Had to resort to using my kids computer after a hard drive failure on my computer and I am going crazy. Pop-ups galore and won't let me use Explorer....all kinds of ads on everything everywhere. Please help me before I rip out all my hair....
Hijack This Results:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:37:55 PM, on 3/6/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Users\Chuck\AppData\Local\Workspace\workspaceupdate.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Games\Risk\RiskSA.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
F:\Fix\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT3310511
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - (no file)
R3 - URLSearchHook: (no name) - {8e2479de-6096-41f3-90ab-83be9946aa2d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: InternetHelper3.1 - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll
O2 - BHO: MediaViewV1alpha753 - {26d1bf3e-ba83-43b4-b136-64d190f9c06c} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ie\MediaViewV1alpha753.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapBHO.dll
O2 - BHO: BetterSrf - {45277F9D-8C9C-4726-A558-D69AC740910E} - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ie\BetterSrf.dll
O2 - BHO: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (file missing)
O2 - BHO: SmARtCompare - {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.dll
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
O2 - BHO: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SweetPacks - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - (no file)
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - (no file)
O2 - BHO: BetterSrf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll
O2 - BHO: InternetHelper3.7 - {8e2479de-6096-41f3-90ab-83be9946aa2d} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.d ll (file missing)
O2 - BHO: MediaViewerV1alpha3789 - {a092d4b4-6ade-4660-af7c-203ee4594af4} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ie\MediaViewerV1alpha3789.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - (no file)
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: PngToPaPTuConuvertt - {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.dll
O2 - BHO: WebexpEnhancedV1alpha92 - {d5f2d30f-2acd-4cd7-b551-4c8bdb9ba4ec} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha92\ie\WebexpEnhancedV1alpha92.d ll
O2 - BHO: KeyBar 1.14 - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: LyricsSing - {f585b32d-ae67-4b5d-afe0-89015b3a25be} - C:\Program Files (x86)\LyricSing\133.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.d ll (file missing)
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Starfield Updater] "C:\Users\Chuck\AppData\Local\Workspace\WorkspaceUpdate.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Chuck\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [PC Health Kit] C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Severe Weather Alerts App.lnk = Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
O4 - Startup: Severe Weather Alerts.lnk = Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\optimi~1\optpro~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update LemurLeap - Unknown owner - C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
O23 - Service: Util LemurLeap - Unknown owner - C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe (file missing)
O23 - Service: WajamUpdater - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 20561 bytes
DDS Results
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2
Run by Chuck at 15:40:43 on 2014-03-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3944.1351 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Workspace\offSyncService.exe
C:\Windows\jmesoft\Service.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Users\Chuck\AppData\Local\Workspace\workspaceupdate.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
C:\Windows\jmesoft\JME_LOAD.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskeng.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Games\Risk\RiskSA.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\windows\System32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN76054516726472136&UM=2&ctid=CT3310 511
uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uProxyOverride = <local>
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uURLSearchHooks: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
uURLSearchHooks: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
mURLSearchHooks: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - <orphaned>
mURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
mURLSearchHooks: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
mURLSearchHooks: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: I Want This: {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll
BHO: Media View: {26d1bf3e-ba83-43b4-b136-64d190f9c06c} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ie\MediaViewV1alpha753.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: LemurLeap: {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapBHO.dll
BHO: BetterSurf Plus V1: {45277F9D-8C9C-4726-A558-D69AC740910E} - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ie\BetterSrf.dll
BHO: DealPly Shopping: {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} -
BHO: SmARtCompare: {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: BetterSurf: {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - LocalServer32 - <no file>
BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll
BHO: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -
BHO: Media Viewer: {a092d4b4-6ade-4660-af7c-203ee4594af4} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ie\MediaViewerV1alpha3789.dll
BHO: {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - <orphaned>
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: PngToPaPTuConuvertt: {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.dll
BHO: Webexp Enhanced: {d5f2d30f-2acd-4cd7-b551-4c8bdb9ba4ec} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha92\ie\WebexpEnhancedV1alpha92.d ll
BHO: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: LyricsSing: {f585b32d-ae67-4b5d-afe0-89015b3a25be} - C:\Program Files (x86)\LyricSing\133.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Starfield Updater] "C:\Users\Chuck\AppData\Local\Workspace\WorkspaceUpdate.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Chuck\AppData\Local\Akamai\netsession_win.exe"
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [PC Health Kit] C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [jmekey] C:\windows\jmesoft\hotkey.exe
mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
mRun: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
mRun: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\M YPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\O PENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\S EVERE~2.LNK - C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\S EVERE~1.LNK - C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.43.1
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94} : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\7535D224 : DHCPNameServer = 166.102.165.11 166.102.165.13
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\84F4D454D273442323 : DHCPNameServer = 68.87.66.246 162.150.8.37
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\E45445745414253313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2B50D246-8962-42FB-B88F-D9C433650241} : DHCPNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SmARtCompare: {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: PngToPaPTuConuvertt: {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.x64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3315828&CUI=UN23580925597262071&UM=2&SearchSource=3& q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPC2FAC AF5-426A-457A-9C9B-7EA76C0F9F58&SSPV=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Chuck\AppData\Local\Roblox\Versions\version-afc74353f06542bd\NPRobloxProxy.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npoff.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npoff.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npoff64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npoff64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npwbe.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npwbe.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npwbe64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npwbe64.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - ExtSQL: 2014-02-04 10:52; {2ecad685-1644-4a6c-a1ca-055e8d6442fb}; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\{2ecad685-1644-4a6c-a1ca-055e8d6442fb}.xpi
FF - ExtSQL: 2014-02-25 15:03; ext@MediaViewerV1alpha3789.net; C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ff
FF - ExtSQL: 2014-02-27 12:57; hycdr@dakbd.org; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\hycdr@dakbd.org
FF - ExtSQL: 2014-02-27 12:57; 9zboodlc@ma.edu; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\9zboodlc@ma.edu
FF - ExtSQL: 2014-02-27 12:57; ext@MediaViewV1alpha753.net; C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ff
FF - ExtSQL: !HIDDEN! 2013-07-08 15:45; {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}; C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-10-11 57952]
R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\windows\System32\drivers\ddcdrv.sys [2011-10-11 20832]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2013-10-18 46368]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-10-11 13408]
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\windows\System32\rundll32.exe [2009-7-13 45568]
R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-3-3 2454816]
R2 File Backup;File Backup Service;C:\Program Files (x86)\Workspace\offSyncService.exe [2013-2-28 1187040]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2011-10-11 32768]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-11-1 67584]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-11 2655768]
R2 Update LemurLeap;Update LemurLeap;C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe [2013-8-31 111904]
R2 Util LemurLeap;Util LemurLeap;C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe [2013-10-5 111904]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-3-28 109064]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-11-19 317440]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-10-11 247400]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-10-11 947304]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-9-19 38440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DefaultTabUpdate;DefaultTabUpdate;"C:\Users\Chuck\AppData\Roaming\defaultta b\defaulttab\dtupdate.exe" --> C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [?]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
S2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-2-26 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-17 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-05 11:29:09 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB99C0B1-7DAF-4244-9588-FF891F26B99E}\offreg.dll
2014-03-04 17:42:19 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB99C0B1-7DAF-4244-9588-FF891F26B99E}\mpengine.dll
2014-03-01 23:29:04 -------- d-----w- C:\Users\Chuck\AppData\Roaming\iWin
2014-03-01 23:28:26 -------- d-----w- C:\Program Files (x86)\Games
2014-02-27 23:28:11 22776944 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2014-02-27 23:28:10 93808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2014-02-27 23:28:08 170960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2014-02-27 23:28:06 276592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2014-02-27 23:28:04 872392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2014-02-27 23:28:03 152688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2014-02-27 23:28:01 28272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2014-02-27 23:28:00 18544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2014-02-27 18:57:56 -------- d-----w- C:\Program Files (x86)\MediaViewV1
2014-02-26 09:13:01 -------- d-----w- C:\windows\Migration
2014-02-25 21:42:28 -------- d-----w- C:\ProgramData\SmARtCompare
2014-02-25 21:42:16 -------- d-----w- C:\ProgramData\f00dfb973b9656dd
2014-02-25 21:42:10 -------- d-----w- C:\Users\Chuck\AppData\Local\Packages
2014-02-25 21:42:02 -------- d-----w- C:\ProgramData\PngToPaPTuConuvertt
2014-02-25 21:42:01 -------- d-----w- C:\ProgramData\dlppakcpdecjekapapjjpbnjmjblgila
2014-02-25 21:13:33 3928064 ----a-w- C:\windows\System32\d2d1.dll
2014-02-25 21:13:33 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll
2014-02-25 21:13:33 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2014-02-25 21:13:33 1987584 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2014-02-25 21:03:23 -------- d-----w- C:\Program Files (x86)\MediaViewerV1
2014-02-08 23:27:57 -------- d-----w- C:\Program Files (x86)\Turbine
2014-02-08 19:30:23 -------- d-----w- C:\Users\Chuck\AppData\Local\Chromium
2014-02-08 19:26:07 -------- d-----w- C:\Users\Chuck\AppData\Local\The Lord of the Rings Online
2014-02-08 17:45:36 -------- d-----w- C:\Users\Chuck\AppData\Local\Roblox
2014-02-08 17:15:32 -------- d-----w- C:\Users\Chuck\AppData\Local\Turbine
2014-02-08 17:15:16 4178264 ----a-w- C:\windows\SysWow64\D3DX9_41.dll
2014-02-08 17:15:09 235344 ----a-w- C:\windows\SysWow64\d3dx11_42.dll
2014-02-08 17:14:55 1974616 ----a-w- C:\windows\SysWow64\D3DCompiler_42.dll
2014-02-08 17:14:55 1892184 ----a-w- C:\windows\SysWow64\D3DX9_42.dll
2014-02-08 17:14:54 3495784 ----a-w- C:\windows\SysWow64\d3dx9_33.dll
2014-02-08 17:06:46 -------- d-----w- C:\ProgramData\Turbine
2014-02-08 17:06:17 -------- d-----w- C:\ProgramData\HappyCloud
2014-02-08 14:34:10 -------- d-----w- C:\windows\System32\MRT
2014-02-08 05:48:36 -------- d-----w- C:\Program Files (x86)\InstallConverter
2014-02-08 05:17:27 -------- d-----w- C:\Users\Chuck\AppData\Roaming\ParetoLogic
2014-02-08 05:17:27 -------- d-----w- C:\Users\Chuck\AppData\Roaming\DriverCure
2014-02-08 05:17:08 -------- d-----w- C:\ProgramData\ParetoLogic
2014-02-08 05:09:58 107520 ----a-w- C:\windows\SysWow64\zlib1.dll
2014-02-08 05:09:42 -------- d-----w- C:\Users\Chuck\AppData\Roaming\dll-files.com
2014-02-08 05:09:36 -------- d-----w- C:\ProgramData\Logs
2014-02-08 05:09:32 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer
2014-02-08 05:08:29 -------- d-----w- C:\Users\Chuck\AppData\Roaming\IDM2
2014-02-08 04:58:28 128000 ----a-w- C:\Program Files (x86)\Uninstall Information\97\3867\uninstall.exe
2014-02-08 04:58:18 -------- d-----w- C:\Users\Chuck\AppData\Roaming\PerformerSoft
2014-02-08 04:58:14 19392 ----a-w- C:\windows\System32\roboot64.exe
2014-02-08 04:58:14 -------- d-----w- C:\Program Files (x86)\77zip
2014-02-08 04:56:50 -------- d-----w- C:\Program Files (x86)\SearchProtect
.
==================== Find3M ====================
.
2014-02-25 22:23:19 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-25 22:23:19 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 11:30:46 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2014-02-04 08:39:36 829264 ----a-w- C:\windows\System32\msvcr100.dll
2014-02-04 08:39:36 608080 ----a-w- C:\windows\System32\msvcp100.dll
2013-12-21 09:53:45 548864 ----a-w- C:\windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-12-18 12:13:56 270496 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:42:15.10 ===============
DDS Attach Results
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/1/2012 11:08:54 AM
System Uptime: 2/28/2014 3:25:04 AM (156 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz | CPU 1 | 1584/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 674.715 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP115: 3/4/2014 11:41:29 AM - Windows Update
.
==== Installed Programs ======================
.
77zip
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
BetterSurf Plus V1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
DealPly
DealPly (remove only)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dll-Files Fixer
DMUninstaller
Free Opener
GDMO
GigaClicks Crawler
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HandBrake 0.9.5
Happy Cloud Client
I Want This
Iminent
InstallConverter
InstallIQ Updater
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) Processor Graphics
InternetHelper3.1 Toolbar for IE
InternetHelper3.7 Toolbar for IE
Java 7 Update 45
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 31
JFileManager
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Standard)
KeyBar 1.14 Toolbar
LemurLeap 3.0.0
Lenovo Driver and Application Installation
Lenovo Dynamic Brightness System
Lenovo EE Boot Optimizer
Lenovo Eye Distance System
Lenovo Power2Go
Lenovo Rescue System
Lenovo Tinian Fn PS/2 Keyboard Driver
Level Quality Watcher
Lightspark 0.5.3-git
LVT
LyricsSing
McAfee Security Scan Plus
Media View
Media Viewer
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mixxx 1.10.0
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MyPC Backup
Norton Security Scan
OpenOffice.org 3.3
Optimizer Pro v3.2
Origin
PC Health Kit v3.2
PngToPaPTuConuvertt
Pokemon Online 2.0.07
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Risk (remove only)
ROBLOX Player for Chuck
Search Protect
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Severe Weather Alerts
SmARtCompare
Stamps.com
Star Wars: The Old Republic
SweetPacks Toolbar for IE
The Lord of the Rings Online
The Lord of the Rings Online v1200.0054.0447.4006
The Sims 3
The Sims 3 University Life
TurboTax 2011
TurboTax 2011 wiliper
TurboTax 2011 wilpbpm
TurboTax 2011 WinBizFedFormset
TurboTax 2011 WinBizReleaseEngine
TurboTax 2011 WinBizTaxSupport
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax Business 2011
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Wajam
Webexp Enhanced
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Workspace Desktop
.
==== Event Viewer Messages From Past Week ========
.
3/6/2014 5:26:56 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/6/2014 3:26:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} and APPID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} to the user Ripper\Chuck SID (S-1-5-21-2471097063-1945811626-1650287918-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/6/2014 3:24:24 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR18.
2/28/2014 3:25:53 AM, Error: Service Control Manager [7000] - The vToolbarUpdater17.1.3 service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The DefaultTabUpdate service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/28/2014 2:49:30 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5.
.
==== End Of File ===========================
GMER Results
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-06 16:44:50
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721010CLA332 rev.JP4OA3FE 931.51GB
Running: h8chc2wt.exe; Driver: C:\Users\Chuck\AppData\Local\Temp\ufldrpoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002db4000 45 bytes [00, 00, 10, 02, 4D, 6D, 43, ...]
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002db402f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\windows\SysWOW64\rundll32.exe[1292] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765a1465 2 bytes [5A, 76]
.text C:\windows\SysWOW64\rundll32.exe[1292] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765a14bb 2 bytes [5A, 76]
.text ... * 2
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetWindowPos 0000000074ee8e4e 5 bytes JMP 0000000156b3b2f0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!ShowWindow 0000000074ef0dfb 5 bytes JMP 0000000156b3b280
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetFocus 0000000074ef2175 5 bytes JMP 0000000156b3b2d0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetActiveWindow 0000000074ef3208 5 bytes JMP 0000000156b3b340
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!BringWindowToTop 0000000074ef7b3b 5 bytes JMP 0000000156b3b1e0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetForegroundWindow 0000000074f0f170 5 bytes JMP 0000000156b3b1b0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SwitchToThisWindow 0000000074f290fc 5 bytes JMP 0000000156b3b210
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!ShowWindowAsync 0000000074f47d97 5 bytes JMP 0000000156b3b230
.text C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe[3668] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765a1465 2 bytes [5A, 76]
.text C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe[3668] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765a14bb 2 bytes [5A, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6668] 000007fef1f5b528
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6672] 000007fef1e1b334
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6772] 000007fef1e1b334
---- Processes - GMER 2.1 ----
Process C:\Users\Chuck\AppData\Local\GCC\Controller.exe (*** suspicious ***) @ C:\Users\Chuck\AppData\Local\GCC\Controller.exe [192](2013-12-04 00000000013a0000
Process C:\Users\Chuck\AppData\Local\GCC\Controller.exe (*** suspicious ***) @ C:\Users\Chuck\AppData\Local\GCC\Controller.exe [8888](2013-12-0 00000000013a0000
---- Files - GMER 2.1 ----
File C:\Users\Chuck\AppData\Local\Temp\etilqs_JJ4r4mw731Ab2p8 2056 bytes
---- EOF - GMER 2.1 ----
Thank you!!!!
Hijack This Results:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:37:55 PM, on 3/6/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Users\Chuck\AppData\Local\Workspace\workspaceupdate.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Games\Risk\RiskSA.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
F:\Fix\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT3310511
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - (no file)
R3 - URLSearchHook: (no name) - {8e2479de-6096-41f3-90ab-83be9946aa2d} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: InternetHelper3.1 - {07cbf788-1359-421b-a4e3-5a8d041b90a3} - (no file)
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0002258 - {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll
O2 - BHO: MediaViewV1alpha753 - {26d1bf3e-ba83-43b4-b136-64d190f9c06c} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ie\MediaViewV1alpha753.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
O2 - BHO: LemurLeap - {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapBHO.dll
O2 - BHO: BetterSrf - {45277F9D-8C9C-4726-A558-D69AC740910E} - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ie\BetterSrf.dll
O2 - BHO: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (file missing)
O2 - BHO: SmARtCompare - {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.dll
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
O2 - BHO: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SweetPacks - {7e8a1050-cf67-4575-92df-dcc60e7d952d} - (no file)
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - (no file)
O2 - BHO: BetterSrf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll
O2 - BHO: InternetHelper3.7 - {8e2479de-6096-41f3-90ab-83be9946aa2d} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DefaultTabToolbarBHO - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.d ll (file missing)
O2 - BHO: MediaViewerV1alpha3789 - {a092d4b4-6ade-4660-af7c-203ee4594af4} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ie\MediaViewerV1alpha3789.dll
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - (no file)
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: PngToPaPTuConuvertt - {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.dll
O2 - BHO: WebexpEnhancedV1alpha92 - {d5f2d30f-2acd-4cd7-b551-4c8bdb9ba4ec} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha92\ie\WebexpEnhancedV1alpha92.d ll
O2 - BHO: KeyBar 1.14 - {da51d4f6-3e7e-4ef8-b400-9198e0874606} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: LyricsSing - {f585b32d-ae67-4b5d-afe0-89015b3a25be} - C:\Program Files (x86)\LyricSing\133.dll
O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Related Searches - {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\Apps\RelatedLinksBHO.d ll (file missing)
O4 - HKLM\..\Run: [jmekey] C:\windows\jmesoft\hotkey.exe
O4 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O4 - HKLM\..\Run: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
O4 - HKLM\..\Run: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
O4 - HKLM\..\Run: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Starfield Updater] "C:\Users\Chuck\AppData\Local\Workspace\WorkspaceUpdate.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Chuck\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [PC Health Kit] C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe
O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Severe Weather Alerts App.lnk = Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
O4 - Startup: Severe Weather Alerts.lnk = Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.3\ViProtocol.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\optimi~1\optpro~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: File Backup Service (File Backup) - Starfield Technologies - C:\Program Files (x86)\Workspace\offSyncService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: JME Keyboard Driver (JME Keyboard) - Unknown owner - C:\Windows\jmesoft\Service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files (x86)\PasswordBox\pbbtnService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update LemurLeap - Unknown owner - C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
O23 - Service: Util LemurLeap - Unknown owner - C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater17.1.3 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe (file missing)
O23 - Service: WajamUpdater - Wajam - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 20561 bytes
DDS Results
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2
Run by Chuck at 15:40:43 on 2014-03-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3944.1351 [GMT -6:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\rundll32.exe
C:\windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Workspace\offSyncService.exe
C:\Windows\jmesoft\Service.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe
C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\windows\system32\taskeng.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Users\Chuck\AppData\Local\Workspace\workspaceupdate.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\PC Health Kit\PCHKSmartScan.exe
C:\Program Files (x86)\PC Health Kit\PCHKReminder.exe
C:\Windows\jmesoft\hotkey.exe
C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
C:\Windows\jmesoft\JME_LOAD.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskeng.exe
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Games\Risk\RiskSA.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskmgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe
C:\windows\System32\WUDFHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Chuck\AppData\Local\GCC\Controller.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\windows\system32\taskhost.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN76054516726472136&UM=2&ctid=CT3310 511
uSearch Bar = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uSearch Page = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LEND&bmod=LEND
uProxyOverride = <local>
uSearchAssistant = hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=50b74421-cc00-47f6-a983-9bfe3796b1e9&searchtype=ds&q={searchTerms}&installDate=21/09/2013
uURLSearchHooks: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
uURLSearchHooks: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
mURLSearchHooks: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - <orphaned>
mURLSearchHooks: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
mURLSearchHooks: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
mURLSearchHooks: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: {07cbf788-1359-421b-a4e3-5a8d041b90a3} - <orphaned>
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: I Want This: {11111111-1111-1111-1111-110011221158} - C:\Program Files (x86)\I Want This\I Want This.dll
BHO: Media View: {26d1bf3e-ba83-43b4-b136-64d190f9c06c} - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ie\MediaViewV1alpha753.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrec ordplugin.dll
BHO: LemurLeap: {415419c3-dad0-4df1-ac37-22c72ad81878} - C:\Program Files (x86)\LemurLeap\LemurLeapBHO.dll
BHO: BetterSurf Plus V1: {45277F9D-8C9C-4726-A558-D69AC740910E} - C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ie\BetterSrf.dll
BHO: DealPly Shopping: {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} -
BHO: SmARtCompare: {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.dll
BHO: PasswordBox Helper: {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll
BHO: BetterSurf: {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {7e8a1050-cf67-4575-92df-dcc60e7d952d} - <orphaned>
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - LocalServer32 - <no file>
BHO: Better-Surf: {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll
BHO: {8e2479de-6096-41f3-90ab-83be9946aa2d} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -
BHO: Media Viewer: {a092d4b4-6ade-4660-af7c-203ee4594af4} - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ie\MediaViewerV1alpha3789.dll
BHO: {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - <orphaned>
BHO: Wajam: {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: PngToPaPTuConuvertt: {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.dll
BHO: Webexp Enhanced: {d5f2d30f-2acd-4cd7-b551-4c8bdb9ba4ec} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha92\ie\WebexpEnhancedV1alpha92.d ll
BHO: {da51d4f6-3e7e-4ef8-b400-9198e0874606} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: LyricsSing: {f585b32d-ae67-4b5d-afe0-89015b3a25be} - C:\Program Files (x86)\LyricSing\133.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} -
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Starfield Updater] "C:\Users\Chuck\AppData\Local\Workspace\WorkspaceUpdate.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Chuck\AppData\Local\Akamai\netsession_win.exe"
uRun: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
uRun: [PC Health Kit] C:\Program Files (x86)\PC Health Kit\PCHKLauncher.exe
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
uRun: [GoogleChromeAutoLaunch_9001C7D091CC23E7588EE40C1DFED158] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [jmekey] C:\windows\jmesoft\hotkey.exe
mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
mRun: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1
mRun: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1
mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [Iminent] C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
mRun: [IminentMessenger] C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\M YPCBA~1.LNK - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\O PENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\S EVERE~2.LNK - C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe
StartupFolder: C:\Users\Chuck\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\S EVERE~1.LNK - C:\Users\Chuck\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.43.1
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94} : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\7535D224 : DHCPNameServer = 166.102.165.11 166.102.165.13
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\84F4D454D273442323 : DHCPNameServer = 68.87.66.246 162.150.8.37
TCP: Interfaces\{019D8BBE-FE5E-4808-9A9A-8E9263E4DE94}\E45445745414253313 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{2B50D246-8962-42FB-B88F-D9C433650241} : DHCPNameServer = 192.168.2.1 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\optimi~1\optpro~1.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: SmARtCompare: {5D191057-EF05-8603-64F5-9C4AB9975009} - C:\ProgramData\SmARtCompare\r1bCChOo.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: PngToPaPTuConuvertt: {D18CD279-16D6-301B-2ED9-2682DC317A2D} - C:\ProgramData\PngToPaPTuConuvertt\wQJ4Ayf.x64.dll
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3315828&CUI=UN23580925597262071&UM=2&SearchSource=3& q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3324415&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPC2FAC AF5-426A-457A-9C9B-7EA76C0F9F58&SSPV=
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\np rndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\Chuck\AppData\Local\Roblox\Versions\version-afc74353f06542bd\NPRobloxProxy.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npoff.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npoff.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npoff64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npoff64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npwbe.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npwbe.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\plugins\npwbe64.dll
FF - plugin: C:\Users\Chuck\AppData\Roaming\Mozilla\Plugins\npwbe64.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - ExtSQL: 2014-02-04 10:52; {2ecad685-1644-4a6c-a1ca-055e8d6442fb}; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\{2ecad685-1644-4a6c-a1ca-055e8d6442fb}.xpi
FF - ExtSQL: 2014-02-25 15:03; ext@MediaViewerV1alpha3789.net; C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha3789\ff
FF - ExtSQL: 2014-02-27 12:57; hycdr@dakbd.org; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\hycdr@dakbd.org
FF - ExtSQL: 2014-02-27 12:57; 9zboodlc@ma.edu; C:\Users\Chuck\AppData\Roaming\Mozilla\Firefox\Profiles\3hnw3ken.default\ex tensions\9zboodlc@ma.edu
FF - ExtSQL: 2014-02-27 12:57; ext@MediaViewV1alpha753.net; C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha753\ff
FF - ExtSQL: !HIDDEN! 2013-07-08 15:45; {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}; C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-10-11 57952]
R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\windows\System32\drivers\ddcdrv.sys [2011-10-11 20832]
R1 avgtp;avgtp;C:\windows\System32\drivers\avgtpx64.sys [2013-10-18 46368]
R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-10-11 13408]
R2 70e6ca8c;Optimizer Pro Crash Monitor;C:\windows\System32\rundll32.exe [2009-7-13 45568]
R2 CltMngSvc;Search Protect by Conduit Service;C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [2014-3-3 2454816]
R2 File Backup;File Backup Service;C:\Program Files (x86)\Workspace\offSyncService.exe [2013-2-28 1187040]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2011-10-11 32768]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-11-1 67584]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-3-6 39056]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-10-11 2655768]
R2 Update LemurLeap;Update LemurLeap;C:\Program Files (x86)\LemurLeap\updateLemurLeap.exe [2013-8-31 111904]
R2 Util LemurLeap;Util LemurLeap;C:\Program Files (x86)\LemurLeap\bin\utilLemurLeap.exe [2013-10-5 111904]
R2 WajamUpdater;WajamUpdater;C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [2013-3-28 109064]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-11-19 317440]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-10-11 247400]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-10-11 947304]
S2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-9-19 38440]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 DefaultTabUpdate;DefaultTabUpdate;"C:\Users\Chuck\AppData\Roaming\defaultta b\defaulttab\dtupdate.exe" --> C:\Users\Chuck\AppData\Roaming\defaulttab\defaulttab\dtupdate.exe [?]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe --> c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [?]
S2 vToolbarUpdater17.1.3;vToolbarUpdater17.1.3;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.3\ToolbarUpdater.exe [?]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-2-26 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-17 1255736]
S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-03-05 11:29:09 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB99C0B1-7DAF-4244-9588-FF891F26B99E}\offreg.dll
2014-03-04 17:42:19 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB99C0B1-7DAF-4244-9588-FF891F26B99E}\mpengine.dll
2014-03-01 23:29:04 -------- d-----w- C:\Users\Chuck\AppData\Roaming\iWin
2014-03-01 23:28:26 -------- d-----w- C:\Program Files (x86)\Games
2014-02-27 23:28:11 22776944 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2014-02-27 23:28:10 93808 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2014-02-27 23:28:08 170960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2014-02-27 23:28:06 276592 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2014-02-27 23:28:04 872392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2014-02-27 23:28:03 152688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2014-02-27 23:28:01 28272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2014-02-27 23:28:00 18544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2014-02-27 18:57:56 -------- d-----w- C:\Program Files (x86)\MediaViewV1
2014-02-26 09:13:01 -------- d-----w- C:\windows\Migration
2014-02-25 21:42:28 -------- d-----w- C:\ProgramData\SmARtCompare
2014-02-25 21:42:16 -------- d-----w- C:\ProgramData\f00dfb973b9656dd
2014-02-25 21:42:10 -------- d-----w- C:\Users\Chuck\AppData\Local\Packages
2014-02-25 21:42:02 -------- d-----w- C:\ProgramData\PngToPaPTuConuvertt
2014-02-25 21:42:01 -------- d-----w- C:\ProgramData\dlppakcpdecjekapapjjpbnjmjblgila
2014-02-25 21:13:33 3928064 ----a-w- C:\windows\System32\d2d1.dll
2014-02-25 21:13:33 3419136 ----a-w- C:\windows\SysWow64\d2d1.dll
2014-02-25 21:13:33 2565120 ----a-w- C:\windows\System32\d3d10warp.dll
2014-02-25 21:13:33 1987584 ----a-w- C:\windows\SysWow64\d3d10warp.dll
2014-02-25 21:03:23 -------- d-----w- C:\Program Files (x86)\MediaViewerV1
2014-02-08 23:27:57 -------- d-----w- C:\Program Files (x86)\Turbine
2014-02-08 19:30:23 -------- d-----w- C:\Users\Chuck\AppData\Local\Chromium
2014-02-08 19:26:07 -------- d-----w- C:\Users\Chuck\AppData\Local\The Lord of the Rings Online
2014-02-08 17:45:36 -------- d-----w- C:\Users\Chuck\AppData\Local\Roblox
2014-02-08 17:15:32 -------- d-----w- C:\Users\Chuck\AppData\Local\Turbine
2014-02-08 17:15:16 4178264 ----a-w- C:\windows\SysWow64\D3DX9_41.dll
2014-02-08 17:15:09 235344 ----a-w- C:\windows\SysWow64\d3dx11_42.dll
2014-02-08 17:14:55 1974616 ----a-w- C:\windows\SysWow64\D3DCompiler_42.dll
2014-02-08 17:14:55 1892184 ----a-w- C:\windows\SysWow64\D3DX9_42.dll
2014-02-08 17:14:54 3495784 ----a-w- C:\windows\SysWow64\d3dx9_33.dll
2014-02-08 17:06:46 -------- d-----w- C:\ProgramData\Turbine
2014-02-08 17:06:17 -------- d-----w- C:\ProgramData\HappyCloud
2014-02-08 14:34:10 -------- d-----w- C:\windows\System32\MRT
2014-02-08 05:48:36 -------- d-----w- C:\Program Files (x86)\InstallConverter
2014-02-08 05:17:27 -------- d-----w- C:\Users\Chuck\AppData\Roaming\ParetoLogic
2014-02-08 05:17:27 -------- d-----w- C:\Users\Chuck\AppData\Roaming\DriverCure
2014-02-08 05:17:08 -------- d-----w- C:\ProgramData\ParetoLogic
2014-02-08 05:09:58 107520 ----a-w- C:\windows\SysWow64\zlib1.dll
2014-02-08 05:09:42 -------- d-----w- C:\Users\Chuck\AppData\Roaming\dll-files.com
2014-02-08 05:09:36 -------- d-----w- C:\ProgramData\Logs
2014-02-08 05:09:32 -------- d-----w- C:\Program Files (x86)\Dll-Files.com Fixer
2014-02-08 05:08:29 -------- d-----w- C:\Users\Chuck\AppData\Roaming\IDM2
2014-02-08 04:58:28 128000 ----a-w- C:\Program Files (x86)\Uninstall Information\97\3867\uninstall.exe
2014-02-08 04:58:18 -------- d-----w- C:\Users\Chuck\AppData\Roaming\PerformerSoft
2014-02-08 04:58:14 19392 ----a-w- C:\windows\System32\roboot64.exe
2014-02-08 04:58:14 -------- d-----w- C:\Program Files (x86)\77zip
2014-02-08 04:56:50 -------- d-----w- C:\Program Files (x86)\SearchProtect
.
==================== Find3M ====================
.
2014-02-25 22:23:19 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-25 22:23:19 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2014-02-06 11:30:46 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2014-02-04 08:39:36 829264 ----a-w- C:\windows\System32\msvcr100.dll
2014-02-04 08:39:36 608080 ----a-w- C:\windows\System32\msvcp100.dll
2013-12-21 09:53:45 548864 ----a-w- C:\windows\System32\vbscript.dll
2013-12-21 08:56:47 454656 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-12-18 12:13:56 270496 ------w- C:\windows\System32\MpSigStub.exe
.
============= FINISH: 15:42:15.10 ===============
DDS Attach Results
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/1/2012 11:08:54 AM
System Uptime: 2/28/2014 3:25:04 AM (156 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz | CPU 1 | 1584/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 674.715 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP115: 3/4/2014 11:41:29 AM - Windows Update
.
==== Installed Programs ======================
.
77zip
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
BetterSurf Plus V1
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
D3DX10
DealPly
DealPly (remove only)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Dll-Files Fixer
DMUninstaller
Free Opener
GDMO
GigaClicks Crawler
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
HandBrake 0.9.5
Happy Cloud Client
I Want This
Iminent
InstallConverter
InstallIQ Updater
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) Processor Graphics
InternetHelper3.1 Toolbar for IE
InternetHelper3.7 Toolbar for IE
Java 7 Update 45
Java Auto Updater
Java(TM) 6 Update 22
Java(TM) 6 Update 31
JFileManager
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Standard)
KeyBar 1.14 Toolbar
LemurLeap 3.0.0
Lenovo Driver and Application Installation
Lenovo Dynamic Brightness System
Lenovo EE Boot Optimizer
Lenovo Eye Distance System
Lenovo Power2Go
Lenovo Rescue System
Lenovo Tinian Fn PS/2 Keyboard Driver
Level Quality Watcher
Lightspark 0.5.3-git
LVT
LyricsSing
McAfee Security Scan Plus
Media View
Media Viewer
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mixxx 1.10.0
Mozilla Firefox 27.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MyPC Backup
Norton Security Scan
OpenOffice.org 3.3
Optimizer Pro v3.2
Origin
PC Health Kit v3.2
PngToPaPTuConuvertt
Pokemon Online 2.0.07
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Risk (remove only)
ROBLOX Player for Chuck
Search Protect
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 64-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
Severe Weather Alerts
SmARtCompare
Stamps.com
Star Wars: The Old Republic
SweetPacks Toolbar for IE
The Lord of the Rings Online
The Lord of the Rings Online v1200.0054.0447.4006
The Sims 3
The Sims 3 University Life
TurboTax 2011
TurboTax 2011 wiliper
TurboTax 2011 wilpbpm
TurboTax 2011 WinBizFedFormset
TurboTax 2011 WinBizReleaseEngine
TurboTax 2011 WinBizTaxSupport
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
TurboTax Business 2011
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2837583) 64-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition
Wajam
Webexp Enhanced
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Workspace Desktop
.
==== Event Viewer Messages From Past Week ========
.
3/6/2014 5:26:56 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
3/6/2014 3:26:00 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} and APPID {3EEF301F-B596-4C0B-BD92-013BEAFCE793} to the user Ripper\Chuck SID (S-1-5-21-2471097063-1945811626-1650287918-1001) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
3/6/2014 3:24:24 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR18.
2/28/2014 3:25:53 AM, Error: Service Control Manager [7000] - The vToolbarUpdater17.1.3 service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The McAfee SiteAdvisor Service service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The DefaultTabUpdate service failed to start due to the following error: The system cannot find the file specified.
2/28/2014 3:25:51 AM, Error: Service Control Manager [7000] - The Computer Backup (MyPC Backup) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/28/2014 2:49:30 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR5.
.
==== End Of File ===========================
GMER Results
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-03-06 16:44:50
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HDS721010CLA332 rev.JP4OA3FE 931.51GB
Running: h8chc2wt.exe; Driver: C:\Users\Chuck\AppData\Local\Temp\ufldrpoc.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002db4000 45 bytes [00, 00, 10, 02, 4D, 6D, 43, ...]
INITKDBG C:\windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002db402f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\windows\SysWOW64\rundll32.exe[1292] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765a1465 2 bytes [5A, 76]
.text C:\windows\SysWOW64\rundll32.exe[1292] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765a14bb 2 bytes [5A, 76]
.text ... * 2
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetWindowPos 0000000074ee8e4e 5 bytes JMP 0000000156b3b2f0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!ShowWindow 0000000074ef0dfb 5 bytes JMP 0000000156b3b280
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetFocus 0000000074ef2175 5 bytes JMP 0000000156b3b2d0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetActiveWindow 0000000074ef3208 5 bytes JMP 0000000156b3b340
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!BringWindowToTop 0000000074ef7b3b 5 bytes JMP 0000000156b3b1e0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SetForegroundWindow 0000000074f0f170 5 bytes JMP 0000000156b3b1b0
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!SwitchToThisWindow 0000000074f290fc 5 bytes JMP 0000000156b3b210
.text C:\Program Files (x86)\Origin\Origin.exe[3920] C:\windows\syswow64\USER32.dll!ShowWindowAsync 0000000074f47d97 5 bytes JMP 0000000156b3b230
.text C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe[3668] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765a1465 2 bytes [5A, 76]
.text C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe[3668] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765a14bb 2 bytes [5A, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6668] 000007fef1f5b528
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6672] 000007fef1e1b334
Thread C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [6652:6772] 000007fef1e1b334
---- Processes - GMER 2.1 ----
Process C:\Users\Chuck\AppData\Local\GCC\Controller.exe (*** suspicious ***) @ C:\Users\Chuck\AppData\Local\GCC\Controller.exe [192](2013-12-04 00000000013a0000
Process C:\Users\Chuck\AppData\Local\GCC\Controller.exe (*** suspicious ***) @ C:\Users\Chuck\AppData\Local\GCC\Controller.exe [8888](2013-12-0 00000000013a0000
---- Files - GMER 2.1 ----
File C:\Users\Chuck\AppData\Local\Temp\etilqs_JJ4r4mw731Ab2p8 2056 bytes
---- EOF - GMER 2.1 ----
Thank you!!!!