Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Wireless Internet is slow

Started by saleenboy87146 , Sep 13 2014 12:03 PM

  • Please log in to reply

#1
saleenboy87146
Posted 13 September 2014 - 12:03 PM

saleenboy87146

    Member

  • Member
  • PipPip
  • 66 posts

Our internet service is between 25 and 30 mbs.  I used to average between 10 to 15 mbs wireless.   The last few days I have been averaging 1 or less.    

 

If I plug in directly to the router I see 25+.  I swapped out the wireless card with another card I already had and still very slow.

 

My OTL log is below.

 

 

 

 

OTL logfile created on: 9/13/2014 10:12:11 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Scott\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.99 Gb Total Physical Memory | 1.76 Gb Available Physical Memory | 58.89% Memory free
5.98 Gb Paging File | 4.41 Gb Available in Paging File | 73.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232.79 Gb Total Space | 195.35 Gb Free Space | 83.92% Space Free | Partition Type: NTFS
 
Computer Name: SCOTT-PC | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/13 10:09:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Downloads\OTL.exe
PRC - [2014/09/03 22:01:19 | 000,852,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2014/08/22 12:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2014/08/22 12:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2014/08/22 12:41:00 | 000,974,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/05/23 20:27:28 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/05/12 07:24:34 | 006,970,168 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/05/08 08:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2014/03/20 06:05:00 | 001,669,976 | ---- | M] (Lenovo) -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2014/03/20 06:05:00 | 000,127,832 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
PRC - [2013/10/29 12:11:08 | 000,330,744 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
PRC - [2013/05/24 11:02:06 | 000,116,216 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe
PRC - [2013/05/24 11:02:06 | 000,085,496 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\shtctky.exe
PRC - [2013/05/22 16:17:54 | 000,138,680 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\ZOOM\TpScrex.exe
PRC - [2013/05/22 16:17:54 | 000,125,504 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2013/05/22 16:17:54 | 000,069,568 | ---- | M] (Lenovo Group Limited) -- C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2013/04/24 01:23:04 | 000,134,896 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2008/07/15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/09/03 22:01:18 | 000,331,592 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppgooglenaclpluginchrome.dll
MOD - [2014/09/03 22:01:17 | 014,891,848 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
MOD - [2014/09/03 22:01:16 | 008,577,864 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
MOD - [2014/09/03 22:01:09 | 001,660,232 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2014/03/20 06:05:00 | 000,095,232 | ---- | M] () -- C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
MOD - [2014/02/10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014/02/10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\Scott\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SDScannerService)
SRV - [2014/08/22 12:44:44 | 000,022,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2014/08/22 12:44:40 | 000,288,120 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2014/08/18 16:36:05 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/05/23 19:52:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2014/05/12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/05/12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/05/08 08:48:38 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/03/20 06:05:00 | 001,669,976 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2014/03/20 06:05:00 | 001,664,856 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\PWMEWSVC.exe -- (PwmEWSvc)
SRV - [2014/03/20 06:05:00 | 000,280,624 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE -- (DozeSvc)
SRV - [2014/02/21 13:39:52 | 000,024,120 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/24 11:02:06 | 000,116,216 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\tphkload.exe -- (TPHKLOAD)
SRV - [2013/05/22 16:17:54 | 000,127,072 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Program Files\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2013/05/22 16:17:54 | 000,125,504 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2008/07/15 17:09:52 | 000,090,112 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2014/09/13 09:55:05 | 000,110,296 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/07/17 18:05:08 | 000,095,920 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2014/05/12 07:26:08 | 000,051,928 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/05/12 07:25:54 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/03/20 06:05:00 | 000,025,416 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\DOZEHDD.SYS -- (DozeHDD)
DRV - [2014/03/20 06:05:00 | 000,019,712 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\TPPWR32V.SYS -- (TPPWRIF)
DRV - [2013/10/25 02:32:08 | 000,139,776 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2plx86)
DRV - [2013/10/01 19:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/05/22 16:17:54 | 000,013,680 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\System32\drivers\smiif32.sys -- (lenovo.smi)
DRV - [2012/10/30 09:22:32 | 000,232,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6232.sys -- (e1express)
DRV - [2012/08/23 09:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2011/03/15 00:11:10 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV - [2010/11/20 16:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 16:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2009/07/13 18:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2007/02/19 00:56:46 | 000,021,376 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\psadd.sys -- (psadd)
DRV - [2006/11/27 17:44:52 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1B 81 FC 22 DF 76 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: https://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SDTray] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA29E59F-E674-45A0-A30E-6FB950AB0AAC}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/13 09:33:09 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\SlimWare Utilities Inc
[2014/09/13 09:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
[2014/09/13 09:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\SlimCleaner
[2014/09/13 09:30:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
[2014/09/11 21:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/09/11 21:45:12 | 000,018,968 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe
[2014/09/11 21:45:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/09/11 21:44:57 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[2014/09/11 21:11:54 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/09/11 19:40:42 | 000,110,296 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/09/11 19:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/09/11 19:39:57 | 000,074,456 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/09/11 19:39:57 | 000,051,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/09/11 19:39:57 | 000,023,256 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/09/11 19:39:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/09/11 19:39:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/21 07:03:17 | 000,000,000 | ---D | C] -- C:\Users\Scott\Documents\Maps
[2014/08/19 14:10:59 | 000,000,000 | ---D | C] -- C:\Users\Scott\Documents\Vacation 2014
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/13 10:11:45 | 000,001,083 | ---- | M] () -- C:\Users\Scott\Desktop\OTL - Shortcut.lnk
[2014/09/13 10:01:36 | 000,028,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/13 10:01:36 | 000,028,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/13 09:55:05 | 000,110,296 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/09/13 09:54:25 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/13 09:53:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/13 09:53:47 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/13 09:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/13 09:30:44 | 000,002,455 | ---- | M] () -- C:\Users\Public\Desktop\SlimCleaner.lnk
[2014/09/13 09:23:21 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/09/11 21:45:28 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/09/11 19:47:21 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/09/11 19:40:15 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/09/11 19:39:58 | 000,661,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/09/11 19:39:58 | 000,121,730 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/08/30 17:02:38 | 000,437,401 | ---- | M] () -- C:\Users\Scott\Documents\IMG_6967.JPG
[2014/08/30 17:02:38 | 000,384,309 | ---- | M] () -- C:\Users\Scott\Documents\IMG_6966.JPG
[2014/08/29 15:38:18 | 000,333,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/08/25 17:40:17 | 000,036,864 | ---- | M] () -- C:\Users\Scott\Documents\Accounting 2010.xlr
[2014/08/24 14:29:36 | 000,108,790 | ---- | M] () -- C:\Users\Scott\Documents\Illinois Tollway.pdf
[2014/08/22 08:13:51 | 000,173,620 | ---- | M] () -- C:\Users\Scott\Documents\Booking.pdf
[2014/08/14 18:49:40 | 000,474,521 | ---- | M] () -- C:\Users\Scott\Documents\Mopar Parts Store - Dodge Parts, Chrysler Parts, Jeep Parts, Ram Truck Parts and Accessories for Sale online.pdf
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/13 10:11:45 | 000,001,083 | ---- | C] () -- C:\Users\Scott\Desktop\OTL - Shortcut.lnk
[2014/09/13 09:30:44 | 000,002,455 | ---- | C] () -- C:\Users\Public\Desktop\SlimCleaner.lnk
[2014/09/11 21:45:28 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/09/11 21:45:28 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2014/09/11 21:16:36 | 000,000,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Corel Desktop Application Director 8.LNK
[2014/09/11 19:40:15 | 000,001,064 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/08/30 17:02:38 | 000,384,309 | ---- | C] () -- C:\Users\Scott\Documents\IMG_6966.JPG
[2014/08/30 17:02:37 | 000,437,401 | ---- | C] () -- C:\Users\Scott\Documents\IMG_6967.JPG
[2014/08/24 14:29:35 | 000,108,790 | ---- | C] () -- C:\Users\Scott\Documents\Illinois Tollway.pdf
[2014/08/22 08:13:50 | 000,173,620 | ---- | C] () -- C:\Users\Scott\Documents\Booking.pdf
[2014/08/14 18:49:40 | 000,474,521 | ---- | C] () -- C:\Users\Scott\Documents\Mopar Parts Store - Dodge Parts, Chrysler Parts, Jeep Parts, Ram Truck Parts and Accessories for Sale online.pdf
[2014/06/03 20:27:02 | 000,007,602 | ---- | C] () -- C:\Users\Scott\AppData\Local\Resmon.ResmonCfg
[2014/05/24 00:02:51 | 000,000,071 | ---- | C] () -- C:\Windows\ENX330.ini
[2014/05/23 23:34:30 | 000,000,047 | ---- | C] () -- C:\Windows\winhlp32.ini
[2014/05/23 23:34:30 | 000,000,047 | ---- | C] () -- C:\Windows\winhelp.ini
[2014/05/23 23:31:45 | 000,000,321 | ---- | C] () -- C:\Windows\System32\cosmo.ini
[2014/05/23 23:31:24 | 000,069,632 | ---- | C] () -- C:\Windows\System32\sx83p32.dll
[2014/05/23 23:30:35 | 000,017,552 | ---- | C] () -- C:\Windows\System32\TTYTWIN.DRV
[2014/05/23 23:29:56 | 000,022,480 | ---- | C] () -- C:\Windows\System32\PFMAPI16.DLL
[2014/05/23 23:29:56 | 000,020,992 | ---- | C] () -- C:\Windows\System32\PFMAPI32.DLL
[2014/05/23 23:16:08 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/04/24 01:23:02 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 16:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/05/24 01:19:42 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Epson
[2014/05/24 00:12:49 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Leadertech
[2014/06/14 22:39:17 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\PwrMgr
[2014/07/30 16:29:37 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\supportdotcom
 
========== Purity Check ==========
 
 
 
< End of report >
 

 

 

 


  • 0

Advertisements

#2
zep516
Posted 13 September 2014 - 03:57 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Have you called the provider to see if thay can run a check for you ?

Also turn off the router / modem, un plug then plug back in.


A few things you can try:

Copy and paste the text in the code box below into Notepad.
@Echo off
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh int ip reset all
shutdown -r -t 1
del %0
Save as flush.bat to your desktop.
Double-click flush.bat file to run it. Your computer will reboot.

Note: For Windows Vista or Windows 7, right-click flush.bat and select "Run as Administrator" .


Next

Clean out your temporary internet files and temp files.

Download TFC by OldTimer http://oldtimer.geekstogo.com/TFC.exe to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.




Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

Checkmark following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Devices (Only Problems)
  • List Minidump Files
  • List Restore Points
Click Go and post the result.
  • 0

#3
saleenboy87146
Posted 15 September 2014 - 07:05 PM

saleenboy87146

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts

attached is my mini tool box log.

 

 

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Scott (administrator) on 15-09-2014 at 19:57:04
Running from "C:\Users\Scott\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
127.0.0.1 localhost
 
========================= IP Configuration: ================================
 
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection 3 (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Scott-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection #2
   Physical Address. . . . . . . . . : 00-19-D2-C2-03-0C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c91c:c551:a90f:f96f%16(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, September 15, 2014 7:52:34 PM
   Lease Expires . . . . . . . . . . : Tuesday, September 16, 2014 7:52:38 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 285219282
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-11-CC-ED-00-15-58-32-C1-46
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{C4A1483E-3A34-4C36-AF9C-C8D95A8CCB9F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:1004:a2f:cd43:f004(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1004:a2f:cd43:f004%13(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:800::100e
 173.194.46.96
 173.194.46.99
 173.194.46.103
 173.194.46.104
 173.194.46.105
 173.194.46.101
 173.194.46.100
 173.194.46.102
 173.194.46.98
 173.194.46.97
 173.194.46.110
 
 
Pinging google.com [74.125.225.66] with 32 bytes of data:
Reply from 74.125.225.66: bytes=32 time=195ms TTL=53
Reply from 74.125.225.66: bytes=32 time=214ms TTL=53
 
Ping statistics for 74.125.225.66:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 195ms, Maximum = 214ms, Average = 204ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24
 98.138.253.109
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=59ms TTL=48
Reply from 98.138.253.109: bytes=32 time=104ms TTL=48
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 59ms, Maximum = 104ms, Average = 81ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...00 19 d2 c2 03 0c ......Intel® PRO/Wireless 3945ABG Network Connection #2
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.5     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.5    281
      192.168.1.5  255.255.255.255         On-link       192.168.1.5    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.5    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.5    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.5    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:1004:a2f:cd43:f004/128
                                    On-link
 16    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::1004:a2f:cd43:f004/128
                                    On-link
 16    281 fe80::c91c:c551:a90f:f96f/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 16    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (09/15/2014 07:52:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:48:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:38:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 05:22:45 AM) (Source: Application Error) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000005
Fault offset: 0x00034d60
Faulting process id: 0x7e8
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
 
Error: (09/14/2014 08:18:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 08:16:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 08:12:02 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 07:53:21 AM) (Source: Application Error) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000005
Fault offset: 0x00034d60
Faulting process id: 0x1c94
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
 
Error: (09/13/2014 00:23:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 11:55:15 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (09/15/2014 04:56:52 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.183.2486.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/11/2014 09:23:10 PM) (Source: Microsoft-Windows-Eventlog) (User: NT AUTHORITY)
Description: The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-Windows Defender/WHC.
 
Error: (09/11/2014 09:17:20 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (09/05/2014 03:42:56 PM) (Source: BugCheck) (User: )
Description: 0x0000009f (0x00000003, 0x87726028, 0x82b69ae0, 0x8538fb10)C:\Windows\MEMORY.DMP090514-29655-01
 
Error: (09/05/2014 03:42:39 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:33:17 AM on ‎9/‎5/‎2014 was unexpected.
 
Error: (08/23/2014 09:13:17 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.183.11.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.5.0216.00
 
Source Path: 4.5.0216.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/21/2014 07:39:38 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AdobeARMservice service.
 
Error: (08/17/2014 08:20:57 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.179.3144.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.5.0216.00
 
Source Path: 4.5.0216.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/17/2014 08:20:57 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.179.3144.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.5.0216.00
 
Source Path: 4.5.0216.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/17/2014 08:20:57 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.179.3144.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.5.0216.00
 
Source Path: 4.5.0216.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
Error: (09/15/2014 07:52:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:48:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:38:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 05:22:45 AM) (Source: Application Error)(User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea91cc000000500034d607e801cfd0cde7f66764C:\Program Files\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\ntdll.dll3b503647-3cc2-11e4-9bdb-88c778feb1f8
 
Error: (09/14/2014 08:18:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 08:16:12 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 08:12:02 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/14/2014 07:53:21 AM) (Source: Application Error)(User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea91cc000000500034d601c9401cfd019a1b7e2faC:\Program Files\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\ntdll.dll1ab4f6b2-3c0e-11e4-b9c0-c3e651bce8ee
 
Error: (09/13/2014 00:23:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/13/2014 11:55:15 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
 
=========================== Installed Programs ============================
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Corel WordPerfect Suite 8 (HKLM\...\Corel WordPerfect Suite 8) (Version:  - )
Epson Connect (HKLM\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel RSX 3D (HKLM\...\RSX2Uninst) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
InterACQ 2006 Ver 4.0 (HKLM\...\InterACQ 2006) (Version: Ver 4.0 - Plus 1 Micro, Inc)
Lenovo Patch Utility (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.1 - Lenovo Group Limited)
SHAREit (HKLM\...\SHAREit_is1) (Version: 2.1.4.0 - Lenovo Group Limited)
SlimCleaner (HKLM\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588) (Version: 7.62.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zeitronix Data Logger v3.0.7 (HKLM\...\{DA24DF5A-4FD4-45A8-91AF-67565529C28E}) (Version: 3.0.7 - Zeitronix)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 34%
Total physical RAM: 3062.43 MB
Available physical RAM: 2003.45 MB
Total Pagefile: 6123.15 MB
Available Pagefile: 4987.75 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.09 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:232.79 GB) (Free:194.68 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SCOTT-PC
 
Administrator            Guest                    Scott                    
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
05-08-2014 01:31:05 Windows Update
09-08-2014 03:58:18 Windows Update
13-08-2014 21:32:03 Windows Update
17-08-2014 13:09:54 Windows Update
20-08-2014 13:53:28 Windows Update
23-08-2014 22:48:59 Windows Update
27-08-2014 22:32:57 Windows Update
29-08-2014 02:32:12 Windows Update
01-09-2014 23:29:12 Windows Update
05-09-2014 03:31:38 Windows Update
09-09-2014 00:15:32 Windows Update
12-09-2014 00:38:17 Windows Update
 
**** End of log ****

  • 0

#4
zep516
Posted 15 September 2014 - 07:11 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

Scan for adware,

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • In your next reply post:

    1- AdwCleaner log, after running the "Clean" option.

    Thanks
    Joe :)

  • 0

#5
saleenboy87146
Posted 16 September 2014 - 07:02 PM

saleenboy87146

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts

AdWare log below:

 

 

# AdwCleaner v3.310 - Report created 16/09/2014 at 19:58:01
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Scott - SCOTT-PC
# Running from : C:\Users\Scott\Downloads\adwcleaner_3.310.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v37.0.2062.120
 
[ File : C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [806 octets] - [16/09/2014 19:52:47]
AdwCleaner[S0].txt - [874 octets] - [16/09/2014 19:58:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [933 octets] ##########

  • 0

#6
zep516
Posted 16 September 2014 - 07:11 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Not much there.

Have you called your Internet service provider ?

Lets look at one more scan and rule out Malware..

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
In your next reply post:

1-FRST.txt
2-Addition.txt

Thanks
Joe :)
  • 0

#7
saleenboy87146
Posted 18 September 2014 - 07:40 PM

saleenboy87146

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts

Internet is better.  What ever is it was is gone.   I never called my ISP because as I indicted in my original post, if I connected directly to the router via ethernet cable, I was seeing 27+ mbs.    When I originally posted I was only seeing less then 1 via wireless, but other devices in the house were seeing over 10.  

 

What ever it was, I am seeing between 7 and 12 now.

 

Anyways, logs are attached.      Doesn't seem that Malware was what was causing it.

 

 

1)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by Scott (administrator) on SCOTT-PC on 18-09-2014 20:20:47
Running from C:\Users\Scott\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Lenovo Group Limited) C:\Program Files\ThinkPad\Utilities\SCHTASK.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Lenovo) C:\Program Files\ThinkPad\Utilities\PWMDBSVC.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [PWMTRV] => rundll32 "C:\Program Files\ThinkPad\Utilities\PWMTR32V.DLL",PwrMgrBkGndMonitor
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1B81FC22DF76CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR CustomProfile: C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google Search) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-23]
CHR Extension: (Gmail) - C:\Users\Scott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION)
S3 Lenovo EasyPlus Hotspot; C:\Program Files\Common Files\lenovo\easyplussdk\bin\EPHotspot.exe [458496 2014-08-06] (Lenovo)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [110128 2014-05-27] (Lenovo Group Limited)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S3 PwmEWSvc; C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE [1664856 2014-03-20] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [24560 2014-06-18] ()
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116208 2014-06-10] (Lenovo Group Limited)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2012-10-30] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [139776 2013-10-25] (Prolific Technology Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-18 20:20 - 2014-09-18 20:21 - 00008663 _____ () C:\Users\Scott\Downloads\FRST.txt
2014-09-18 20:20 - 2014-09-18 20:20 - 00000000 ____D () C:\FRST
2014-09-18 20:19 - 2014-09-18 20:19 - 01097728 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-09-18 20:12 - 2014-09-18 20:12 - 245064646 _____ () C:\Windows\MEMORY.DMP
2014-09-18 20:12 - 2014-09-18 20:12 - 00908624 _____ () C:\Windows\Minidump\091814-15631-01.dmp
2014-09-16 19:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-09-16 19:52 - 2014-09-16 19:58 - 00000000 ____D () C:\AdwCleaner
2014-09-16 19:51 - 2014-09-16 19:51 - 01373475 _____ () C:\Users\Scott\Downloads\adwcleaner_3.310.exe
2014-09-15 19:57 - 2014-09-15 20:01 - 00025208 _____ () C:\Users\Scott\Downloads\Result.txt
2014-09-15 19:54 - 2014-09-15 19:54 - 00401920 _____ (Farbar) C:\Users\Scott\Downloads\MiniToolBox.exe
2014-09-15 19:41 - 2014-09-15 19:40 - 00448512 _____ (OldTimer Tools) C:\Users\Scott\Desktop\TFC.exe
2014-09-15 19:40 - 2014-09-15 19:40 - 00448512 _____ (OldTimer Tools) C:\Users\Scott\Downloads\TFC.exe
2014-09-13 12:38 - 2014-09-13 12:38 - 00001944 _____ () C:\Users\Public\Desktop\SHAREit.lnk
2014-09-13 12:38 - 2014-09-13 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-13 10:26 - 2014-09-13 10:26 - 00052448 _____ () C:\Users\Scott\Desktop\OTL 9-13-2014 1030am.txt
2014-09-13 10:20 - 2014-09-13 10:20 - 00043520 _____ () C:\Users\Scott\Downloads\Extras.Txt
2014-09-13 10:18 - 2014-09-13 10:18 - 00052448 _____ () C:\Users\Scott\Downloads\OTL.Txt
2014-09-13 10:11 - 2014-09-13 10:11 - 00001083 _____ () C:\Users\Scott\Desktop\OTL - Shortcut.lnk
2014-09-13 10:10 - 2014-09-13 10:10 - 00000503 _____ () C:\Users\Scott\Downloads\Desktop.lnk
2014-09-13 10:09 - 2014-09-13 10:09 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-09-13 09:43 - 2014-09-13 09:43 - 00006414 _____ () C:\Users\Scott\Downloads\MyDefrag.dat
2014-09-13 09:36 - 2014-09-13 09:36 - 00000538 _____ () C:\Users\Scott\Downloads\MyDefrag.debuglog
2014-09-13 09:33 - 2014-09-13 09:33 - 00000000 ____D () C:\Users\Scott\AppData\Local\SlimWare Utilities Inc
2014-09-13 09:30 - 2014-09-13 09:37 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-09-13 09:30 - 2014-09-13 09:30 - 00002455 _____ () C:\Users\Public\Desktop\SlimCleaner.lnk
2014-09-13 09:30 - 2014-09-13 09:30 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-09-13 09:30 - 2014-09-13 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2014-09-13 09:28 - 2014-09-13 09:28 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\Scott\Downloads\SlimCleaner-setup.exe
2014-09-11 21:45 - 2014-09-12 19:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-11 21:45 - 2014-09-11 21:45 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-11 21:45 - 2014-09-11 21:45 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-11 21:45 - 2014-09-11 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-11 21:45 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-09-11 21:44 - 2014-09-12 05:18 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-11 21:26 - 2014-09-11 21:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Scott\Downloads\spybot-2.4.exe
2014-09-11 21:11 - 2014-09-14 08:10 - 00000000 ____D () C:\Windows\pss
2014-09-11 19:56 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 19:56 - 2014-08-18 16:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 19:56 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 19:56 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 19:56 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 19:56 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 19:56 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 19:55 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 19:55 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 19:55 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 19:55 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 19:55 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 19:55 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 19:55 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 19:55 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 19:55 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 19:55 - 2014-08-18 16:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 19:55 - 2014-08-18 16:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 19:55 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 19:55 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 19:55 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 19:55 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 19:55 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 19:55 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 19:55 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 19:55 - 2014-08-18 16:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 19:55 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 19:55 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 19:55 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 19:55 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 19:54 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 19:40 - 2014-09-14 08:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 19:40 - 2014-09-11 19:40 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 19:40 - 2014-09-11 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 19:39 - 2014-09-11 19:40 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-11 19:39 - 2014-09-11 19:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 19:39 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-11 19:39 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 19:39 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 19:37 - 2014-09-11 19:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 19:27 - 2014-07-06 20:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 19:27 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 19:21 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 19:21 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 19:20 - 2014-09-04 20:52 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 19:20 - 2014-09-04 20:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-27 17:33 - 2014-08-22 20:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 17:33 - 2014-08-22 19:42 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 07:06 - 2014-08-21 07:06 - 00302507 _____ () C:\Users\Scott\Downloads\Google Maps 379 - 1058.htm
2014-08-21 07:06 - 2014-08-21 07:06 - 00000000 ____D () C:\Users\Scott\Downloads\Google Maps 379 - 1058_files
2014-08-21 07:03 - 2014-08-22 08:29 - 00000000 ____D () C:\Users\Scott\Documents\Maps
2014-08-19 14:10 - 2014-08-20 11:58 - 00000000 ____D () C:\Users\Scott\Documents\Vacation 2014
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-18 20:21 - 2014-09-18 20:20 - 00008663 _____ () C:\Users\Scott\Downloads\FRST.txt
2014-09-18 20:20 - 2014-09-18 20:20 - 00000000 ____D () C:\FRST
2014-09-18 20:19 - 2014-09-18 20:19 - 01097728 _____ (Farbar) C:\Users\Scott\Downloads\FRST.exe
2014-09-18 20:19 - 2009-07-13 23:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:19 - 2009-07-13 23:34 - 00028928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-18 20:15 - 2014-05-23 19:56 - 01071084 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 20:12 - 2014-09-18 20:12 - 245064646 _____ () C:\Windows\MEMORY.DMP
2014-09-18 20:12 - 2014-09-18 20:12 - 00908624 _____ () C:\Windows\Minidump\091814-15631-01.dmp
2014-09-18 20:12 - 2014-06-11 18:20 - 00000000 ____D () C:\Windows\Minidump
2014-09-18 20:12 - 2014-05-23 18:41 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-18 20:12 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-18 20:12 - 2009-07-13 23:39 - 00037149 _____ () C:\Windows\setupact.log
2014-09-18 18:24 - 2014-05-23 18:41 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 19:59 - 2010-11-20 16:48 - 00063798 _____ () C:\Windows\PFRO.log
2014-09-16 19:58 - 2014-09-16 19:52 - 00000000 ____D () C:\AdwCleaner
2014-09-16 19:51 - 2014-09-16 19:51 - 01373475 _____ () C:\Users\Scott\Downloads\adwcleaner_3.310.exe
2014-09-15 20:01 - 2014-09-15 19:57 - 00025208 _____ () C:\Users\Scott\Downloads\Result.txt
2014-09-15 19:54 - 2014-09-15 19:54 - 00401920 _____ (Farbar) C:\Users\Scott\Downloads\MiniToolBox.exe
2014-09-15 19:40 - 2014-09-15 19:41 - 00448512 _____ (OldTimer Tools) C:\Users\Scott\Desktop\TFC.exe
2014-09-15 19:40 - 2014-09-15 19:40 - 00448512 _____ (OldTimer Tools) C:\Users\Scott\Downloads\TFC.exe
2014-09-14 08:16 - 2014-09-11 19:40 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 08:10 - 2014-09-11 21:11 - 00000000 ____D () C:\Windows\pss
2014-09-13 16:09 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-13 12:39 - 2014-05-24 14:28 - 00000000 ____D () C:\Users\Scott\AppData\Local\Lenovo
2014-09-13 12:38 - 2014-09-13 12:38 - 00001944 _____ () C:\Users\Public\Desktop\SHAREit.lnk
2014-09-13 12:38 - 2014-09-13 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2014-09-13 12:38 - 2014-05-24 01:42 - 00000000 ____D () C:\Program Files\Common Files\lenovo
2014-09-13 12:38 - 2014-05-24 01:39 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-09-13 12:38 - 2014-05-23 18:49 - 00000000 ____D () C:\Program Files\Lenovo
2014-09-13 11:45 - 2014-06-03 20:51 - 00000000 ___HD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2014-09-13 11:45 - 2014-05-23 22:53 - 00000000 ____D () C:\ProgramData\Lenovo
2014-09-13 11:27 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-13 11:26 - 2010-11-20 16:01 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 10:26 - 2014-09-13 10:26 - 00052448 _____ () C:\Users\Scott\Desktop\OTL 9-13-2014 1030am.txt
2014-09-13 10:20 - 2014-09-13 10:20 - 00043520 _____ () C:\Users\Scott\Downloads\Extras.Txt
2014-09-13 10:18 - 2014-09-13 10:18 - 00052448 _____ () C:\Users\Scott\Downloads\OTL.Txt
2014-09-13 10:11 - 2014-09-13 10:11 - 00001083 _____ () C:\Users\Scott\Desktop\OTL - Shortcut.lnk
2014-09-13 10:10 - 2014-09-13 10:10 - 00000503 _____ () C:\Users\Scott\Downloads\Desktop.lnk
2014-09-13 10:09 - 2014-09-13 10:09 - 00602112 _____ (OldTimer Tools) C:\Users\Scott\Downloads\OTL.exe
2014-09-13 09:43 - 2014-09-13 09:43 - 00006414 _____ () C:\Users\Scott\Downloads\MyDefrag.dat
2014-09-13 09:37 - 2014-09-13 09:30 - 00000000 ____D () C:\Program Files\SlimCleaner
2014-09-13 09:36 - 2014-09-13 09:36 - 00000538 _____ () C:\Users\Scott\Downloads\MyDefrag.debuglog
2014-09-13 09:36 - 2014-05-23 20:52 - 00000000 ____D () C:\Windows\Panther
2014-09-13 09:33 - 2014-09-13 09:33 - 00000000 ____D () C:\Users\Scott\AppData\Local\SlimWare Utilities Inc
2014-09-13 09:30 - 2014-09-13 09:30 - 00002455 _____ () C:\Users\Public\Desktop\SlimCleaner.lnk
2014-09-13 09:30 - 2014-09-13 09:30 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-09-13 09:30 - 2014-09-13 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner
2014-09-13 09:28 - 2014-09-13 09:28 - 00801088 _____ (SlimWare Utilities, Inc.) C:\Users\Scott\Downloads\SlimCleaner-setup.exe
2014-09-13 09:23 - 2014-05-23 18:43 - 00002129 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 19:23 - 2014-09-11 21:45 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-09-12 17:17 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-12 05:18 - 2014-09-11 21:44 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-09-11 21:45 - 2014-09-11 21:45 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-09-11 21:45 - 2014-09-11 21:45 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-09-11 21:45 - 2014-09-11 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-09-11 21:43 - 2014-09-11 21:26 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Scott\Downloads\spybot-2.4.exe
2014-09-11 20:36 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Speech
2014-09-11 19:54 - 2014-05-23 21:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 19:48 - 2014-05-23 21:39 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 19:47 - 2014-05-23 19:43 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-11 19:47 - 2014-05-23 19:43 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 19:46 - 2014-05-23 22:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-11 19:46 - 2014-05-23 19:43 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 19:40 - 2014-09-11 19:40 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 19:40 - 2014-09-11 19:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 19:40 - 2014-09-11 19:39 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-11 19:39 - 2014-09-11 19:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 19:38 - 2014-09-11 19:37 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Scott\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-11 17:49 - 2009-07-13 23:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-09-05 17:02 - 2014-05-23 20:07 - 00013824 _____ () C:\Users\Scott\Documents\Oil Changes.xls
2014-09-04 20:52 - 2014-09-11 19:20 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-04 20:47 - 2014-09-11 19:20 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-29 15:38 - 2009-07-13 23:33 - 00333352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-25 18:59 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache
2014-08-25 17:54 - 2014-08-03 19:50 - 00000000 ____D () C:\Users\Scott\Documents\Plate Renewals
2014-08-25 17:40 - 2014-05-27 21:05 - 00036864 _____ () C:\Users\Scott\Documents\Accounting 2010.xlr
2014-08-22 20:46 - 2014-08-27 17:33 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 19:42 - 2014-08-27 17:33 - 02352640 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 08:29 - 2014-08-21 07:03 - 00000000 ____D () C:\Users\Scott\Documents\Maps
2014-08-21 07:06 - 2014-08-21 07:06 - 00302507 _____ () C:\Users\Scott\Downloads\Google Maps 379 - 1058.htm
2014-08-21 07:06 - 2014-08-21 07:06 - 00000000 ____D () C:\Users\Scott\Downloads\Google Maps 379 - 1058_files
2014-08-20 11:58 - 2014-08-19 14:10 - 00000000 ____D () C:\Users\Scott\Documents\Vacation 2014
2014-08-19 12:39 - 2014-09-11 19:55 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
 
Some content of TEMP:
====================
C:\Users\Scott\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-11 20:32
 
==================== End Of Log ============================
 
 
 
 
 
2)
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by Scott at 2014-09-18 20:21:56
Running from C:\Users\Scott\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Corel WordPerfect Suite 8 (HKLM\...\Corel WordPerfect Suite 8) (Version:  - )
Epson Connect (HKLM\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel RSX 3D (HKLM\...\RSX2Uninst) (Version:  - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1867 - Intel Corporation)
InterACQ 2006 Ver 4.0 (HKLM\...\InterACQ 2006) (Version: Ver 4.0 - Plus 1 Micro, Inc)
Lenovo Patch Utility (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.06.0016 - Lenovo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metric Collection SDK (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.00 - )
Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.65.1 - Lenovo Group Limited)
SHAREit (HKLM\...\SHAREit_is1) (Version: 2.1.4.0 - Lenovo Group Limited)
SlimCleaner (HKLM\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.41 - )
ThinkPad Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_10140588) (Version: 7.62.00 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zeitronix Data Logger v3.0.7 (HKLM\...\{DA24DF5A-4FD4-45A8-91AF-67565529C28E}) (Version: 3.0.7 - Zeitronix)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
20-08-2014 13:53:28 Windows Update
23-08-2014 22:48:59 Windows Update
27-08-2014 22:32:57 Windows Update
29-08-2014 02:32:12 Windows Update
01-09-2014 23:29:12 Windows Update
05-09-2014 03:31:38 Windows Update
09-09-2014 00:15:32 Windows Update
12-09-2014 00:38:17 Windows Update
16-09-2014 01:21:43 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:04 - 2014-09-15 19:37 - 00000021 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {079B6172-C175-4B5E-93F9-2E30EE821CAB} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files\Lenovo\System Update\tvsuShim.exe [2014-06-18] ()
Task: {0FEC700C-D2EA-4C24-9A41-9683B5B5D63F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: {2D48A24F-BBFB-4EA9-B512-5F5513D3246C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {53ADF6B8-95E7-45FA-972A-660519369C4A} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PwmIdTsv.exe [2014-03-20] (Lenovo Group Limited)
Task: {63B3C349-8A19-4EEE-B9BA-971D30CB5A74} - System32\Tasks\SlimCleaner Run => C:\Program Files\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.)
Task: {644B68F1-F4AE-42B9-96B3-1CDD6BEE389F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6ACB95FD-13AF-4F62-9273-8C9D51514BA2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: {6D728A7F-87D9-4A76-BBE0-3DB77649A58B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {87702086-6D79-4394-9481-0EEE29A569D4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {8F8895AF-1254-4402-A0ED-E3356412A387} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {C72F775E-5608-4309-BCF6-BBBCC3094634} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files\Common Files\lenovo\SUP\sup_wermonitor_shim.exe [2014-09-01] ()
Task: {E6BA6F71-88E7-4D37-AB4C-7544E4D7D66E} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-09-11 21:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-11 21:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-11 21:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-11 21:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-11 21:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-14 11:11 - 2014-03-20 06:05 - 00095232 ____N () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2014-05-24 00:21 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-05-24 00:21 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Scott\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-09-13 09:23 - 2014-09-03 22:01 - 08577864 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-13 09:23 - 2014-09-03 22:01 - 00331592 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-13 09:23 - 2014-09-03 22:01 - 01660232 _____ () C:\Program Files\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Corel Desktop Application Director 8.LNK => C:\Windows\pss\Corel Desktop Application Director 8.LNK.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/18/2014 08:13:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/18/2014 03:58:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/17/2014 05:17:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/16/2014 08:00:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 08:10:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 08:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:52:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:48:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:38:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 05:22:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GoogleUpdate.exe, version: 1.3.21.103, time stamp: 0x4f3c6d6c
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000005
Fault offset: 0x00034d60
Faulting process id: 0x7e8
Faulting application start time: 0xGoogleUpdate.exe0
Faulting application path: GoogleUpdate.exe1
Faulting module path: GoogleUpdate.exe2
Report Id: GoogleUpdate.exe3
 
 
System errors:
=============
Error: (09/18/2014 08:12:35 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x00000003, 0x85c5c518, 0x82b77ae0, 0x862b2c18)C:\Windows\MEMORY.DMP091814-15631-01
 
Error: (09/18/2014 08:12:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:25:45 PM on ‎9/‎18/‎2014 was unexpected.
 
Error: (09/17/2014 05:17:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:58:41 PM on ‎9/‎16/‎2014 was unexpected.
 
Error: (09/15/2014 08:06:02 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.183.2486.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/15/2014 08:06:02 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.183.2486.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/15/2014 04:56:52 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.183.2486.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.6.0305.00
 
Source Path: 4.6.0305.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (09/11/2014 09:23:10 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 23) (User: NT AUTHORITY)
Description: The event logging service encountered an error (res=32) while initializing logging resources for channel Microsoft-Windows-Windows Defender/WHC.
 
Error: (09/11/2014 09:17:20 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
 
Error: (09/05/2014 03:42:56 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x00000003, 0x87726028, 0x82b69ae0, 0x8538fb10)C:\Windows\MEMORY.DMP090514-29655-01
 
Error: (09/05/2014 03:42:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:33:17 AM on ‎9/‎5/‎2014 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (09/18/2014 08:13:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/18/2014 03:58:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/17/2014 05:17:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/16/2014 08:00:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 08:10:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 08:07:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:52:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:48:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 07:38:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/15/2014 05:22:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cntdll.dll6.1.7601.18247521ea91cc000000500034d607e801cfd0cde7f66764C:\Program Files\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\ntdll.dll3b503647-3cc2-11e4-9bdb-88c778feb1f8
 
 
==================== Memory info =========================== 
 
Processor: Genuine Intel® CPU T2300 @ 1.66GHz
Percentage of memory in use: 42%
Total physical RAM: 3062.43 MB
Available physical RAM: 1752.45 MB
Total Pagefile: 6123.15 MB
Available Pagefile: 4584.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.12 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.79 GB) (Free:196.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E588E766)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#8
zep516
Posted 18 September 2014 - 07:49 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
OK,

And your logs are clean. Follow the instructions below that will remove everything I had you download.

Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
  • Push Run.
  • The program will run for a few seconds and display a notepad report.
    Paste it for my review.
Thanks
Joe :)
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP