The computer runs very slow and the browser takes you wherever it decides to! I ran MalwareBytes and found close to 700 buggers and cleaned all but 8 that keep coming back. The last MBscan reported none but the computer stills is messed up. I am going to copy / paste the files requested. Any and all help will be greatly appreciated.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:10:00 PM, on 1/25/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Patty\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - (no file)
O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SMessaging] C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [Messenger] "C:\Program Files\Strongvault Online Backup\SMessenger.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 9293 bytes
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by Patty at 18:10:52 on 2013-01-25
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1013.247 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
C:\windows\SYSTEM32\Rezip.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\windows\system32\taskeng.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] c:\program files\common files\apple\internet services\BookmarkDAV_client.exe
uRun: [Messenger] "c:\program files\strongvault online backup\SMessenger.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [APLangApp] "c:\program files\anypc client\APLangApp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SMessaging] c:\users\patty\appdata\local\strongvault online backup\SMessaging.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{950CA4E8-EB13-4B49-B7F6-BAF6CE7A8870} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9A143B21-0A77-4A2A-92E4-FBFA1E112DC1}\3416262796E696 : DHCPNameServer = 192.168.1.5 192.168.1.1
TCP: Interfaces\{9A143B21-0A77-4A2A-92E4-FBFA1E112DC1}\65562796A7F6E6024425F49444850233932393 : DHCPNameServer = 192.168.42.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2009-12-14 10752]
R2 Freemake Improver;Freemake Improver;c:\programdata\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-7-22 96768]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2012-7-22 8704]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-22 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-22 682344]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 99272]
R2 NWVZHelper;Novatel Wireless Verizon Device Helper;c:\program files\novatel wireless\verizon\drivers\NWHelper_001.exe [2010-6-3 216064]
R2 Rezip;Rezip;c:\windows\system32\Rezip.exe [2009-12-14 311296]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-22 21104]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-1-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2010-7-8 20480]
S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);c:\windows\system32\drivers\nwusbmdm_000.sys [2010-7-8 176384]
S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);c:\windows\system32\drivers\nwusbser_000.sys [2010-7-8 176384]
S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);c:\windows\system32\drivers\nwusbser2_000.sys [2010-7-8 176384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-24 14848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S3 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\drivers\SMARTMouseFilterx86.sys [2012-10-24 14232]
S3 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\drivers\SMARTVHidMini2000x86.sys [2012-10-24 13720]
S3 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\drivers\SMARTVTabletPCx86.sys [2012-10-24 21912]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-24 49664]
.
=============== Created Last 30 ================
.
2013-01-25 06:20:40 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1e50a77d-c385-4837-9182-0dd1ad533479}\mpengine.dll
2013-01-24 06:45:07 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-01-24 06:33:05 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-01-24 06:33:02 247808 ----a-w- c:\windows\system32\schannel.dll
2013-01-24 06:33:01 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-24 06:33:01 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-24 06:33:01 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-24 06:24:36 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-01-24 06:24:35 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-01-24 06:23:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-01-24 06:23:11 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-01-24 06:23:10 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-01-24 06:23:10 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-01-24 06:23:10 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-24 06:23:09 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-01-24 06:23:09 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-01-24 06:23:09 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-24 06:23:09 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-01-24 06:23:08 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-01-24 06:23:08 18944 ----a-w- c:\windows\system32\netevent.dll
2013-01-24 06:21:54 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-24 06:21:50 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-01-24 06:21:50 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-01-24 05:07:35 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-01-24 03:19:06 -------- d-----w- c:\windows\system32\SPReview
2013-01-24 03:17:19 -------- d-----w- c:\windows\system32\EventProviders
2013-01-24 03:14:51 -------- d-----w- c:\windows\en
2013-01-24 03:13:08 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-24 03:03:09 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-01-24 03:01:59 640512 ----a-w- c:\windows\system32\advapi32.dll
2013-01-24 03:00:59 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-01-24 02:59:59 402944 ----a-w- c:\windows\system32\drmmgrtn.dll
2013-01-24 02:58:59 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys
2013-01-24 02:57:51 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2013-01-24 02:57:51 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2013-01-24 02:57:50 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2013-01-24 02:57:49 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2013-01-24 02:57:49 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2013-01-24 02:57:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2013-01-24 02:57:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2013-01-24 02:57:01 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2013-01-24 02:57:01 189952 ----a-w- c:\windows\system32\wdscore.dll
2013-01-24 02:55:13 323072 ----a-w- c:\windows\system32\drvstore.dll
2013-01-24 02:55:12 257024 ----a-w- c:\windows\system32\dpx.dll
2013-01-23 23:09:05 1783056 ----a-w- c:\windows\system32\WavesLib.dll
2013-01-23 23:09:04 345328 ----a-w- c:\windows\system32\SRSTSXT.dll
2013-01-23 23:09:04 185584 ----a-w- c:\windows\system32\SRSTSHD.dll
2013-01-23 23:09:04 173296 ----a-w- c:\windows\system32\SRSHP360.dll
2013-01-23 23:09:04 140528 ----a-w- c:\windows\system32\SRSWOW.dll
2013-01-23 23:09:01 551456 ----a-w- c:\windows\system32\RTSndMgr.cpl
2013-01-23 23:09:01 2977248 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2013-01-23 23:09:00 1539104 ----a-w- c:\windows\system32\RtkPgExt.dll
2013-01-23 20:16:44 -------- d-----w- c:\program files\VS Revo Group
2013-01-23 19:49:28 -------- d-----w- c:\users\patty\.gimp-2.6
2013-01-23 16:15:50 -------- d-----w- c:\programdata\Strongvault Online Backup
2013-01-23 03:06:08 -------- d-----w- c:\windows\system32\x64
2013-01-23 03:03:43 -------- d-----w- c:\program files\Microsoft
2013-01-23 02:51:19 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-01-23 02:43:30 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-01-23 02:43:30 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-01-23 02:43:28 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-23 02:42:25 525656 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\DXSETUP.exe
2013-01-23 02:42:24 94040 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\DSETUP.dll
2013-01-23 02:42:24 1691480 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\dsetup32.dll
2013-01-23 02:42:18 525656 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\DXSETUP.exe
2013-01-23 02:42:18 1691480 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\dsetup32.dll
2013-01-23 02:42:17 94040 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\DSETUP.dll
2013-01-23 02:41:28 -------- d-----w- c:\users\patty\appdata\local\Windows Live
2013-01-23 02:25:05 -------- d-----w- c:\users\patty\appdata\roaming\Malwarebytes
2013-01-23 02:24:05 -------- d-----w- c:\programdata\Malwarebytes
2013-01-23 02:23:53 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-23 02:23:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-22 14:03:24 -------- d-----w- c:\program files\MSXML 4.0
2013-01-14 19:51:13 -------- d-----w- c:\users\patty\appdata\local\assembly
2013-01-14 19:50:58 -------- d-----w- c:\users\patty\appdata\local\Deployment
2013-01-14 19:50:58 -------- d-----w- c:\users\patty\appdata\local\Apps
2013-01-14 16:36:50 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-14 16:32:08 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-01-14 15:17:55 -------- d-----w- c:\users\patty\appdata\roaming\PCFixSpeed
2013-01-14 15:16:01 -------- d-----w- c:\users\patty\appdata\roaming\Strongvault
2013-01-14 15:15:12 -------- d-----w- c:\program files\common files\MSSoap
2013-01-14 15:15:00 -------- d-----w- c:\users\patty\appdata\local\Strongvault Online Backup
2013-01-14 15:14:46 -------- d-----w- c:\users\patty\appdata\local\Stronghold_LLC
2013-01-14 15:13:54 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-01-14 15:13:49 -------- d-----w- c:\users\patty\appdata\local\StrongVault
2013-01-14 15:13:26 -------- d-----w- c:\users\patty\appdata\roaming\CalendarPackages
2013-01-10 18:29:50 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 18:29:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 18:29:42 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 18:29:39 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 18:26:38 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-10 18:25:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-10 17:56:32 -------- d-----w- c:\users\patty\appdata\roaming\Systweak
2013-01-10 17:56:25 18952 ----a-w- c:\windows\system32\roboot.exe
.
==================== Find3M ====================
.
2013-01-24 03:46:37 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-01-14 16:37:17 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 02:52:48 64664 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-11-02 02:52:48 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2012-07-12 08:28:44 2174976 ----a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 18:13:28.81 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2010 8:55:35 AM
System Uptime: 1/25/2013 5:12:06 PM (1 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | N150/N210/N220
Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz | CPU 1 | 1667/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 67 GiB total, 23.013 GiB free.
D: is FIXED (NTFS) - 67 GiB total, 66.773 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: NetGroup Packet Filter Driver
Device ID: ROOT\LEGACY_NPF\0000
Manufacturer:
Name: NetGroup Packet Filter Driver
PNP Device ID: ROOT\LEGACY_NPF\0000
Service: npf
.
==== System Restore Points ===================
.
RP239: 1/25/2013 3:25:55 PM - Revo Uninstaller's restore point - Browse For Change
RP241: 1/25/2013 3:33:13 PM - Revo Uninstaller's restore point - Browser Manager
RP243: 1/25/2013 3:50:03 PM - Revo Uninstaller's restore point - Complitly
RP245: 1/25/2013 3:57:55 PM - Revo Uninstaller's restore point - iLivid
RP247: 1/25/2013 4:00:53 PM - Revo Uninstaller's restore point - NewFreeScreensaver nfsHorse
RP249: 1/25/2013 4:07:10 PM - Revo Uninstaller's restore point - Voobys
RP250: 1/25/2013 4:07:54 PM - Removed Voobys
RP252: 1/25/2013 4:12:04 PM - Revo Uninstaller's restore point - WinPcap 4.1.2
RP254: 1/25/2013 4:15:35 PM - Revo Uninstaller's restore point - Yontoo 1.10.02
RP256: 1/25/2013 4:21:01 PM - Revo Uninstaller's restore point - YTD Toolbar v6.6
RP257: 1/25/2013 4:22:02 PM - Removed YTD Toolbar v6.6.
RP259: 1/25/2013 4:27:41 PM - Revo Uninstaller's restore point - YTD YouTube Downloader & Converter 3.7
RP261: 1/25/2013 4:36:19 PM - Revo Uninstaller's restore point - ImTOO Video Converter Ultimate
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.1
Amazon MP3 Downloader 1.0.12
Amazon MP3 Uploader
AnyPC Client
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
BatteryLifeExtender
Bonjour
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP970 series
ChargeableUSB
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink YouCam
D3DX10
Dairy Dash
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Easy Display Manager
Easy Network Manager
Easy Resolution Manager
Easy SpeedUp Manager
EasyBatteryManager
Facebook Video Calling 1.2.0.287
Freemake Video Downloader
GIMP 2.6.10
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
House of Night Screensaver Screensaver
iCloud
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes Anti-Malware version 1.70.0.1100
Marvell Miniport Driver
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PDFCreator
QuickTime
Realtek High Definition Audio Driver
REALTEK Wireless LAN Software
Revo Uninstaller 1.94
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype 6.0
Strongvault Online Backup
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
User Guide
Verizon Mobile Broadband Drivers
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
1/25/2013 5:13:27 PM, Error: Service Control Manager [7000] - The WinPcap Packet Driver (NPF) service failed to start due to the following error: The system cannot find the file specified.
1/25/2013 5:13:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
1/25/2013 5:07:11 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/25/2013 5:03:30 PM, Error: Service Control Manager [7038] - The wscsvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/25/2013 5:03:30 PM, Error: Service Control Manager [7038] - The sppsvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/25/2013 5:03:30 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not start due to a logon failure.
1/25/2013 5:03:30 PM, Error: Service Control Manager [7000] - The Security Center service failed to start due to the following error: The service did not start due to a logon failure.
1/24/2013 9:05:53 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{950CA4E8-EB13-4B49-B7F6-BAF6CE7A8870} because another computer on the network has the same name. The server could not start.
1/24/2013 9:05:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
1/24/2013 8:18:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Rezip service.
1/24/2013 5:10:56 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer LEEFAMILY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9A143B21-0A77-4A2A-92E4-FBFA1E11. The master browser is stopping or an election is being forced.
1/24/2013 2:21:32 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
1/24/2013 2:08:05 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
1/24/2013 11:05:00 AM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
1/24/2013 1:20:36 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/23/2013 10:08:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Other hardware - Microsoft Hardware USB Mouse.
.
==== End Of File ===========================
GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-26 00:30:26
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.HH10 149.05GB
Running: h5x0lq3s.exe; Driver: C:\Users\Patty\AppData\Local\Temp\fgloapow.sys
---- Kernel code sections - GMER 2.0 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81E8EA49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81EC84D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Users\Patty\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654f6e1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fedcf2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654f6e1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fedcf2 (not active ControlSet)
---- EOF - GMER 2.0 ----
Thank You
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:10:00 PM, on 1/25/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Users\Patty\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {26c9e18c-3717-4be1-a225-04e4471f5b6e} - (no file)
O3 - Toolbar: (no name) - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~1\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [APLangApp] "C:\Program Files\AnyPC Client\APLangApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SMessaging] C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [Messenger] "C:\Program Files\Strongvault Online Backup\SMessenger.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Novatel Wireless Verizon Device Helper (NWVZHelper) - Novatel Wireless Inc. - C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
O23 - Service: Rezip - Unknown owner - C:\windows\SYSTEM32\Rezip.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 9293 bytes
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by Patty at 18:10:52 on 2013-01-25
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1013.247 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Novatel Wireless\Verizon\Drivers\NWHelper_001.exe
C:\windows\SYSTEM32\Rezip.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Users\Patty\AppData\Local\Strongvault Online Backup\SMessaging.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\windows\system32\taskeng.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\windows\system32\igfxext.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\NOTEPAD.EXE
C:\windows\system32\conhost.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [com.apple.dav.bookmarks.daemon] c:\program files\common files\apple\internet services\BookmarkDAV_client.exe
uRun: [Messenger] "c:\program files\strongvault online backup\SMessenger.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [APLangApp] "c:\program files\anypc client\APLangApp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" updatewithcreateonce "software\cyberlink\youcam\2.0"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IJNetworkScanUtility] c:\program files\canon\canon ij network scan utility\CNMNSUT.EXE
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Freecorder FLV Service] "c:\program files\freecorder\FLVSrvc.exe" /run
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SMessaging] c:\users\patty\appdata\local\strongvault online backup\SMessaging.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{950CA4E8-EB13-4B49-B7F6-BAF6CE7A8870} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{9A143B21-0A77-4A2A-92E4-FBFA1E112DC1}\3416262796E696 : DHCPNameServer = 192.168.1.5 192.168.1.1
TCP: Interfaces\{9A143B21-0A77-4A2A-92E4-FBFA1E112DC1}\65562796A7F6E6024425F49444850233932393 : DHCPNameServer = 192.168.42.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\drivers\SABI.sys [2009-12-14 10752]
R2 Freemake Improver;Freemake Improver;c:\programdata\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2012-7-22 96768]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2012-7-22 8704]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-22 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-22 682344]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 99272]
R2 NWVZHelper;Novatel Wireless Verizon Device Helper;c:\program files\novatel wireless\verizon\drivers\NWHelper_001.exe [2010-6-3 216064]
R2 Rezip;Rezip;c:\windows\system32\Rezip.exe [2009-12-14 311296]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-22 21104]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-11-9 160944]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-1-22 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352]
S3 NWUSBCDFIL;Novatel Wireless Installation CD;c:\windows\system32\drivers\NwUsbCdFil.sys [2010-7-8 20480]
S3 NWUSBModem_000;Novatel Wireless USB Modem Driver (vGEN);c:\windows\system32\drivers\nwusbmdm_000.sys [2010-7-8 176384]
S3 NWUSBPort_000;Novatel Wireless USB Status Port Driver (vGEN);c:\windows\system32\drivers\nwusbser_000.sys [2010-7-8 176384]
S3 NWUSBPort2_000;Novatel Wireless USB Status2 Port Driver (vGEN);c:\windows\system32\drivers\nwusbser2_000.sys [2010-7-8 176384]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-24 14848]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S3 SMARTMouseFilterx86;HID-compliant mouse;c:\windows\system32\drivers\SMARTMouseFilterx86.sys [2012-10-24 14232]
S3 SMARTVHidMini2000x86;SMART HID Device;c:\windows\system32\drivers\SMARTVHidMini2000x86.sys [2012-10-24 13720]
S3 SMARTVTabletPCx86;SMART Virtual TabletPC;c:\windows\system32\drivers\SMARTVTabletPCx86.sys [2012-10-24 21912]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-24 49664]
.
=============== Created Last 30 ================
.
2013-01-25 06:20:40 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1e50a77d-c385-4837-9182-0dd1ad533479}\mpengine.dll
2013-01-24 06:45:07 6991832 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-01-24 06:33:05 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-01-24 06:33:02 247808 ----a-w- c:\windows\system32\schannel.dll
2013-01-24 06:33:01 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-24 06:33:01 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-24 06:33:01 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-24 06:24:36 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-01-24 06:24:35 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-01-24 06:23:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2013-01-24 06:23:11 156672 ----a-w- c:\windows\system32\ncsi.dll
2013-01-24 06:23:10 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2013-01-24 06:23:10 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2013-01-24 06:23:10 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-24 06:23:09 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2013-01-24 06:23:09 242176 ----a-w- c:\windows\system32\nlasvc.dll
2013-01-24 06:23:09 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-01-24 06:23:09 175104 ----a-w- c:\windows\system32\netcorehc.dll
2013-01-24 06:23:08 52224 ----a-w- c:\windows\system32\nlaapi.dll
2013-01-24 06:23:08 18944 ----a-w- c:\windows\system32\netevent.dll
2013-01-24 06:21:54 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-24 06:21:50 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2013-01-24 06:21:50 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
2013-01-24 05:07:35 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-01-24 03:19:06 -------- d-----w- c:\windows\system32\SPReview
2013-01-24 03:17:19 -------- d-----w- c:\windows\system32\EventProviders
2013-01-24 03:14:51 -------- d-----w- c:\windows\en
2013-01-24 03:13:08 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-24 03:03:09 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-01-24 03:01:59 640512 ----a-w- c:\windows\system32\advapi32.dll
2013-01-24 03:00:59 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-01-24 02:59:59 402944 ----a-w- c:\windows\system32\drmmgrtn.dll
2013-01-24 02:58:59 6656 ----a-w- c:\windows\system32\drivers\RDPCDD.sys
2013-01-24 02:57:51 780288 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2013-01-24 02:57:51 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2013-01-24 02:57:50 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2013-01-24 02:57:49 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2013-01-24 02:57:49 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2013-01-24 02:57:21 697344 ----a-w- c:\windows\system32\SmiEngine.dll
2013-01-24 02:57:21 189952 ----a-w- c:\windows\system32\sqmapi.dll
2013-01-24 02:57:01 209920 ----a-w- c:\windows\system32\PkgMgr.exe
2013-01-24 02:57:01 189952 ----a-w- c:\windows\system32\wdscore.dll
2013-01-24 02:55:13 323072 ----a-w- c:\windows\system32\drvstore.dll
2013-01-24 02:55:12 257024 ----a-w- c:\windows\system32\dpx.dll
2013-01-23 23:09:05 1783056 ----a-w- c:\windows\system32\WavesLib.dll
2013-01-23 23:09:04 345328 ----a-w- c:\windows\system32\SRSTSXT.dll
2013-01-23 23:09:04 185584 ----a-w- c:\windows\system32\SRSTSHD.dll
2013-01-23 23:09:04 173296 ----a-w- c:\windows\system32\SRSHP360.dll
2013-01-23 23:09:04 140528 ----a-w- c:\windows\system32\SRSWOW.dll
2013-01-23 23:09:01 551456 ----a-w- c:\windows\system32\RTSndMgr.cpl
2013-01-23 23:09:01 2977248 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2013-01-23 23:09:00 1539104 ----a-w- c:\windows\system32\RtkPgExt.dll
2013-01-23 20:16:44 -------- d-----w- c:\program files\VS Revo Group
2013-01-23 19:49:28 -------- d-----w- c:\users\patty\.gimp-2.6
2013-01-23 16:15:50 -------- d-----w- c:\programdata\Strongvault Online Backup
2013-01-23 03:06:08 -------- d-----w- c:\windows\system32\x64
2013-01-23 03:03:43 -------- d-----w- c:\program files\Microsoft
2013-01-23 02:51:19 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-01-23 02:43:30 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-01-23 02:43:30 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2013-01-23 02:43:28 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-23 02:42:25 525656 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\DXSETUP.exe
2013-01-23 02:42:24 94040 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\DSETUP.dll
2013-01-23 02:42:24 1691480 ----a-w- c:\program files\common files\windows live\.cache\442746c91cdf91308\dsetup32.dll
2013-01-23 02:42:18 525656 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\DXSETUP.exe
2013-01-23 02:42:18 1691480 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\dsetup32.dll
2013-01-23 02:42:17 94040 ----a-w- c:\program files\common files\windows live\.cache\4191883d1cdf91307\DSETUP.dll
2013-01-23 02:41:28 -------- d-----w- c:\users\patty\appdata\local\Windows Live
2013-01-23 02:25:05 -------- d-----w- c:\users\patty\appdata\roaming\Malwarebytes
2013-01-23 02:24:05 -------- d-----w- c:\programdata\Malwarebytes
2013-01-23 02:23:53 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-23 02:23:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-22 14:03:24 -------- d-----w- c:\program files\MSXML 4.0
2013-01-14 19:51:13 -------- d-----w- c:\users\patty\appdata\local\assembly
2013-01-14 19:50:58 -------- d-----w- c:\users\patty\appdata\local\Deployment
2013-01-14 19:50:58 -------- d-----w- c:\users\patty\appdata\local\Apps
2013-01-14 16:36:50 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-14 16:32:08 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2013-01-14 15:17:55 -------- d-----w- c:\users\patty\appdata\roaming\PCFixSpeed
2013-01-14 15:16:01 -------- d-----w- c:\users\patty\appdata\roaming\Strongvault
2013-01-14 15:15:12 -------- d-----w- c:\program files\common files\MSSoap
2013-01-14 15:15:00 -------- d-----w- c:\users\patty\appdata\local\Strongvault Online Backup
2013-01-14 15:14:46 -------- d-----w- c:\users\patty\appdata\local\Stronghold_LLC
2013-01-14 15:13:54 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2013-01-14 15:13:49 -------- d-----w- c:\users\patty\appdata\local\StrongVault
2013-01-14 15:13:26 -------- d-----w- c:\users\patty\appdata\roaming\CalendarPackages
2013-01-10 18:29:50 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 18:29:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 18:29:42 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 18:29:39 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 18:26:38 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2013-01-10 18:25:09 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-10 17:56:32 -------- d-----w- c:\users\patty\appdata\roaming\Systweak
2013-01-10 17:56:25 18952 ----a-w- c:\windows\system32\roboot.exe
.
==================== Find3M ====================
.
2013-01-24 03:46:37 152576 ----a-w- c:\windows\system32\msclmd.dll
2013-01-14 16:37:17 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 02:52:48 64664 ----a-w- c:\windows\system32\drivers\dc3d.sys
2012-11-02 02:52:48 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2012-07-12 08:28:44 2174976 ----a-w- c:\program files\common files\atimpenc.dll
.
============= FINISH: 18:13:28.81 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume2
Install Date: 12/25/2010 8:55:35 AM
System Uptime: 1/25/2013 5:12:06 PM (1 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | N150/N210/N220
Processor: Intel(R) Atom(TM) CPU N450 @ 1.66GHz | CPU 1 | 1667/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 67 GiB total, 23.013 GiB free.
D: is FIXED (NTFS) - 67 GiB total, 66.773 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: NetGroup Packet Filter Driver
Device ID: ROOT\LEGACY_NPF\0000
Manufacturer:
Name: NetGroup Packet Filter Driver
PNP Device ID: ROOT\LEGACY_NPF\0000
Service: npf
.
==== System Restore Points ===================
.
RP239: 1/25/2013 3:25:55 PM - Revo Uninstaller's restore point - Browse For Change
RP241: 1/25/2013 3:33:13 PM - Revo Uninstaller's restore point - Browser Manager
RP243: 1/25/2013 3:50:03 PM - Revo Uninstaller's restore point - Complitly
RP245: 1/25/2013 3:57:55 PM - Revo Uninstaller's restore point - iLivid
RP247: 1/25/2013 4:00:53 PM - Revo Uninstaller's restore point - NewFreeScreensaver nfsHorse
RP249: 1/25/2013 4:07:10 PM - Revo Uninstaller's restore point - Voobys
RP250: 1/25/2013 4:07:54 PM - Removed Voobys
RP252: 1/25/2013 4:12:04 PM - Revo Uninstaller's restore point - WinPcap 4.1.2
RP254: 1/25/2013 4:15:35 PM - Revo Uninstaller's restore point - Yontoo 1.10.02
RP256: 1/25/2013 4:21:01 PM - Revo Uninstaller's restore point - YTD Toolbar v6.6
RP257: 1/25/2013 4:22:02 PM - Removed YTD Toolbar v6.6.
RP259: 1/25/2013 4:27:41 PM - Revo Uninstaller's restore point - YTD YouTube Downloader & Converter 3.7
RP261: 1/25/2013 4:36:19 PM - Revo Uninstaller's restore point - ImTOO Video Converter Ultimate
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.1
Amazon MP3 Downloader 1.0.12
Amazon MP3 Uploader
AnyPC Client
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Client Installation Program
BatteryLifeExtender
Bonjour
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP970 series
ChargeableUSB
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink YouCam
D3DX10
Dairy Dash
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Easy Display Manager
Easy Network Manager
Easy Resolution Manager
Easy SpeedUp Manager
EasyBatteryManager
Facebook Video Calling 1.2.0.287
Freemake Video Downloader
GIMP 2.6.10
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
House of Night Screensaver Screensaver
iCloud
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 24
Junk Mail filter update
Malwarebytes Anti-Malware version 1.70.0.1100
Marvell Miniport Driver
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Works
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
PDFCreator
QuickTime
Realtek High Definition Audio Driver
REALTEK Wireless LAN Software
Revo Uninstaller 1.94
Samsung Recovery Solution 4
Samsung Support Center
Samsung Update Plus
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Skype 6.0
Strongvault Online Backup
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
User Guide
Verizon Mobile Broadband Drivers
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
1/25/2013 5:13:27 PM, Error: Service Control Manager [7000] - The WinPcap Packet Driver (NPF) service failed to start due to the following error: The system cannot find the file specified.
1/25/2013 5:13:11 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
1/25/2013 5:07:11 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
1/25/2013 5:03:30 PM, Error: Service Control Manager [7038] - The wscsvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/25/2013 5:03:30 PM, Error: Service Control Manager [7038] - The sppsvc service was unable to log on as NT AUTHORITY\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/25/2013 5:03:30 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not start due to a logon failure.
1/25/2013 5:03:30 PM, Error: Service Control Manager [7000] - The Security Center service failed to start due to the following error: The service did not start due to a logon failure.
1/24/2013 9:05:53 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{950CA4E8-EB13-4B49-B7F6-BAF6CE7A8870} because another computer on the network has the same name. The server could not start.
1/24/2013 9:05:39 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.
1/24/2013 8:18:52 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Rezip service.
1/24/2013 5:10:56 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer LEEFAMILY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{9A143B21-0A77-4A2A-92E4-FBFA1E11. The master browser is stopping or an election is being forced.
1/24/2013 2:21:32 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
1/24/2013 2:08:05 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
1/24/2013 11:05:00 AM, Error: Service Control Manager [7000] - The Computer Browser service failed to start due to the following error: A system shutdown is in progress.
1/24/2013 1:20:36 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
1/23/2013 10:08:12 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Microsoft - Other hardware - Microsoft Hardware USB Mouse.
.
==== End Of File ===========================
GMER 2.0.18444 - http://www.gmer.net
Rootkit scan 2013-01-26 00:30:26
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 SAMSUNG_ rev.HH10 149.05GB
Running: h5x0lq3s.exe; Driver: C:\Users\Patty\AppData\Local\Temp\fgloapow.sys
---- Kernel code sections - GMER 2.0 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 81E8EA49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 81EC84D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Users\Patty\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654f6e1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076fedcf2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654f6e1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076fedcf2 (not active ControlSet)
---- EOF - GMER 2.0 ----
Thank You