Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need a cleaning [Closed]

Started by sunnyspride21 , Dec 17 2013 02:32 PM

  • This topic is locked This topic is locked

#1
sunnyspride21
Posted 17 December 2013 - 02:32 PM

sunnyspride21

    New Member

  • Member
  • Pip
  • 5 posts
Hello,

I need some help with my computer and my daughter said you could probably help me. I have never done this before...

My computer is running very slow. Takes a little while to turn on the computer and takes a while to open programs. I probably have lots of adware, malware and shareware.

I would appreciate any help you can give me.

Thanks, Courtney
  • 0

Advertisements

#2
sunnyspride21
Posted 17 December 2013 - 02:35 PM

sunnyspride21

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Also, we are having trouble connecting to our wireless network. Don't know if it's our computer or maybe something blocking the connection.

Thanks, Courtney
  • 0

#3
Buddierdl
Posted 17 December 2013 - 05:44 PM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hello and welcome to Geeks to Go. I am sorry that you are having troubles with your computer and will try my best to help you. I know that being infected is very frustrating, but I will be here to help you through the whole process of cleaning. Removing malware can be difficult and complicated and will most likely take many steps, so please stick with me until I have declared your computer clean. I always recommend printing my instructions before following them in case you cannot keep this webpage open. Please be sure to alway follow all steps exactly as they are written and let me know what happens each time. Stop and ask if something unexpected happens or if you are unsure of how to proceed.

Please respect my volunteered time and stay with me until I declare your computer clean. If you are going to be delayed for a while, please let me know.

Let's take a look.


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

  • 0

#4
sunnyspride21
Posted 18 December 2013 - 09:13 PM

sunnyspride21

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-12-2013 05
Ran by Theresa (administrator) on THERESA-PC on 18-12-2013 20:00:01
Running from C:\Users\Theresa\Downloads
Microsoft® Windows Vista™ Home Premium (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
() C:\Program Files\Hp\QuickPlay\Kernel\TV\CLSched.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Co.) C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
(CyberLink Corp.) C:\Program Files\Hp\QuickPlay\QPService.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0\bin\jusched.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
() C:\Program Files\Logitech\QuickCam\Quickcam.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
(Logitech, Inc.) C:\Program Files\Logitech\QuickCam\LU\LULnchr.exe
(Logitech, Inc.) C:\Program Files\Logitech\QuickCam\LU\LogitechUpdate.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1006264 2011-06-28] (Microsoft Corporation)
HKLM\...\Run: [NvSvc] - RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [827392 2007-01-12] (Synaptics, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe [49152 2005-02-16] (Hewlett-Packard Co.)
HKLM\...\Run: [QPService] - C:\Program Files\Hp\QuickPlay\QPService.exe [176128 2007-03-28] (CyberLink Corp.)
HKLM\...\Run: [QlbCtrl] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [159744 2007-02-13] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] - C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [50696 2007-03-12] (Hewlett-Packard)
HKLM\...\Run: [hpWirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [472776 2007-03-01] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WAWifiMessage] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [317128 2007-01-10] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0\bin\jusched.exe [77824 2007-08-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [AVP] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [340520 2011-06-28] (Kaspersky Lab)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] - C:\Program Files\Zune\ZuneLauncher.exe [159456 2011-08-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-03-27] (Apple Inc.)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [565008 2008-08-14] ()
HKLM\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\QuickCam\Quickcam.exe [2407184 2008-08-14] ()
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-29] ()
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44128 2006-11-07] (soft thinks)
Winlogon\Notify\klogon: C:\WINDOWS\System32\klogon.dll (Kaspersky Lab)
HKCU\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKCU\...\Run: [HPAdvisor] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1773568 2007-03-20] (Hewlett-Packard)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [17875120 2012-10-19] (Skype Technologies S.A.)
HKCU\...\Run: [ehTray.exe] - C:\WINDOWS\ehome\ehtray.exe [125440 2006-11-02] (Microsoft Corporation)
HKCU\...\Run: [SearchProtection] - "C:\Users\Theresa\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
MountPoints2: {a4f6ceba-a1d9-11e0-8b6e-001b2458bb93} - H:\TL-Bootstrap.exe
MountPoints2: {a4f6cf56-a1d9-11e0-8b6e-001b2458bb93} - G:\Connect.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [ 2007-03-20] (Hewlett-Packard)
AppInit_DLLs: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\mzvkbd3.dll [ 2011-06-28] (Kaspersky Lab)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.golsearch...120004&tsp=4991
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {274E0134-2F73-40B2-AB24-2B3BC4130D74} URL = http://search.live.c...#38;FORM=HVNUS7
SearchScopes: HKLM - {A22368BD-E9FE-40DC-B79C-384FF6A06A1B} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKLM - {B8760B25-9758-475A-A0C4-AF445277877B} URL = http://search.yahoo....ing}&fr=hp-pvnb
SearchScopes: HKCU - {A22368BD-E9FE-40DC-B79C-384FF6A06A1B} URL = http://www.ask.com/w...}&l=dis&o=ushpl
SearchScopes: HKCU - {B8760B25-9758-475A-A0C4-AF445277877B} URL = http://search.yahoo....p={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: IEVkbdBHO Class - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll (Kaspersky Lab)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: FilterBHO Class - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll (Kaspersky Lab)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Chrome:
=======
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Extension: (Google Docs) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1
CHR Extension: (YouTube) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_1
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0
CHR Extension: (Gmail) - C:\Users\Theresa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx

========================== Services (Whitelisted) =================

R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [340520 2011-06-28] (Kaspersky Lab)
R2 CLCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [270431 2007-03-28] ()
R2 CLSched; C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [118877 2007-03-28] ()
S3 Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [110592 2007-01-09] (Hewlett-Packard Development Company, L.P.)
R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
S3 IDriverT; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
R2 LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [186904 2008-07-26] (Logitech Inc.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
S2 SymAppCore; "c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" [x]
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-12-05] (AVG Technologies)
R1 eabfiltr; C:\Windows\System32\DRIVERS\eabfiltr.sys [8192 2006-11-30] (Hewlett-Packard Development Company, L.P.)
R3 HdAudAddService; C:\Windows\System32\drivers\CHDART.sys [159232 2007-02-22] (Conexant Systems Inc.)
S3 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20070108.003\IDSvix86.sys [212280 2006-12-28] (Symantec Corporation)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [128016 2009-09-01] (Kaspersky Lab)
R0 klbg; C:\Windows\System32\drivers\klbg.sys [36880 2009-10-14] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [311312 2011-06-28] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [21520 2009-09-14] (Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [19472 2009-10-02] (Kaspersky Lab)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25624 2008-07-26] ()
S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [115000 2007-08-29] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S1 eeCtrl; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-18 20:00 - 2013-12-18 20:01 - 00015417 _____ C:\Users\Theresa\Downloads\FRST.txt
2013-12-18 19:59 - 2013-12-18 19:59 - 00000000 ____D C:\FRST
2013-12-18 19:54 - 2013-12-18 19:57 - 01325654 _____ (Farbar) C:\Users\Theresa\Downloads\FRST.exe
2013-12-18 19:44 - 2013-12-18 19:52 - 02192805 _____ (Farbar) C:\Users\Theresa\Downloads\FRST64.exe
2013-12-18 19:32 - 2013-12-18 19:32 - 00000034 _____ C:\Windows\setupact.log
2013-12-18 19:32 - 2013-12-18 19:32 - 00000000 _____ C:\Windows\setuperr.log
2013-12-17 12:35 - 2013-12-17 12:44 - 00000000 ____D C:\AdwCleaner
2013-12-17 12:21 - 2013-12-17 12:24 - 01226802 _____ C:\Users\Theresa\Downloads\adwcleaner.exe
2013-12-17 12:08 - 2013-12-17 12:09 - 00000000 ____D C:\Program Files\CCleaner
2013-12-17 12:08 - 2013-12-17 12:08 - 00000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-17 11:56 - 2013-12-17 12:06 - 04618136 _____ (Piriform Ltd) C:\Users\Theresa\Downloads\ccsetup408.exe
2013-12-07 18:56 - 2013-12-07 18:56 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-07 18:52 - 2013-12-07 18:52 - 00000000 _____ C:\Users\Theresa\AppData\Local\FnF4.txt
2013-12-05 18:49 - 2013-12-05 18:48 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-12-05 18:48 - 2013-12-05 18:48 - 00000990 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-12-03 14:57 - 2013-12-05 17:34 - 00009074 _____ C:\Users\Theresa\Documents\copa list.xlsx

==================== One Month Modified Files and Folders =======

2013-12-18 20:01 - 2013-12-18 20:00 - 00015417 _____ C:\Users\Theresa\Downloads\FRST.txt
2013-12-18 19:59 - 2013-12-18 19:59 - 00000000 ____D C:\FRST
2013-12-18 19:57 - 2013-12-18 19:54 - 01325654 _____ (Farbar) C:\Users\Theresa\Downloads\FRST.exe
2013-12-18 19:55 - 2007-08-29 09:27 - 01902658 _____ C:\Windows\WindowsUpdate.log
2013-12-18 19:52 - 2013-12-18 19:44 - 02192805 _____ (Farbar) C:\Users\Theresa\Downloads\FRST64.exe
2013-12-18 19:46 - 2012-12-07 16:55 - 00000888 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-18 19:36 - 2011-07-06 09:09 - 00071269 _____ C:\Users\Theresa\AppData\Roaming\nvModes.dat
2013-12-18 19:36 - 2011-07-06 09:09 - 00071269 _____ C:\Users\Theresa\AppData\Roaming\nvModes.001
2013-12-18 19:32 - 2013-12-18 19:32 - 00000034 _____ C:\Windows\setupact.log
2013-12-18 19:32 - 2013-12-18 19:32 - 00000000 _____ C:\Windows\setuperr.log
2013-12-18 19:31 - 2012-10-16 16:06 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\Skype
2013-12-18 19:31 - 2006-11-02 05:47 - 00003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 19:31 - 2006-11-02 05:47 - 00003072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-17 13:56 - 2012-12-07 17:33 - 00000000 ___RD C:\Users\Theresa\Desktop\New Folder
2013-12-17 12:51 - 2011-06-28 16:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-17 12:51 - 2007-08-29 08:28 - 00000146 _____ C:\Users\Public\Documents\hpqp.ini
2013-12-17 12:49 - 2007-08-29 08:55 - 00000000 ____D C:\Windows\SMINST
2013-12-17 12:48 - 2012-12-07 16:55 - 00000884 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-17 12:48 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-17 12:46 - 2006-11-02 06:01 - 00032650 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-12-17 12:44 - 2013-12-17 12:35 - 00000000 ____D C:\AdwCleaner
2013-12-17 12:24 - 2013-12-17 12:21 - 01226802 _____ C:\Users\Theresa\Downloads\adwcleaner.exe
2013-12-17 12:13 - 2012-10-24 21:54 - 00000000 ____D C:\Users\Theresa\AppData\Roaming\uTorrent
2013-12-17 12:12 - 2013-02-17 14:04 - 00000000 ____D C:\Windows\Minidump
2013-12-17 12:12 - 2007-08-29 07:33 - 00000000 ____D C:\Windows\panther
2013-12-17 12:09 - 2013-12-17 12:08 - 00000000 ____D C:\Program Files\CCleaner
2013-12-17 12:08 - 2013-12-17 12:08 - 00000804 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-17 12:06 - 2013-12-17 11:56 - 04618136 _____ (Piriform Ltd) C:\Users\Theresa\Downloads\ccsetup408.exe
2013-12-16 16:55 - 2006-11-02 03:33 - 00716948 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-13 17:32 - 2007-08-29 08:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-13 17:28 - 2013-08-18 17:07 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 17:05 - 2006-11-02 03:24 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-07 18:56 - 2013-12-07 18:56 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-07 18:52 - 2013-12-07 18:52 - 00000000 _____ C:\Users\Theresa\AppData\Local\FnF4.txt
2013-12-05 18:48 - 2013-12-05 18:49 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-12-05 18:48 - 2013-12-05 18:48 - 00000990 _____ C:\Users\Public\Desktop\GOM Player.lnk
2013-12-05 18:48 - 2013-06-09 08:31 - 00001014 _____ C:\Users\Theresa\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2013-12-05 18:20 - 2011-10-11 15:37 - 00023040 _____ C:\Users\Theresa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-05 17:34 - 2013-12-03 14:57 - 00009074 _____ C:\Users\Theresa\Documents\copa list.xlsx
2013-11-19 03:33 - 2011-06-28 20:14 - 00230048 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Theresa\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-17 12:58

==================== End Of Log ============================







Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-12-2013 05
Ran by Theresa at 2013-12-18 20:01:54
Running from C:\Users\Theresa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (HKCU Version: 3.3.2.30303)
AC3Filter 2.5b (Version: 2.5b)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Reader 8 (Version: 8.0.0)
AppCore (Version: 1)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 4.08)
Conexant HD Audio
CoreAAC
DivX Setup (Version: 2.6.1.22)
ESU for Microsoft Vista (Version: 2.0.1.1)
eType version 2.0 (Version: 2.0)
GOM Player (Version: 2.2.53.5169)
GOM Video Converter (Version: 1.1.0.58)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
HP Active Support Library (Version: 2.0.9.1)
HP Active Support Library 32 bit components (Version: 1.0.9)
HP Customer Experience Enhancements (Version: 5.1.0.2278)
HP Easy Setup - Frontend (Version: 5.1.0.2279)
HP Help and Support (Version: 1.1.0)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Quick Launch Buttons 6.20 B1 (Version: 6.20 B1)
HP QuickPlay 3.2
HP Total Care Advisor (Version: 1.1.19)
HP Update (Version: 4.000.005.007)
HP User Guide 0042 (Version: 1.01.0007)
HP Wireless Assistant (Version: 3.00 F1)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
HPNetworkAssistant (Version: 1.1.70)
iTunes (Version: 10.6.1.7)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
Kaspersky Anti-Virus 2010 (Version: 9.0.0.736)
LightScribe 1.4.136.1 (Version: 1.4.136.1)
Logitech QuickCam (Version: 11.80.1065)
Logitech QuickCam Driver Package
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 08.05.0818)
MSCU for Microsoft Vista (Version: 1.0.1.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.0 (Version: 6.00.050)
My HP Games (Version: HPLAP0503)
Norton Internet Security (Version: 10.2.0.30)
NVIDIA Drivers
PSSWCORE (Version: 2.00.5000)
Rhapsody Player Engine (Version: 1.0.604)
Roxio Activation Module (Version: 1.0)
Search Protection (HKCU Version: 7.5.0.1)
Skype Click to Call (Version: 6.13.13771)
Skype™ 6.0 (Version: 6.0.120)
Synaptics Pointing Device Driver (Version: 9.1.11.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Windows Mobile Device Updater Component (Version: 04.08.2345.00)
Zune (Version: 04.08.2345.00)
Zune Language Pack (CHS) (Version: 04.08.2345.00)
Zune Language Pack (CHT) (Version: 04.08.2345.00)
Zune Language Pack (CSY) (Version: 04.08.2345.00)
Zune Language Pack (DAN) (Version: 04.08.2345.00)
Zune Language Pack (DEU) (Version: 04.08.2345.00)
Zune Language Pack (ELL) (Version: 04.08.2345.00)
Zune Language Pack (ESP) (Version: 04.08.2345.00)
Zune Language Pack (FIN) (Version: 04.08.2345.00)
Zune Language Pack (FRA) (Version: 04.08.2345.00)
Zune Language Pack (HUN) (Version: 04.08.2345.00)
Zune Language Pack (IND) (Version: 04.08.2345.00)
Zune Language Pack (ITA) (Version: 04.08.2345.00)
Zune Language Pack (JPN) (Version: 04.08.2345.00)
Zune Language Pack (KOR) (Version: 04.08.2345.00)
Zune Language Pack (MSL) (Version: 04.08.2345.00)
Zune Language Pack (NLD) (Version: 04.08.2345.00)
Zune Language Pack (NOR) (Version: 04.08.2345.00)
Zune Language Pack (PLK) (Version: 04.08.2345.00)
Zune Language Pack (PTB) (Version: 04.08.2345.00)
Zune Language Pack (PTG) (Version: 04.08.2345.00)
Zune Language Pack (RUS) (Version: 04.08.2345.00)
Zune Language Pack (SVE) (Version: 04.08.2345.00)

==================== Restore Points =========================

11-10-2013 17:10:38 Windows Update
12-10-2013 00:01:11 Windows Update
15-10-2013 09:32:06 Windows Update
18-10-2013 09:00:04 Windows Update
22-10-2013 23:30:06 Windows Update
25-10-2013 14:21:28 Windows Update
29-10-2013 17:18:45 Windows Update
08-11-2013 04:43:04 Windows Update
03-12-2013 19:25:08 Windows Update
04-12-2013 00:01:04 Windows Update
06-12-2013 06:13:31 Windows Update
13-12-2013 19:52:32 Windows Update
14-12-2013 00:01:00 Windows Update

==================== Hosts content: ==========================

2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03655989-920A-4415-93A4-5B5562676617} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {0CF24123-F5B9-4314-B7FF-3A4BC5E91ACA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2360EF66-4E92-42CB-A042-68EB26A8F95C} - System32\Tasks\HP Health Check => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12] (Hewlett-Packard)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\WINDOWS\System32\RacAgent.exe [2006-11-02] (Microsoft Corporation)
Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {B90DB697-885C-4650-8DD6-38D20D595BE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BDFE0205-34C3-4E8E-8A0E-D396D9D20AA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {CADA6275-7F2D-4AD4-80FA-90E810D1559D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\WINDOWS\System32\gatherWirelessInfo.vbs [2006-11-02] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-07-26 08:24 - 2008-07-26 08:24 - 00068120 _____ () C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
2007-08-29 08:28 - 2007-03-28 17:45 - 00114783 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
2007-08-29 08:28 - 2007-03-28 17:45 - 00032768 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2007-08-29 08:28 - 2007-03-28 17:45 - 00233573 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2007-08-29 08:28 - 2007-03-28 17:45 - 00339968 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-14 17:11 - 2008-08-14 17:11 - 00345872 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\DevMngr.dll
2008-08-14 17:12 - 2008-08-14 17:12 - 00167184 _____ () C:\Program Files\Logitech\QuickCam\EFVal.dll
2008-08-14 17:13 - 2008-08-14 17:13 - 00138000 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless.dll
2008-08-14 17:13 - 2008-08-14 17:13 - 00165136 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiCordless4001.dll
2008-08-14 17:13 - 2008-08-14 17:13 - 00149264 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LogiVOIPDevicePlugin.dll
2008-08-14 17:22 - 2008-08-14 17:22 - 00112912 _____ () C:\Program Files\Logitech\QuickCam\LAppRes.dll
2012-11-29 19:07 - 2012-11-29 19:07 - 00100248 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2011-07-06 10:00 - 2011-07-06 10:00 - 00054272 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingMessages\107fc7fa0ab5180adcef63c540a9cc38\MessagingMessages.ni.dll
2011-07-06 10:00 - 2011-07-06 10:00 - 00017408 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingInterface\948ed4e9d5c298d1772f6da4578c5b1e\MessagingInterface.ni.dll
2011-07-06 10:00 - 2011-07-06 10:00 - 00090624 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingServer\44153f35464f059683be145022bee0d0\MessagingServer.ni.dll
2007-03-20 13:51 - 2007-03-20 13:51 - 00053248 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2006-11-01 23:47 - 2006-11-02 02:46 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2011-07-06 10:00 - 2011-07-06 10:00 - 00064000 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\MessagingClients\7347e5410f49733b9b91e9e28fd9b1bb\MessagingClients.ni.dll
2011-07-06 10:00 - 2011-07-06 10:00 - 00019968 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\RemotingClient\fe374fff86d0d2c17496a5b6506e247a\RemotingClient.ni.dll
2007-08-29 08:27 - 2007-03-28 17:44 - 00061440 _____ () C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
2013-12-04 14:00 - 2013-12-03 19:48 - 04055504 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-04 14:00 - 2013-12-03 19:48 - 00399312 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-04 13:59 - 2013-12-03 19:47 - 01619408 _____ () C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2013 07:36:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2215

Error: (12/18/2013 07:36:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2215

Error: (12/18/2013 07:36:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/18/2013 07:36:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045

Error: (12/18/2013 07:36:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045

Error: (12/18/2013 07:36:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/18/2013 08:02:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (12/18/2013 08:02:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (12/18/2013 08:02:13 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/18/2013 08:02:12 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8580


System errors:
=============
Error: (12/13/2013 00:36:01 PM) (Source: DCOM) (User: )
Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (12/13/2013 00:36:00 PM) (Source: Service Control Manager) (User: )
Description: Google Update Service (gupdate)%%1053

Error: (12/13/2013 00:35:39 PM) (Source: Service Control Manager) (User: )
Description: 30000Google Update Service (gupdate)

Error: (12/13/2013 00:34:57 PM) (Source: netbt) (User: )
Description: Initialization failed because the transport refused to open initial addresses.

Error: (12/13/2013 00:34:59 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001B2458BB93. The following error occurred:
%%258. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Error: (12/07/2013 07:04:58 PM) (Source: Service Control Manager) (User: )
Description: eeCtrl

Error: (12/07/2013 07:04:58 PM) (Source: Service Control Manager) (User: )
Description: CyberLink Task Scheduler (CTS)CyberLink Background Capture Service (CBCS)%%1070

Error: (12/07/2013 07:04:58 PM) (Source: Service Control Manager) (User: )
Description: CyberLink Background Capture Service (CBCS)

Error: (12/07/2013 07:01:27 PM) (Source: ACPI) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 3, function 0.
Please contact your system vendor for technical assistance.

Error: (12/07/2013 07:01:27 PM) (Source: ACPI) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 2, function 0.
Please contact your system vendor for technical assistance.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-12-18 20:01:07.296
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:07.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:07.173
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:07.111
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klmouflt.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:06.813
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:06.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:06.646
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-18 20:01:06.562
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\klif.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-12-17 12:48:02.634
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-12-07 19:01:59.261
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 78%
Total physical RAM: 958 MB
Available physical RAM: 208.58 MB
Total Pagefile: 2164.71 MB
Available Pagefile: 697.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:142.02 GB) (Free:65.5 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:7.03 GB) (Free:0.59 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149 GB) (Disk ID: F1EB0C7D)
Partition 1: (Active) - (Size=142 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
  • 0

#5
Buddierdl
Posted 19 December 2013 - 09:24 AM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Let's start with this:


Step 1: Run FRST fix.

Please move FRST.exe to you desktop from your downloads folder (C:\Users\Theresa\Downloads). Also, save the attached fixlist.txt to your desktop. Then run FRST again and select "Fix" this time. Post the resulting fixlog.txt. Attached File  fixlist.txt   708bytes   115 downloads

Step 2: Run JRT.


Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3: Remove security program remnants. It seems that you are running Kaspersky as your anti-virus right now, but you have remnants from Norton and AVG. Please run the two tools below to remover the remnants.

Norton Removal Tool

AVG Removal Tool



Things I need in your next reply:
  • OTL fix log
  • adwCleaner log
  • JRT log
  • Is your computer running any better?

  • 0

#6
Buddierdl
Posted 07 January 2014 - 02:14 PM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#7
Dakeyras
Posted 24 January 2014 - 04:04 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Topic re-opened per OP's request...
  • 0

#8
Buddierdl
Posted 24 January 2014 - 08:12 AM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi sunnyspride21,

Welcome back. Since it has been awhile, let's get a fresh scan.


Please download the latest Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

  • 0

#9
Buddierdl
Posted 01 February 2014 - 11:47 AM

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP