I'm not much of a computer expert by any means but I'm not an idiot, I don't think! I don't normally have too many issues on my laptop, since I use it for work as a Realtor and can't afford to be downloading games or music or porn, that's what an iPad is for! LOL Anyway, yesterday I got infected with something after I started using Firefox I think. I was using Chrome for the longest time and had no issues, not many anyway. Then yesterday the sh*t hit the fan and I could barely use my internet browser at all, none of them, Chrome, Firefox, IE... I had so many pop-up ads all over my screen I couldn't see what I was doing! After several hours of research and banging my head against the wall, I came across ComboFix! Well, I'm very impatient and didn't figure I would do anything terrible by running it on my own, so I did, and it seems that so far I haven't ruined my computer yet... I wasn't able to save it DIRECTLY to my desktop when I installed it though because I never got the dialog box that gave me the option, it just automatically saved it to the "Downloads" folder as soon as I clicked "download". So, I created a Desktop Shortcut in hopes THAT would at least help, since the program would NOT let me move it to the desktop. I didn't seem to have any problems and my computer already seems to be running much better and faster and SO FAR no pop-ups when opening Chrome. I have the Log Report from running ComboFix and will post it if someone would PLEASE look at it and help me ensure it IS clear of all that garbage and mostly that my computer isn't going to crash when I uninstall ComboFix... AND, will I be able to efficiently uninstall it since it's not ON the desktop? Below are my DDS.txt and Attach.txt THANK YOU in advance for an help. Your the Tiny Elvis!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17496 BrowserJavaVersion: 10.71.2
Run by Annemarie at 22:36:29 on 2015-01-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3687.1958 [GMT -6:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Disabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\atieclxx.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
C:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
C:\Users\Annemarie\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\notepad.exe
C:\windows\explorer.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = http://www.google.com
uProxyOverride = <-loopback>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: {FB15427B-89A4-5618-6637-DB71AA7024FB} - <orphaned>
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\ANNEMA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Annemarie\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~1.LNK - C:\windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{17D7F07A-1B5C-489B-86BE-D10B071BEDDB} : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478}\051647279636B602341627E6569702C4962627162797 : DHCPNameServer = 208.67.222.222 208.67.220.220 68.105.28.12
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478}\2416B656270255E4944554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478}\34D455 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478}\3525341425D275962756C6563737 : DHCPNameServer = 192.168.189.50 192.168.189.1
TCP: Interfaces\{DB3286C1-F45A-46D2-A0EE-CBA2E4EFE478}\3547162744573747 : DHCPNameServer = 192.168.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = http://www.google.com
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [CDAServer] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2011-5-29 203776]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-10-23 2449592]
R2 LavasoftTcpService;LavasoftTcpService;C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [2014-12-16 1351512]
R2 Samsung Network Fax Server;Samsung Network Fax Server;C:\windows\System32\spool\drivers\x64\3\NetFaxServer64.exe [2013-12-11 506928]
R2 SearchProtectionService;IE Search Set;C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [2014-12-16 15208]
R2 SSPORT;SSPORT;C:\windows\System32\drivers\SSPORT.SYS [2013-4-10 11576]
R2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-9-17 5093216]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2011-5-29 116752]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-2-9 77424]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-5-29 38096]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-6-22 1109096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\windows\System32\drivers\hitmanpro37.sys [2015-1-14 43664]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-12-9 114688]
S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-5-29 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\windows\System32\drivers\rtsuvstor.sys [2011-5-29 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);C:\windows\System32\drivers\swnc8ua3.sys [2009-3-31 227840]
S3 SWUMXA3;Sierra Wireless USB MUX Driver (UMTSA3);C:\windows\System32\drivers\swumxa3.sys [2009-5-4 198528]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-7-17 1255736]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2015-01-15 04:00:56 -------- d-sh--w- C:\$RECYCLE.BIN
2015-01-15 02:16:07 43664 ----a-w- C:\windows\System32\drivers\hitmanpro37.sys
2015-01-15 01:35:33 -------- d-----w- C:\Users\Annemarie\AppData\Local\Lavasoft
2015-01-15 01:35:15 358736 ----a-w- C:\windows\System32\LavasoftTcpService64.dll
2015-01-15 01:35:11 312424 ----a-w- C:\windows\SysWow64\LavasoftTcpService.dll
2015-01-15 01:34:27 -------- d-----w- C:\Program Files (x86)\Lavasoft
2015-01-15 00:01:24 -------- d-----w- C:\windows\SysWow64\TrayIcons
2015-01-15 00:01:21 -------- d-----w- C:\cache
2015-01-15 00:00:01 1285259 ----a-w- C:\windows\shost.bin
2015-01-14 22:08:25 -------- d-----w- C:\Users\Annemarie\AppData\Local\Macromedia
2015-01-14 21:01:50 129752 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys
2015-01-14 21:01:05 93400 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2015-01-14 21:01:04 63704 ----a-w- C:\windows\System32\drivers\mwac.sys
2015-01-14 21:01:04 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-14 20:40:58 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C8DC31F-BB23-4303-80C5-C2FD06CFD728}\offreg.dll
2015-01-14 20:39:35 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9F5183AF-1AE9-417F-9DE0-7974E9FF1649}\gapaengine.dll
2015-01-14 20:39:01 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1C8DC31F-BB23-4303-80C5-C2FD06CFD728}\mpengine.dll
2015-01-14 20:36:41 5 ----a-w- C:\windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2015-01-14 15:18:56 -------- d-----w- C:\Users\Annemarie\AppData\Local\globalUpdate
2015-01-14 15:18:56 -------- d-----w- C:\Program Files (x86)\globalUpdate
2015-01-14 15:12:53 -------- d-----w- C:\Users\Annemarie\AppData\Local\Pro_PC_Cleaner
2015-01-14 07:54:05 52736 ----a-w- C:\windows\System32\TSWbPrxy.exe
2015-01-14 07:54:04 210432 ----a-w- C:\windows\System32\profsvc.dll
2015-01-14 07:54:03 52224 ----a-w- C:\windows\SysWow64\nlaapi.dll
2015-01-14 07:54:03 303616 ----a-w- C:\windows\System32\nlasvc.dll
2015-01-14 07:54:03 156672 ----a-w- C:\windows\SysWow64\ncsi.dll
2015-01-14 07:54:01 141312 ----a-w- C:\windows\System32\drivers\mrxdav.sys
2015-01-14 07:53:56 5553592 ----a-w- C:\windows\System32\ntoskrnl.exe
2015-01-14 07:53:54 3971512 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2015-01-14 07:53:53 3916728 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2015-01-14 07:53:51 503808 ----a-w- C:\windows\System32\srcore.dll
2015-01-14 07:53:51 296960 ----a-w- C:\windows\System32\rstrui.exe
2015-01-14 07:53:48 50176 ----a-w- C:\windows\System32\srclient.dll
2015-01-14 07:53:48 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2015-01-13 14:18:45 11870360 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-01-12 16:06:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2015-01-12 16:06:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2015-01-12 16:06:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2015-01-12 16:06:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2015-01-12 16:06:19 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2015-01-12 16:01:53 -------- d-----w- C:\Program Files\iPod
2015-01-12 16:01:51 -------- d-----w- C:\Program Files\iTunes
2015-01-11 11:42:34 98216 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-01-11 10:56:36 -------- d-----w- C:\Users\Annemarie\AppData\Local\Mozilla
2015-01-11 09:40:03 -------- d-----w- C:\ProgramData\APN
2014-12-18 04:43:25 115712 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-12-18 04:43:20 144384 ----a-w- C:\windows\System32\ieUnatt.exe
.
==================== Find3M ====================
.
2014-12-31 11:14:31 298120 ------w- C:\windows\System32\MpSigStub.exe
2014-12-04 02:50:55 413184 ----a-w- C:\windows\System32\generaltel.dll
2014-12-04 02:50:45 741376 ----a-w- C:\windows\System32\invagent.dll
2014-12-04 02:50:40 396800 ----a-w- C:\windows\System32\devinv.dll
2014-12-04 02:50:38 830976 ----a-w- C:\windows\System32\appraiser.dll
2014-12-04 02:50:37 227328 ----a-w- C:\windows\System32\aepdu.dll
2014-12-04 02:50:37 192000 ----a-w- C:\windows\System32\aepic.dll
2014-12-04 02:44:48 1083392 ----a-w- C:\windows\System32\aeinv.dll
2014-12-01 23:28:44 1232040 ----a-w- C:\windows\System32\aitstatic.exe
2014-11-22 03:06:23 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-11-22 03:06:11 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-11-22 02:50:39 66560 ----a-w- C:\windows\System32\iesetup.dll
2014-11-22 02:50:10 580096 ----a-w- C:\windows\System32\vbscript.dll
2014-11-22 02:49:54 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-11-22 02:48:20 88064 ----a-w- C:\windows\System32\MshtmlDac.dll
2014-11-22 02:35:29 114688 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-11-22 02:34:51 814080 ----a-w- C:\windows\System32\jscript9diag.dll
2014-11-22 02:34:07 6039552 ----a-w- C:\windows\System32\jscript9.dll
2014-11-22 02:26:31 968704 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe
2014-11-22 02:20:44 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-11-22 02:14:16 77824 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll
2014-11-22 02:07:43 501248 ----a-w- C:\windows\SysWow64\vbscript.dll
2014-11-22 02:07:17 62464 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-11-22 02:06:32 47616 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-11-22 02:05:02 64000 ----a-w- C:\windows\SysWow64\MshtmlDac.dll
2014-11-22 01:54:30 620032 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-11-22 01:47:10 1359360 ----a-w- C:\windows\System32\mshtmlmedia.dll
2014-11-22 01:46:58 2125312 ----a-w- C:\windows\System32\inetcpl.cpl
2014-11-22 01:40:04 60416 ----a-w- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-22 01:29:26 4299264 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-11-22 01:28:21 2358272 ----a-w- C:\windows\System32\wininet.dll
2014-11-22 01:22:49 2052096 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-11-22 01:21:57 1155072 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2014-11-22 01:00:20 1888256 ----a-w- C:\windows\SysWow64\wininet.dll
2014-11-21 12:14:08 25816 ----a-w- C:\windows\System32\drivers\mbam.sys
2014-11-11 03:09:06 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll
2014-11-11 03:08:52 241152 ----a-w- C:\windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\windows\SysWow64\charmap.exe
2014-10-25 01:57:59 77824 ----a-w- C:\windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\windows\System32\oleaut32.dll
2014-10-18 02:05:21 4121600 ----a-w- C:\windows\System32\mf.dll
2014-10-18 01:33:18 571904 ----a-w- C:\windows\SysWow64\oleaut32.dll
2014-10-18 01:33:13 3209728 ----a-w- C:\windows\SysWow64\mf.dll
.
============= FINISH: 22:36:53.46 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/21/2011 2:51:06 PM
System Uptime: 1/14/2015 9:51:10 PM (1 hours ago)
.
Motherboard: AMD | | Inagua
Processor: AMD E-350 Processor | Socket FT1 | 1600/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 316.782 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP399: 1/1/2015 12:13:16 PM - Windows Update
RP400: 1/4/2015 5:50:05 PM - Windows Update
RP401: 1/6/2015 8:18:36 PM - Installed QuickTime 7
RP402: 1/8/2015 9:07:52 AM - Windows Update
RP403: 1/11/2015 3:42:20 AM - Installed Java 7 Update 71
RP404: 1/11/2015 4:46:57 AM - Removed Java 7 Update 71
RP405: 1/11/2015 4:48:33 AM - Installed Java 7 Update 71
RP406: 1/11/2015 5:05:44 AM - Removed Java 7 Update 71
RP407: 1/11/2015 5:06:39 AM - Installed Java 7 Update 71
RP408: 1/11/2015 5:12:33 AM - Removed Java 8 Update 25
RP409: 1/11/2015 5:37:47 AM - Removed Java 7 Update 71
RP410: 1/11/2015 5:41:53 AM - Installed Java 7 Update 71
RP411: 1/12/2015 5:27:41 AM - Windows Update
RP412: 1/14/2015 3:00:16 AM - Windows Update
RP413: 1/14/2015 9:21:39 AM - Installed Java 7 Update 65
RP414: 1/14/2015 2:36:03 PM - Removed MOTOROLA MEDIA LINK.
RP415: 1/14/2015 7:33:40 PM - LavasoftWeCompanion
RP416: 1/14/2015 8:19:00 PM - Removed Citrix Online Launcher
RP417: 1/14/2015 8:22:28 PM - Removed Google Earth.
RP419: 1/14/2015 8:35:33 PM - Checkpoint by HitmanPro
RP421: 1/14/2015 8:36:06 PM - Checkpoint by HitmanPro
RP423: 1/14/2015 8:36:39 PM - Checkpoint by HitmanPro
RP425: 1/14/2015 8:37:11 PM - Checkpoint by HitmanPro
RP427: 1/14/2015 8:37:57 PM - Checkpoint by HitmanPro
.
==== Installed Programs ======================
.
Ad-Aware Web Companion
Adobe Acrobat XI Pro
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader X (10.1.9)
Adobe Refresh Manager
AmericasCardroom
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASPCA Reminder by We-Care.com v4.1.17.1
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATI Catalyst Install Manager
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Common Desktop Agent
Conexant HD Audio
D3DX10
Dropbox
Google Apps Sync™ for Microsoft Outlook® 3.5.385.1020
Google Chrome
Google Drive
iPhoneSMSExport
iTunes
Java 7 Update 65
Java 7 Update 71
Java Auto Updater
Junk Mail filter update
Label@Once 1.0
LavasoftTcpService
Lawn Care Calculator
Lawn Care Letter Writer
Malwarebytes Anti-Malware version 2.0.4.1028
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office Home and Business 2013 - en-us
Microsoft OneDrive
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MotoHelper MergeModules
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NightScaper 1.0
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
PrintMaster 2.0 Platinum
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek USB 2.0 Reader Driver
Realtek WLAN Driver
RealUpgrade 1.1
Samsung C460 Series
Samsung Easy Document Creator
Samsung Easy Printer Manager
Samsung Easy Wireless Setup
Samsung Network PC Fax
Samsung Printer Live Update
Samsung Scan Process Machine
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Skype Click to Call
Skype Launcher
Skype™ 6.22
SNS Upload for Easy Document Creator
Synaptics Pointing Device Driver
TeamViewer 8
TOSHIBA Disc Creator
TOSHIBA Hardware Setup
TOSHIBA Media Controller
TOSHIBA Recovery Media Creator
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
View User's Guide
VoiceOver Kit
Web Companion
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WMV9/VC-1 Video Playback
zipForm6
.
==== Event Viewer Messages From Past Week ========
.
1/14/2015 9:50:35 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
1/14/2015 5:00:34 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the cozaghost service to connect.
1/14/2015 5:00:34 PM, Error: Service Control Manager [7000] - The cozaghost service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/14/2015 10:01:03 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
1/14/2015 10:01:03 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
1/14/2015 10:01:03 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
1/12/2015 9:12:37 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: After starting, the service hung in a start-pending state.
1/12/2015 9:12:33 PM, Error: Service Control Manager [7022] - The Peer Name Resolution Protocol service hung on starting.
.
==== End Of File ===========================