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-10 14:36 - 2013-07-10 14:36 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
2013-07-07 13:41 - 2013-07-07 13:41 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
2013-07-06 09:27 - 2013-07-06 09:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
2013-07-06 07:14 - 2012-01-07 13:13 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\SoftGrid Client
2013-07-05 17:29 - 2013-04-16 18:59 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2013
2013-07-05 17:28 - 2012-01-14 19:53 - 00000000 ____D C:\Users\laurelhome\Desktop\gipics january 2012
2013-07-05 17:27 - 2012-11-06 13:45 - 00000000 ____D C:\Users\laurelhome\Desktop\coaster
2013-07-05 17:25 - 2012-09-05 01:57 - 00000000 ____D C:\Users\laurelhome\Desktop\favs
2013-07-05 17:24 - 2012-09-03 18:19 - 00000000 ____D C:\Users\laurelhome\Desktop\gpics
2013-07-05 02:56 - 2013-07-05 02:55 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
2013-07-04 05:52 - 2012-10-28 14:32 - 00000000 ____D C:\Users\laurelhome\Desktop\halloween2012
2013-07-04 04:02 - 2013-07-04 04:02 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 105 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 104 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 103 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 096 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 095 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 055 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 053 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 052 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 051 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001696 _____ C:\Users\laurelhome\Desktop\lake george 117 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001691 _____ C:\Users\laurelhome\Desktop\lake george 101 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001687 _____ C:\Users\laurelhome\Desktop\lake george 091 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001686 _____ C:\Users\laurelhome\Desktop\lake george 054 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001671 _____ C:\Users\laurelhome\Desktop\lake george 100 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 093 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 092 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 090 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 089 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 088 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 087 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 086 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 081 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 079 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 078 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 077 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 076 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 072 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 070 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 067 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 066 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 065 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 064 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 063 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 062 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 061 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 060 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 059 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 058 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 057 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001666 _____ C:\Users\laurelhome\Desktop\lake george 116 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 111 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 102 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001651 _____ C:\Users\laurelhome\Desktop\lake george 068 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 080 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 073 - Shortcut.lnk
2013-07-04 04:00 - 2012-08-19 11:45 - 00001595 _____ C:\Users\laurelhome\Desktop\lake george 069 - Shortcut.lnk
2013-07-04 04:00 - 2012-04-06 15:43 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2012
2013-07-04 03:57 - 2012-02-26 07:13 - 00000000 ____D C:\Users\laurelhome\Desktop\giannafeb2012
2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 050 - Shortcut.lnk
2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 049 - Shortcut.lnk
2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 048 - Shortcut.lnk
2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 047 - Shortcut.lnk
2013-07-04 03:56 - 2012-08-19 11:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 046 - Shortcut.lnk
2013-07-03 13:31 - 2012-07-29 14:47 - 00000000 ____D C:\Users\laurelhome\Desktop\gbday
2013-07-03 13:30 - 2012-07-26 18:09 - 00000000 ____D C:\Users\laurelhome\Desktop\cuban pete
2013-07-03 13:29 - 2012-11-25 04:57 - 00000000 ____D C:\Users\laurelhome\Desktop\NOVDEC2012
2013-07-03 13:26 - 2012-08-19 11:42 - 00000000 ____D C:\Users\laurelhome\Desktop\lake george pics2012
2013-07-01 03:32 - 2013-07-01 03:16 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
2013-07-01 03:30 - 2012-12-02 05:40 - 00000000 ____D C:\Users\laurelhome\Desktop\Le
2013-07-01 03:16 - 2012-08-05 03:48 - 00000000 ____D C:\Users\laurelhome\Desktop\hoedown
2013-06-30 15:34 - 2013-06-30 15:34 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
2013-06-25 09:54 - 2013-06-25 09:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
2013-06-25 09:41 - 2013-06-25 09:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
2013-06-25 09:26 - 2012-01-14 19:55 - 00000000 ____D C:\Users\laurelhome\AppData\Local\Windows Live
2013-06-25 08:59 - 2013-06-25 08:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
2013-06-25 08:57 - 2013-06-25 08:57 - 00000000 ____D C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2013-06-21 17:16:39
Restore point made on: 2013-06-28 12:36:29
Restore point made on: 2013-07-02 11:35:42
Restore point made on: 2013-07-10 23:00:41
Restore point made on: 2013-07-11 23:01:06
Restore point made on: 2013-07-18 15:13:01
Restore point made on: 2013-07-18 15:45:51
Restore point made on: 2013-07-18 23:00:45
Restore point made on: 2013-07-20 05:33:32
Restore point made on: 2013-07-20 05:34:14
Restore point made on: 2013-07-21 13:41:39
Restore point made on: 2013-07-21 13:42:05
Restore point made on: 2013-07-21 13:42:11
Restore point made on: 2013-07-21 13:42:31
Restore point made on: 2013-07-22 02:36:15
==================== Memory info ===========================
Percentage of memory in use: 22%
Total physical RAM: 2815.37 MB
Available physical RAM: 2168.33 MB
Total Pagefile: 2813.57 MB
Available Pagefile: 2152.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:852.44 GB) NTFS (Disk=0 Partition=3)
Drive e: (PQSERVICE) (Fixed) (Total:19.53 GB) (Free:8.54 GB) NTFS (Disk=0 Partition=1)
Drive h: (OPTIMA PRO) (Removable) (Total:1.92 GB) (Free:0.35 GB) FAT (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 35D5C1F3)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=912 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 814DAD2E)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
LastRegBack: 2013-07-21 13:27
==================== End Of Log ============================
-
July 24th, 2013, 09:29 PM
#36
OK. You're doing something wrong.
Reboot back to your desktop.
Look at your reply #24...
The log says:
Running from F:\
[...]
Boot Mode: Normal
If you keep FRST on USB drive and you run it from there it's fine with me.
But then...
In my reply #27 I attached "fixlist".
You can download it on another computer and put it on the very same USB flash drive.
Then while still booted to your Desktop run FRST (from USB flash drive) and click on "Fix" button.
Instead you boot to recovery option and you run the tool from there (your reply #29):
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-07-2013
Ran by SYSTEM at 2013-07-24 17:47:48 Run:2
Running from H:\
Boot Mode: Recovery
You have to run my fix from normal boot not from recovery.
Please retry or ask any question if something is not clear.
-
July 24th, 2013, 09:48 PM
#37
still tryin!
[QUOTE=Broni;1433627]OK. You're doing something wrong.
Yep
I pretty much figured that much out . 
OK, so now I am going back to other PC and will put the fixlist on the f drive.
I will then run the scan from the normal mode...both from the f drive I guess.
If this is wrong, pls tell me.
THX!:
-
July 24th, 2013, 09:55 PM
#38
You already ran scan from normal mode.
All you need to do is to have FRST and "fixlist" on the very same USB drive.
Plug that USB into bad computer start it in normal mode.
Run FRST (located on USB) and click "Fix" button.
-
July 24th, 2013, 10:11 PM
#39
OK, knocking on wood here. I believe it is fixed! I just tested by (again) trying to DL fixlist (AFTER following your steps) and MY pc let me !!!
YAAAAAAAY! How does a person thank you for all this ?
Patience of a saint !
Thank you SO much!
-
July 24th, 2013, 11:17 PM
#40
Good news 
BUT....we just started...
Please complete all steps listed here: http://discussions.virtualdr.com/sho...d-4-28-2013%29
-
July 25th, 2013, 06:58 AM
#41
Scans done.....

Thank you again !!!!!!! Norton updated / Constant Guard. Finally makes appearance.
LOGS:
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.07.25.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
laurelhome :: LAURELHOME-PC [administrator]
Protection: Enabled
7/25/2013 6:40:48 AM
mbam-log-2013-07-25 (06-40-48).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 256705
Time elapsed: 6 minute(s), 3 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/7/2012 4:02:51 PM
System Uptime: 7/25/2013 5:43:22 AM (1 hours ago)
.
Motherboard: eMachines | | EL1358G
Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 852.855 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP158: 6/21/2013 9:16:24 PM - Windows Update
RP159: 6/28/2013 4:36:14 PM - Windows Update
RP160: 7/2/2013 3:35:28 PM - Windows Update
RP161: 7/11/2013 3:00:27 AM - Windows Update
RP162: 7/12/2013 3:00:42 AM - Windows Update
RP163: 7/18/2013 7:12:45 PM - Removed Microsoft Silverlight
RP164: 7/18/2013 7:45:19 PM - Restore Operation
RP165: 7/19/2013 3:00:28 AM - Windows Update
RP166: 7/20/2013 9:33:15 AM - Removed Google Drive
RP167: 7/20/2013 9:33:56 AM - Removed Microsoft Silverlight
RP168: 7/22/2013 6:36:01 AM - Windows Update
.
==== Installed Programs ======================
.
Acrobat.com
Adobe Acrobat XI Pro
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.3 MUI
Agatha Christie - 4:50 from Paddington
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Avery Template
Avery Template - U_0088_01_P
Bejeweled 2 Deluxe
Bing Bar
Bonjour
Browser Manager
Build-a-lot 2
CameraHelperMsi
Chuzzle Deluxe
Coupon Printer for Windows
Create and Print Plugin 4.0.8045
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
eBay Worldwide
eMachines Games
eMachines Recovery Management
eMachines Registration
eMachines ScreenSaver
eMachines Updater
erLT
Final Drive: Nitro
Galerie de photos Windows Live
Google Drive
Google Update Helper
Hotkey Utility
Identity Card
iTunes
Java Auto Updater
Java(TM) 6 Update 33
Jewel Quest Heritage
Junk Mail filter update
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft PowerPoint Viewer
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars: PAC-MAN
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NOOK for PC
Norton Online Backup
Norton Security Suite
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
QuickTime
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype Click to Call
Skype™ 6.3
Times Reader
Torchlight
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Welcome Center
WildTangent Games App (eMachines Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
7/24/2013 8:33:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
7/24/2013 5:35:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
7/24/2013 10:24:00 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
7/21/2013 9:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user laurelhome-PC\laurelhome SID (S-1-5-21-2943752849-2961130617-1043429671-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/21/2013 7:46:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
7/19/2013 7:49:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
7/18/2013 7:42:28 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
7/18/2013 7:42:28 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.
7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not start due to a logon failure.
-
July 25th, 2013, 08:12 PM
#42
I still need DDS.txt log.
-
July 25th, 2013, 08:53 PM
#43
oops...sorry
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635
Run by laurelhome at 6:52:20 on 2013-07-25
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2815.1044 [GMT -4:00]
.
AV: Norton Security Suite *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security Suite *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\70512b0b\20.1.0.24\InstStub.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\splwow64.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.comcast.net/
uDefault_Page_URL = hxxp://emachines.msn.com
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\CoIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\IPS\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\CoIEPlg.dll
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Hotkey Utility] C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: PackageCab - hxxp://ak.imgag.com/imgag/cp/install/AxCtp2.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{AF5734B3-C8D3-4EC6-863D-6B90B39F75E0} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1401000.018\SymDS64.sys [2013-7-24 493216]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1401000.018\SymEFA64.sys [2013-7-24 1132192]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-15 1393240]
R1 ccSet_N360;Norton Security Suite Settings Manager;C:\Windows\System32\drivers\N360x64\1401000.018\ccSetx64.sys [2013-7-24 168096]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130724.001\IDSviA64.sys [2013-7-24 513184]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1401000.018\Ironx64.sys [2013-7-24 224416]
R1 SYMNETS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1401000.018\symnets.sys [2013-7-24 432800]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 GREGService;GREGService;C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [2010-1-8 23584]
R2 Live Updater Service;Live Updater Service;C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [2011-3-31 244624]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-7-25 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-7-25 701512]
R2 N360;Norton Security Suite;C:\Program Files (x86)\Norton Security Suite\Engine\20.1.0.24\ccSvcHst.exe [2013-7-24 143928]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-7-12 3289472]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-26 378984]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-7-25 25928]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2011-10-1 764264]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2011-10-1 22376]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-9 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-25 10:39:21 -------- d-----w- C:\Users\laurelhome\AppData\Roaming\Malwarebytes
2013-07-25 10:39:12 -------- d-----w- C:\ProgramData\Malwarebytes
2013-07-25 10:39:11 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-25 10:39:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-25 10:38:45 -------- d-----w- C:\Users\laurelhome\AppData\Local\Programs
2013-07-25 02:25:41 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2013-07-25 02:25:41 -------- d-----w- C:\Program Files\Symantec
2013-07-25 02:25:41 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2013-07-25 02:24:38 776352 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\srtsp64.sys
2013-07-25 02:24:38 493216 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymDS64.sys
2013-07-25 02:24:38 432800 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\symnets.sys
2013-07-25 02:24:38 37496 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\srtspx64.sys
2013-07-25 02:24:38 23448 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymELAM.sys
2013-07-25 02:24:38 224416 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\Ironx64.sys
2013-07-25 02:24:38 168096 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\ccSetx64.sys
2013-07-25 02:24:38 1132192 ----a-r- C:\Windows\System32\drivers\N360x64\1401000.018\SymEFA64.sys
2013-07-25 02:24:21 -------- d-----w- C:\Windows\System32\drivers\N360x64\1401000.018
2013-07-25 02:24:21 -------- d-----w- C:\Windows\System32\drivers\N360x64
2013-07-25 02:24:20 -------- d-----w- C:\Program Files (x86)\Norton Security Suite
2013-07-25 02:22:12 -------- d-----w- C:\ProgramData\PCSettings
2013-07-22 00:10:35 -------- d-----w- C:\Users\laurelhome\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
2013-07-21 13:13:54 -------- d-----w- C:\FRST
2013-07-20 13:29:48 -------- d-----w- C:\Users\laurelhome\AppData\Roaming\Tific
2013-07-18 10:32:46 -------- d-----w- C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
2013-07-14 12:41:07 -------- d-----w- C:\Users\laurelhome\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
2013-07-10 22:36:31 -------- d-----w- C:\Users\laurelhome\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
2013-07-10 11:27:29 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-10 11:27:29 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-10 11:27:28 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-10 11:27:27 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-10 11:27:15 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:27:15 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-10 11:27:15 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-10 11:27:15 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-10 11:27:15 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-10 11:27:15 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:27:11 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-10 11:27:11 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-07 21:41:32 -------- d-----w- C:\Users\laurelhome\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
2013-07-05 10:55:52 -------- d-----w- C:\Users\laurelhome\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
2013-07-04 12:02:29 -------- d-----w- C:\Users\laurelhome\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
2013-07-02 19:36:06 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C42BDDC4-111A-4C28-8DB4-71D2D1332A14}\mpengine.dll
2013-06-30 23:34:37 -------- d-----w- C:\Users\laurelhome\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
2013-06-25 16:57:29 -------- d-----w- C:\Users\laurelhome\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
.
==================== Find3M ====================
.
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 21:43:14 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 21:43:14 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-28 13:05:16 163328 ----a-w- C:\Windows\SysWow64\FlashPlayerUpdateService.exe
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 6:53:14.03 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/7/2012 4:02:51 PM
System Uptime: 7/25/2013 5:43:22 AM (1 hours ago)
.
Motherboard: eMachines | | EL1358G
Processor: AMD Athlon(tm) II X2 220 Processor | CPU 1 | 784/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 852.855 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP158: 6/21/2013 9:16:24 PM - Windows Update
RP159: 6/28/2013 4:36:14 PM - Windows Update
RP160: 7/2/2013 3:35:28 PM - Windows Update
RP161: 7/11/2013 3:00:27 AM - Windows Update
RP162: 7/12/2013 3:00:42 AM - Windows Update
RP163: 7/18/2013 7:12:45 PM - Removed Microsoft Silverlight
RP164: 7/18/2013 7:45:19 PM - Restore Operation
RP165: 7/19/2013 3:00:28 AM - Windows Update
RP166: 7/20/2013 9:33:15 AM - Removed Google Drive
RP167: 7/20/2013 9:33:56 AM - Removed Microsoft Silverlight
RP168: 7/22/2013 6:36:01 AM - Windows Update
.
==== Installed Programs ======================
.
Acrobat.com
Adobe Acrobat XI Pro
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.3 MUI
Agatha Christie - 4:50 from Paddington
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Avery Template
Avery Template - U_0088_01_P
Bejeweled 2 Deluxe
Bing Bar
Bonjour
Browser Manager
Build-a-lot 2
CameraHelperMsi
Chuzzle Deluxe
Coupon Printer for Windows
Create and Print Plugin 4.0.8045
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
eBay Worldwide
eMachines Games
eMachines Recovery Management
eMachines Registration
eMachines ScreenSaver
eMachines Updater
erLT
Final Drive: Nitro
Galerie de photos Windows Live
Google Drive
Google Update Helper
Hotkey Utility
Identity Card
iTunes
Java Auto Updater
Java(TM) 6 Update 33
Jewel Quest Heritage
Junk Mail filter update
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft PowerPoint Viewer
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars: PAC-MAN
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero DiscSpeed 10
Nero DiscSpeed 10 Help (CHM)
Nero Express 10
Nero Express 10 Help (CHM)
Nero Multimedia Suite 10 Essentials
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NOOK for PC
Norton Online Backup
Norton Security Suite
NVIDIA Control Panel 307.83
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA Graphics Driver 307.83
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.10.8
NVIDIA Update Components
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
QuickTime
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Skype Click to Call
Skype™ 6.3
Times Reader
Torchlight
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Welcome Center
WildTangent Games App (eMachines Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
7/24/2013 8:33:52 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR3.
7/24/2013 5:35:29 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
7/24/2013 10:24:00 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
7/21/2013 9:12:50 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user laurelhome-PC\laurelhome SID (S-1-5-21-2943752849-2961130617-1043429671-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
7/21/2013 7:46:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
7/19/2013 7:49:10 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
7/18/2013 7:42:28 PM, Error: Service Control Manager [7024] - The Background Intelligent Transfer Service service terminated with service-specific error %%-2147024846.
7/18/2013 7:42:28 PM, Error: Microsoft-Windows-Bits-Client [16392] - The BITS service failed to start. Error 0x80070032.
7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/18/2013 7:42:27 PM, Error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
7/18/2013 7:42:27 PM, Error: Service Control Manager [7000] - The SSDP Discovery service failed to start due to the following error: The service did not start due to a logon failure.
.
==== End Of File ===========================
-
July 25th, 2013, 09:24 PM
#44
Good 
Download RogueKiller for 32bit or Roguekiller for 64bit to your Desktop.
- Close all the running programs
- Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
- Otherwise just double-click on RogueKiller.exe
- Pre-scan will start. Let it finish.
- Click on SCAN button.
- Wait until the Status box shows Scan Finished
- Click on Delete.
- Wait until the Status box shows Deleting Finished.
- Click on Report and copy/paste the content of the Notepad into your next reply.
- RKreport.txt could also be found on your desktop.
- If more than one log is produced post all logs.
- If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again
Create new restore point before proceeding with the next step....
How to:
- Windows 8: http://www.vikitech.com/11302/system-restore-windows-8
- Windows 7: http://www.howtogeek.com/howto/3195/...-in-windows-7/
- Vista: http://www.howtogeek.com/howto/windo...ystem-restore/
- XP: http://support.microsoft.com/kb/948247
Download Malwarebytes Anti-Rootkit (MBAR) from HERE
- Unzip downloaded file.
- Open the folder where the contents were unzipped and run mbar.exe
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Click on the Cleanup button to remove any threats and reboot if prompted to do so.
- Wait while the system shuts down and the cleanup process is performed.
- Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
- When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
-
July 25th, 2013, 10:46 PM
#45
Yes, good! :>)
[QUOTE=Broni;1433727]Good 
But I see there is more work to do - you weren't kidding! OK, I'm with you.
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|