theRadiantChild
Posts: 424 +0
Also, windows update is failing to install a security update. Here are the logs. Thanks!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.25.2
Run by dch at 20:15:59 on 2014-05-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1935.257 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebrmon64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\prevhost.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\TeamViewer.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\tv_w32.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\tv_x64.exe
c:\users\dch\appdata\local\temp\teamviewer\version9\TeamViewer_Desktop.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\klwtblfs.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://search.easylifeapp.com/
uURLSearchHooks: <No Name>: {c49c05de-8a8d-4024-81d6-ed6078ccf79d} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9eSrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Toolbar BHO: {a1abaf97-24b6-431c-80e9-63b9017637aa} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Search Assistant BHO: {cbbd60c5-3348-4abc-bad7-cd729cd396ff} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9eSrcAs.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
TB: FindMeFreebies: {158016B8-9589-42D6-8376-85AF1CA86781} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: FindMeFreebies: {158016b8-9589-42d6-8376-85af1ca86781} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
uRun: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [FindMeFreebies EPM Support] "C:\PROGRA~2\FINDME~2\bar\1.bin\9emedint.exe" T8EPMSUP.DLL,S
mRun: [FindMeFreebies_9e Browser Plugin Loader 64] C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebrmon64.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7781EF1B-39A1-43F1-87AC-D41AB26108A1} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\14E435D275C416E6 : DHCPNameServer = 216.136.95.2 64.132.94.250
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\84F6D656C616E646 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\8686F6E6F62737 : DHCPNameServer = 107.16.213.1 64.134.255.2 64.134.255.10
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://search.easylifeapp.com/
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - <orphaned>
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-5-2 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-5-2 178448]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2011-12-21 27760]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2011-12-21 38440]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-21 317440]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-5-2 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-5-2 29280]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2012-1-23 35840]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-12-21 158976]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
.
=============== Created Last 30 ================
.
2014-05-11 18:27:27 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{19188068-59BF-48AA-9FB8-3BA538C6D12A}\offreg.dll
2014-05-11 15:34:24 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-11 15:34:10 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-11 15:34:10 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-11 15:34:10 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-11 15:34:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-11 15:20:57 -------- d-----w- C:\Users\dch\AppData\Roaming\TeamViewer
2014-05-09 08:08:24 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{19188068-59BF-48AA-9FB8-3BA538C6D12A}\mpengine.dll
2014-05-08 08:02:09 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-07 08:04:01 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-07 08:04:01 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-06 00:19:08 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-06 00:19:08 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-03 13:32:08 -------- d-sh--w- C:\Users\dch\AppData\Local\EmieUserList
2014-05-03 13:32:08 -------- d-sh--w- C:\Users\dch\AppData\Local\EmieSiteList
2014-04-30 08:23:37 0 ----a-w- C:\Windows\SysWow64\sho529F.tmp
.
==================== Find3M ====================
.
2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH: 20:17:32.00 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/20/2012 3:29:20 PM
System Uptime: 5/11/2014 6:44:24 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0NVF5K
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 141.275 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP522: 4/19/2014 8:06:45 PM - Windows Update
RP523: 4/20/2014 3:00:52 AM - Windows Update
RP524: 4/21/2014 3:01:01 AM - Windows Update
RP525: 4/22/2014 3:00:15 AM - Windows Update
RP526: 4/23/2014 3:00:20 AM - Windows Update
RP527: 4/24/2014 3:00:21 AM - Windows Update
RP528: 4/25/2014 3:00:13 AM - Windows Update
RP529: 4/26/2014 3:00:53 AM - Windows Update
RP530: 4/27/2014 3:00:46 AM - Windows Update
RP531: 4/28/2014 3:00:49 AM - Windows Update
RP532: 4/29/2014 3:00:50 AM - Windows Update
RP533: 4/30/2014 3:01:01 AM - Windows Update
RP534: 5/1/2014 3:00:43 AM - Windows Update
RP535: 5/2/2014 3:00:34 AM - Windows Update
RP536: 5/3/2014 3:00:33 AM - Windows Update
RP537: 5/5/2014 7:17:29 PM - Windows Update
RP538: 5/6/2014 3:01:02 AM - Windows Update
RP539: 5/7/2014 3:00:46 AM - Windows Update
RP540: 5/8/2014 3:00:47 AM - Windows Update
RP541: 5/9/2014 3:00:55 AM - Windows Update
RP542: 5/11/2014 8:08:15 PM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.9)
BioAPI Framework
BitComet 1.35 64-bit
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CouponSupport
CyberLink PowerDVD 9.5
D3DX10
Dell Edoc Viewer
Dell Touchpad
DW WLAN Card Utility
Epson Event Manager
Epson FAX Utility
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
FindMeFreebies Internet Explorer Toolbar
ggreatsaoving
Google Chrome
Google Update Helper
GoToAssist Corporate
H&R Block Kentucky 2011
H&R Block Mississippi 2012
H&R Block Mississippi 2013
H&R Block Premium + Efile + State 2011
H&R Block Premium + Efile + State 2012
H&R Block Premium + Efile + State 2013
Intel(R) Control Center
Intel(R) Identity Protection Technology 1.1.2.0
Intel(R) Management Engine Components
Intel(R) Network Connections 16.5.2.0
Intel(R) Processor Graphics
Internet Explorer Toolbar 4.8 by SweetPacks
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 27 (64-bit)
join.me
Junk Mail filter update
Kaspersky Anti-Virus 2013
LUCkeyCoupoN
Malwarebytes Anti-Malware version 2.0.1.1004
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NeWSaver
O2Micro Flash Memory Card Windows Driver
Optimizer Pro v3.2
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
ShopAtHome.com Helper
Skype Click to Call
Skype™ 6.11
Snagit 10.0.2
Supporter 1.80
Upek Touchchip Fingerprint Reader
VLC media player 2.0.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/9/2014 8:29:06 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
5/9/2014 8:29:06 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
5/5/2014 7:22:05 PM, Error: Schannel [36887] - The following fatal alert was received: 80.
5/11/2014 8:13:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2839894).
5/11/2014 3:41:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PBADRV
5/11/2014 3:41:50 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Supporter service to connect.
5/11/2014 1:31:29 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
5/11/2014 1:30:45 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {C39EE728-D419-4BD4-A3EF-EDA059DBD935} as /. The error: "5" Happened while starting this command: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
.
==== End Of File ===========================
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.25.2
Run by dch at 20:15:59 on 2014-05-11
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1935.257 [GMT -5:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
SP: Kaspersky Anti-Virus *Enabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebrmon64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\prevhost.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\TeamViewer.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\tv_w32.exe
C:\Users\dch\AppData\Local\Temp\TeamViewer\Version9\tv_x64.exe
c:\users\dch\appdata\local\temp\teamviewer\version9\TeamViewer_Desktop.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\klwtblfs.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://search.easylifeapp.com/
uURLSearchHooks: <No Name>: {c49c05de-8a8d-4024-81d6-ed6078ccf79d} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9eSrcAs.dll
mWinlogon: Userinit = userinit.exe,
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll
BHO: Toolbar BHO: {a1abaf97-24b6-431c-80e9-63b9017637aa} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Search Assistant BHO: {cbbd60c5-3348-4abc-bad7-cd729cd396ff} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9eSrcAs.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} -
TB: FindMeFreebies: {158016B8-9589-42D6-8376-85AF1CA86781} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll
TB: FindMeFreebies: {158016b8-9589-42d6-8376-85af1ca86781} - C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebar.dll
uRun: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [FindMeFreebies EPM Support] "C:\PROGRA~2\FINDME~2\bar\1.bin\9emedint.exe" T8EPMSUP.DLL,S
mRun: [FindMeFreebies_9e Browser Plugin Loader 64] C:\Program Files (x86)\FindMeFreebies_9e\bar\1.bin\9ebrmon64.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:28
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{7781EF1B-39A1-43F1-87AC-D41AB26108A1} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\14E435D275C416E6 : DHCPNameServer = 216.136.95.2 64.132.94.250
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\16474777966696 : DHCPNameServer = 192.168.4.1 64.134.255.2 64.134.255.10
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\84F6D656C616E646 : DHCPNameServer = 192.168.2.1 74.128.19.102 74.128.17.114
TCP: Interfaces\{A531BFB7-2233-4F65-A8C7-A8CA091DF01B}\8686F6E6F62737 : DHCPNameServer = 107.16.213.1 64.134.255.2 64.134.255.10
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://search.easylifeapp.com/
x64-BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll
x64-BHO: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - <orphaned>
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-TB: Snagit: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2012-8-2 29792]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2013-5-2 54368]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2013-5-2 178448]
R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\accelern.sys [2011-12-21 27760]
R3 cvusbdrv;Dell ControlVault;C:\Windows\System32\drivers\cvusbdrv.sys [2011-12-21 38440]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-12-21 317440]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2013-5-2 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-5-2 29280]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2012-1-23 35840]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-12-21 158976]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
.
=============== Created Last 30 ================
.
2014-05-11 18:27:27 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{19188068-59BF-48AA-9FB8-3BA538C6D12A}\offreg.dll
2014-05-11 15:34:24 119512 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-11 15:34:10 88280 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-11 15:34:10 63192 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-11 15:34:10 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-11 15:34:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-11 15:20:57 -------- d-----w- C:\Users\dch\AppData\Roaming\TeamViewer
2014-05-09 08:08:24 10651704 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{19188068-59BF-48AA-9FB8-3BA538C6D12A}\mpengine.dll
2014-05-08 08:02:09 -------- d-s---w- C:\Windows\System32\CompatTel
2014-05-07 08:04:01 465408 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-07 08:04:01 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-05-06 00:19:08 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-06 00:19:08 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-03 13:32:08 -------- d-sh--w- C:\Users\dch\AppData\Local\EmieUserList
2014-05-03 13:32:08 -------- d-sh--w- C:\Users\dch\AppData\Local\EmieSiteList
2014-04-30 08:23:37 0 ----a-w- C:\Windows\SysWow64\sho529F.tmp
.
==================== Find3M ====================
.
2014-03-31 14:35:08 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
.
============= FINISH: 20:17:32.00 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/20/2012 3:29:20 PM
System Uptime: 5/11/2014 6:44:24 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0NVF5K
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz | CPU 1 | 792/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 286 GiB total, 141.275 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP522: 4/19/2014 8:06:45 PM - Windows Update
RP523: 4/20/2014 3:00:52 AM - Windows Update
RP524: 4/21/2014 3:01:01 AM - Windows Update
RP525: 4/22/2014 3:00:15 AM - Windows Update
RP526: 4/23/2014 3:00:20 AM - Windows Update
RP527: 4/24/2014 3:00:21 AM - Windows Update
RP528: 4/25/2014 3:00:13 AM - Windows Update
RP529: 4/26/2014 3:00:53 AM - Windows Update
RP530: 4/27/2014 3:00:46 AM - Windows Update
RP531: 4/28/2014 3:00:49 AM - Windows Update
RP532: 4/29/2014 3:00:50 AM - Windows Update
RP533: 4/30/2014 3:01:01 AM - Windows Update
RP534: 5/1/2014 3:00:43 AM - Windows Update
RP535: 5/2/2014 3:00:34 AM - Windows Update
RP536: 5/3/2014 3:00:33 AM - Windows Update
RP537: 5/5/2014 7:17:29 PM - Windows Update
RP538: 5/6/2014 3:01:02 AM - Windows Update
RP539: 5/7/2014 3:00:46 AM - Windows Update
RP540: 5/8/2014 3:00:47 AM - Windows Update
RP541: 5/9/2014 3:00:55 AM - Windows Update
RP542: 5/11/2014 8:08:15 PM - Windows Update
.
==== Installed Programs ======================
.
AccelerometerP11
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.9)
BioAPI Framework
BitComet 1.35 64-bit
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CouponSupport
CyberLink PowerDVD 9.5
D3DX10
Dell Edoc Viewer
Dell Touchpad
DW WLAN Card Utility
Epson Event Manager
Epson FAX Utility
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
FindMeFreebies Internet Explorer Toolbar
ggreatsaoving
Google Chrome
Google Update Helper
GoToAssist Corporate
H&R Block Kentucky 2011
H&R Block Mississippi 2012
H&R Block Mississippi 2013
H&R Block Premium + Efile + State 2011
H&R Block Premium + Efile + State 2012
H&R Block Premium + Efile + State 2013
Intel(R) Control Center
Intel(R) Identity Protection Technology 1.1.2.0
Intel(R) Management Engine Components
Intel(R) Network Connections 16.5.2.0
Intel(R) Processor Graphics
Internet Explorer Toolbar 4.8 by SweetPacks
Java 7 Update 25
Java Auto Updater
Java(TM) 6 Update 27 (64-bit)
join.me
Junk Mail filter update
Kaspersky Anti-Virus 2013
LUCkeyCoupoN
Malwarebytes Anti-Malware version 2.0.1.1004
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NeWSaver
O2Micro Flash Memory Card Windows Driver
Optimizer Pro v3.2
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
ShopAtHome.com Helper
Skype Click to Call
Skype™ 6.11
Snagit 10.0.2
Supporter 1.80
Upek Touchchip Fingerprint Reader
VLC media player 2.0.0
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
5/9/2014 8:29:06 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 107.
5/9/2014 8:29:06 AM, Error: Schannel [36874] - An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
5/5/2014 7:22:05 PM, Error: Schannel [36887] - The following fatal alert was received: 80.
5/11/2014 8:13:06 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070490: Security Update for Windows 7 for x64-based Systems (KB2839894).
5/11/2014 3:41:52 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PBADRV
5/11/2014 3:41:50 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Supporter service to connect.
5/11/2014 1:31:29 PM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Type with the following error: Access is denied.
5/11/2014 1:30:45 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {C39EE728-D419-4BD4-A3EF-EDA059DBD935} as /. The error: "5" Happened while starting this command: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
.
==== End Of File ===========================