Jump to content

friedgreen

Members
  • Posts

    13
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    Cambridge, WI
  1. Hey MrC... its all clean now, thanks to you !! What you do is absolutely amazing. Can't thank you enough. And can't repay you for everything you did. Just a little token of appreciation -- have a beer on me!
  2. MrCharlie, you are the best!! Swift response, patient and elaborate instructions that even a dummy like me could understand. Really, really appreciate everything you do. Many thanks to you !!

  3. MrC... here are the logs... fixlog.txt Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014Ran by FRIEDGREEN at 2014-04-05 13:22:53 Run:3Running from C:\Users\FRIEDGREEN\Desktop\FARBARBoot Mode: Normal============================================== Content of fixlist:*****************C:\Users\FRIEDGREEN\AppData\Roaming\OxyC:\Users\FRIEDGREEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OxyC:\windows\System32\Tasks\OxyC:\windows\System32\Tasks\PileFile reminderC:\windows\System32\Tasks\PileFile logon ***************** C:\Users\FRIEDGREEN\AppData\Roaming\Oxy => Moved successfully.C:\Users\FRIEDGREEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy => Moved successfully."C:\windows\System32\Tasks\Oxy" => File/Directory not found."C:\windows\System32\Tasks\PileFile reminder" => File/Directory not found."C:\windows\System32\Tasks\PileFile logon" => File/Directory not found. ==== End of Fixlog ==== checkup.txt Results of screen317's Security Check version 0.99.81 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! McAfee Anti-Virus and Anti-Spyware WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` JavaFX 2.1.1 Java 7 Update 51 Adobe Flash Player 12.0.0.77 Adobe Reader XI Google Chrome 33.0.1750.146 Google Chrome 33.0.1750.154 Google Chrome Plugins... ````````Process Check: objlist.exe by Laurent```````` McAfee Online Backup MOBKstat.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
  4. Hey MrC... it worked!! The Program and Features entries for Oxy and Pilefile are gone. The folder with the installer etc. still exists (see attached). Is it safe to just delete it? How do I search and destroy other folders like this, if they exist? Please let me know next steps... thanks !!
  5. When I run fix.reg, I get this message: The specified file is not a registry script. You can only import binary registry files from within the registry editor. So I took the liberty to import this from within regedit and got this message: The specified file is not a registry file. You can only import registry files. Please let me know what to do next. Thanks.
  6. Hey MrC... I think you did it !! The annoying Pilefile installer does not pop up on log on anymore. I was able to reset my browser home pages to my old settings. (and they stuck after I restarted... yahoo!) I still see Pilefile and Oxy under Programs and Features (see attached). When I try to uninstall them, it says "You don't have sufficient access to uninstall PileFile reminder / Oxy. Please contact your system administrator." Is there any way to get rid of them?
  7. Ok, I uninstalled Conduit (SearchProject)... FRST logs are attached. Addition.txt FRST.txt
  8. Hi MrC... here are the logs. fyi -- when I open Chrome now, it takes me to search.conduit.com. I haven't downloaded or installed ANYTHING new, except for the tools you have asked, so I am not sure where this thing came from. AdwCleaner[s0].txt # AdwCleaner v3.023 - Report created 03/04/2014 at 18:21:57 # Updated 01/04/2014 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : FRIEDGREEN - FRIEDGREEN-PC # Running from : C:\Users\FRIEDGREEN\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\AI_RecycleBin Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\ProgramData\WPM Folder Deleted : C:\windows\SysWOW64\AI_RecycleBin Folder Deleted : C:\Users\FRIEDGREEN\AppData\Local\apn Folder Deleted : C:\Users\FRIEDGREEN\AppData\Local\SearchProtect Folder Deleted : C:\Users\FRIEDGREEN\AppData\LocalLow\Toolbar4 Folder Deleted : C:\Users\FRIEDGREEN\AppData\Roaming\Babylon Folder Deleted : C:\Users\FRIEDGREEN\AppData\Roaming\Oxy Folder Deleted : C:\Users\FRIEDGREEN\AppData\Roaming\SupTab Folder Deleted : C:\Users\FRIEDGREEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Key Deleted : HKCU\Software\Escolade Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\supTab Key Deleted : HKLM\Software\supWPM Key Deleted : HKLM\Software\Trymedia Systems Key Deleted : HKLM\Software\Wpm Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Google Chrome v [ File : C:\Users\FRIEDGREEN\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [3935 octets] - [03/04/2014 18:15:07] AdwCleaner[s0].txt - [3908 octets] - [03/04/2014 18:21:57] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3968 octets] ########## The FRST logs are attached. Thanks for everything you are doing. ShaunAddition.txt FRST.txt
  9. Hi MrC... tried system restore... said it "didn't complete successfully"... restore point corrupt or something. So followed the steps in your instructions, the logs are below: reposting DDS.txt from earlier run: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2Run by FRIEDGREEN at 19:18:00 on 2014-04-01Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8104.5792 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}.============== Running Processes ===============.C:\windows\system32\lsm.exeC:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k LocalServiceC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k GPSvcGroupC:\windows\system32\svchost.exe -k NetworkServiceC:\windows\System32\spoolsv.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXEC:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXEC:\Windows\jmesoft\Service.exec:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exeC:\windows\system32\mfevtps.exeC:\Program Files\Microsoft LifeCam\MSCamS64.exec:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\McAfee\MSC\McAPExe.exeC:\Program Files\Common Files\McAfee\AMCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\windows\SysWOW64\rundll32.exeC:\windows\system32\rundll32.exeC:\windows\system32\taskhost.exeC:\windows\system32\Dwm.exeC:\windows\Explorer.EXEC:\windows\System32\rundll32.exeC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXEC:\Program Files (x86)\McAfee Online Backup\MOBKstat.exeC:\Program Files (x86)\NETGEAR\WPN111\wpn111.exeC:\windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\jmesoft\hotkey.exeC:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exeC:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exeC:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exeC:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exeC:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exeC:\Windows\jmesoft\JME_LOAD.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\Common Files\McAfee\Platform\mcuicnt.exeC:\Program Files (x86)\TeamViewer\Version9\tv_w32.exeC:\Program Files (x86)\TeamViewer\Version9\tv_x64.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\taskeng.exec:\PROGRA~2\mcafee\SITEAD~1\saui.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exeC:\windows\system32\sppsvc.exeC:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exeC:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\windows\System32\svchost.exe -k secsvcsC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files\McAfee\MAT\McPvTray.exeC:\windows\system32\wbem\wmiprvse.exec:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exeC:\windows\servicing\TrustedInstaller.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uSearch Bar = PreservemWinlogon: Userinit = userinit.exe,BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dllTB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllTB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dlluRun: [EPSON WorkForce 1100 Series] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIFEA.EXE /FU "C:\windows\TEMP\E_SF8B0.tmp" /EF "HKCU"uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"uRun: [Google Update] "C:\Users\FRIEDGREEN\AppData\Local\Google\Update\GoogleUpdate.exe" /cmRun: [jmekey] C:\windows\jmesoft\hotkey.exemRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exemRun: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1mRun: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1mRun: [setDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exemRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe"mRun: [updateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServicesmRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkeymRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRunOnce: [{91140000-0011-0000-0000-0000000FF1CE}] C:\windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HdRunOnce: [{90140000-0018-0409-0000-0000000FF1CE}] C:\windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:HStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Online Backup\MOBKstat.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WPN111\wpn111.exemPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllTCP: NameServer = 10.0.0.1TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424} : DHCPNameServer = 10.0.0.1TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}\26F6D626 : DHCPNameServer = 10.0.0.1TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}\37869647374796C6C6 : DHCPNameServer = 192.168.254.254Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dllFilter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exex64-Run: [igfxTray] C:\windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exex64-Run: [Persistence] C:\windows\System32\igfxpers.exex64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-12-8 57952]R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\windows\System32\drivers\ddcdrv.sys [2011-12-8 20832]R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-12-8 13408]R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\windows\System32\drivers\jswpslwfx.sys [2012-3-26 26624]R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-5-10 66040]R2 aksdf;aksdf;C:\windows\System32\drivers\aksdf.sys [2012-9-12 65024]R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928]R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2011-12-8 32768]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2014-3-30 140424]R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-5-11 178528]R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928]R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928]R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928]R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928]R2 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-9-26 74560]R2 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2013-8-7 311600]R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-5-11 1025712]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-8-27 219752]R2 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2013-8-7 783864]R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-8-27 185792]R2 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2013-8-7 344688]R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224]R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-7 4915040]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-8 2655768]R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2013-8-7 70592]R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-4-10 317440]R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2013-8-7 520696]R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2014-1-21 422712]R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\windows\System32\drivers\PCASp50a64.sys [2012-3-3 41280]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-12-8 247400]R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\windows\System32\drivers\WPN111vx.sys [2012-6-27 1075712]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2014-1-21 197704]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-13 111616]S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\D-Link\DWA-556 revA\jswpsapi.exe [2012-3-26 954368]S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2014-1-21 96592]S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\windows\System32\drivers\PCAMp50a64.sys [2012-3-3 43328]S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-3 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840]S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.FileExt: .txt: bftxtfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1"FileExt: .vbs: bfvbsfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1"FileExt: .js: bfjsfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1".=============== Created Last 30 ================.2014-04-01 10:42:09 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7D6FF86-5B4D-4DDF-AD34-6401DEFBF4CB}\mpengine.dll2014-03-30 18:01:38 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys2014-03-30 18:01:19 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys2014-03-30 18:01:19 63192 ----a-w- C:\windows\System32\drivers\mwac.sys2014-03-30 18:01:19 25816 ----a-w- C:\windows\System32\drivers\mbam.sys2014-03-30 18:01:19 -------- d-----w- C:\ProgramData\Malwarebytes2014-03-30 18:01:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware2014-03-30 18:00:51 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\Programs2014-03-30 16:40:08 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\SupTab2014-03-30 16:40:01 -------- d-----w- C:\ProgramData\WPM2014-03-30 16:38:56 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\key-find2014-03-29 23:32:50 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\21c37a63-8883-49bd-2ed5-6c2ed504d0af2014-03-29 23:32:07 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\SearchProtect2014-03-29 23:23:51 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\Oxy2014-03-13 10:41:45 624128 ----a-w- C:\windows\System32\qedit.dll2014-03-13 10:41:44 509440 ----a-w- C:\windows\SysWow64\qedit.dll2014-03-13 10:41:44 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll2014-03-13 10:41:43 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll2014-03-11 23:17:13 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll.==================== Find3M ====================.2014-03-12 00:56:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-03-12 00:56:35 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2014-03-01 05:17:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb2014-03-01 05:16:26 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll2014-03-01 04:52:55 66048 ----a-w- C:\windows\System32\iesetup.dll2014-03-01 04:51:59 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll2014-03-01 04:33:52 139264 ----a-w- C:\windows\System32\ieUnatt.exe2014-03-01 04:33:34 111616 ----a-w- C:\windows\System32\ieetwcollector.exe2014-03-01 04:32:59 708608 ----a-w- C:\windows\System32\jscript9diag.dll2014-03-01 04:23:49 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe2014-03-01 04:11:20 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb2014-03-01 03:54:33 5768704 ----a-w- C:\windows\System32\jscript9.dll2014-03-01 03:52:43 61952 ----a-w- C:\windows\SysWow64\iesetup.dll2014-03-01 03:51:53 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll2014-03-01 03:38:26 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe2014-03-01 03:37:35 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll2014-03-01 03:35:11 2041856 ----a-w- C:\windows\System32\inetcpl.cpl2014-03-01 03:14:15 4244480 ----a-w- C:\windows\SysWow64\jscript9.dll2014-03-01 03:10:28 2334208 ----a-w- C:\windows\System32\wininet.dll2014-03-01 03:00:08 1964032 ----a-w- C:\windows\SysWow64\inetcpl.cpl2014-03-01 02:32:16 1820160 ----a-w- C:\windows\SysWow64\wininet.dll2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys2014-01-29 02:32:18 484864 ----a-w- C:\windows\System32\wer.dll2014-01-29 02:06:47 381440 ----a-w- C:\windows\SysWow64\wer.dll2014-01-28 02:32:46 228864 ----a-w- C:\windows\System32\wwansvc.dll2014-01-27 14:43:26 70592 ----a-w- C:\windows\System32\drivers\cfwids.sys2014-01-27 14:37:32 344688 ----a-w- C:\windows\System32\drivers\mfewfpk.sys2014-01-27 14:37:08 185792 ----a-w- C:\windows\System32\mfevtps.exe2014-01-27 14:33:26 783864 ----a-w- C:\windows\System32\drivers\mfehidk.sys2014-01-27 14:31:34 520696 ----a-w- C:\windows\System32\drivers\mfefirek.sys2014-01-27 14:30:06 311600 ----a-w- C:\windows\System32\drivers\mfeavfk.sys2014-01-27 14:29:22 180272 ----a-w- C:\windows\System32\drivers\mfeapfk.sys2014-01-21 08:50:46 11336 ----a-w- C:\windows\System32\drivers\mfeclnrk.sys2014-01-21 08:50:24 96592 ----a-w- C:\windows\System32\drivers\mfencrk.sys2014-01-21 08:50:02 422712 ----a-w- C:\windows\System32\drivers\mfencbdc.sys2014-01-11 16:52:37 9006072 ----a-w- C:\ProgramData\TempMOBK-update-4ec82966293498cc5bd9350557ef54e8.exe2002-07-26 22:02:06 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE.============= FINISH: 19:18:41.12 =============== reposting attach.txt from earlier run: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 2/27/2012 8:45:05 PMSystem Uptime: 4/1/2014 7:11:26 PM (0 hours ago).Motherboard: LENOVO | | To be filled by O.E.M.Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 1838 GiB total, 1723.2 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}Description: McAfee Inc. mfeapfkDevice ID: ROOT\LEGACY_MFEAPFK\0000Manufacturer: Name: McAfee Inc. mfeapfkPNP Device ID: ROOT\LEGACY_MFEAPFK\0000Service: mfeapfk.==== System Restore Points ===================.RP177: 3/21/2014 7:28:06 PM - Windows UpdateRP178: 3/25/2014 5:35:16 AM - Windows UpdateRP179: 4/1/2014 5:41:29 AM - Windows Update.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)Adobe AIRAdobe Flash Player 12 ActiveXAdobe Flash Player 12 PluginAdobe Photoshop Lightroom 4.4 64-bitAdobe Reader XI (11.0.05)ALL-Cut LPT_Com X64Bluefish 2.2.1Canon IJ Network Scan UtilityCanon IJ Network ToolCanon MP Navigator EX 3.0Canon MP560 series MP DriversCorel Graphics - Windows Shell ExtensionCorel Graphics - Windows Shell Extension 32 BitCorelDRAW Graphics Suite X6CorelDRAW Graphics Suite X6 - BRCorelDRAW Graphics Suite X6 - CaptureCorelDRAW Graphics Suite X6 - CommonCorelDRAW Graphics Suite X6 - ConnectCorelDRAW Graphics Suite X6 - ContentCorelDRAW Graphics Suite X6 - Custom DataCorelDRAW Graphics Suite X6 - DrawCorelDRAW Graphics Suite X6 - ENCorelDRAW Graphics Suite X6 - ESCorelDRAW Graphics Suite X6 - FiltersCorelDRAW Graphics Suite X6 - FontNavCorelDRAW Graphics Suite X6 - FRCorelDRAW Graphics Suite X6 - IPMCorelDRAW Graphics Suite X6 - PHOTO-PAINTCorelDRAW Graphics Suite X6 - Photozoom PluginCorelDRAW Graphics Suite X6 - RedistCorelDRAW Graphics Suite X6 - Setup FilesCorelDRAW Graphics Suite X6 - VBACorelDRAW Graphics Suite X6 - VideoBrowserCorelDRAW Graphics Suite X6 - VSTACorelDRAW Graphics Suite X6 - Writing ToolsCoupon Printer for WindowsCouponBarCutePDF Writer 2.8D3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDropboxDWA-556EPSON WorkForce 1100 Series Printer UninstallGoogle ChromeGoogle DriveGoogle Update HelperGoToMeeting 5.1.0.880GreatCutHardlock Device DriversHotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)Inkscape 0.48.2Intel® Control CenterIntel® Management Engine ComponentsIntel® Network Connections DriversIntel® Processor GraphicsJava 7 Update 51Java Auto UpdaterJavaFX 2.1.1Junk Mail filter updateLenovo Blacksilk USB Keyboard DriverLenovo Driver and Application InstallationLenovo Dynamic Brightness SystemLenovo EE Boot OptimizerLenovo Eye Distance SystemLenovo Power2GoLenovo Rescue SystemLenovo ScreensaverLVTMalwarebytes Anti-Malware version 2.00.0.1000McAfee Online BackupMcAfee Total ProtectionMesh RuntimeMicrosoft .NET Framework 4.5.1Microsoft Application Error ReportingMicrosoft CorporationMicrosoft LifeCamMicrosoft Office 2010Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual Basic for Applications 7.1 (x86)Microsoft Visual Basic for Applications 7.1 (x86) EnglishMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual Studio Tools for Applications 2.0 - ENUMicrosoft Visual Studio Tools for Applications 2.0 RuntimeMSVCRTMSVCRT_amd64NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111Notepad++OxyPileFile reminderRealtek High Definition Audio DriverRealtek USB 2.0 Card ReaderSecurity Update for Microsoft .NET Framework 4.5.1 (KB2898869)Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553284) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2850016) 32-Bit EditionService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit EditionShared C Run-time for x64Skype™ 6.11TeamViewer 9Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit EditionUpdate for Microsoft InfoPath 2010 (KB2817369) 32-Bit EditionUpdate for Microsoft InfoPath 2010 (KB2817396) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589352) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2597087) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2825640) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2850079) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2863818) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2878225) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2837595) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687567) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2775360) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit EditionUpdate for Microsoft Visio 2010 (KB2878227) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2837593) 32-Bit EditionWindows 7 Codec Pack 4.0.3Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinSCP 4.3.9.==== Event Viewer Messages From Past Week ========.4/1/2014 7:11:49 PM, Error: Service Control Manager [7000] - The McAfee Inc. mfeapfk service failed to start due to the following error: The specified service does not exist.3/31/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}3/31/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}3/31/2014 6:05:23 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}3/31/2014 6:05:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}3/31/2014 6:05:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}3/31/2014 6:04:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BPntDrv DfsC discache JSWPSLWF MOBKFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.3/31/2014 5:43:50 AM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).3/31/2014 5:34:05 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer UNDERDAWG that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}. The master browser is stopping or an election is being forced.3/30/2014 4:19:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F}3/30/2014 4:12:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}3/30/2014 4:12:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}3/30/2014 4:11:00 PM, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM failed to start the TCP/IP or SPX/IPX listening thread3/30/2014 11:40:09 AM, Error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s).3/28/2014 10:18:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.3/28/2014 10:18:20 PM, Error: Service Control Manager [7000] - The McAfee Platform Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.3/28/2014 10:18:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}.==== End Of File =========================== RKReport[0]...txt: RogueKiller V8.8.15 _x64_ [Mar 27 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : FRIEDGREEN [Admin rights]Mode : Scan -- Date : 04/02/2014 21:31:45| ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 1 ¤¤¤[V2][sUSP PATH] PileFile logon : C:\Users\BIGRED~1\AppData\Local\Temp\FREE ETSY BOTDownload_D0A7\FREE_ETSY_BOT_Downloader.exe [7] -> FOUND ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) Hitachi HDS722020ALA330 ATA Device +++++--- User ---[MBR] 96e71c9a9043fd02a7eb69482ee5f335[bSP] f82b9fd3ee43ca8a3753917d7c223f1b : Windows 7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1881953 MB2 - [XXXXXX] COMPAQ (0x12) [VISIBLE] Offset (sectors): -440520704 | Size: 25675 MBUser = LL1 ... OK!User = LL2 ... OK! Finished : << RKreport[0]_S_04022014_213145.txt >>
  10. MrC... while creating a new restore point, I found a couple of older restore points that go well before when I got infected. Do you think restoring it the earliest point would help undo the infection? It would save us some time and bellyache, if that works. What do you recommend?
  11. MrCharlie: Thanks for the swift response. I have read and understood your instructions. Please give me some time to back up my data. I have quite a bit that needs to be backed up. I will reply when I have backed up my data and run the tools like you have instructed. Thank you again for your time and help. Shaun
  12. Hello Malware Fighter, The wife downloaded an "Etsy Bot" from an external link. Next thing, there's this Etsy Bot installer thing that pops up on boot up. It says Pilefile installer or something on it too. Did a Google search and didn't find much on Etsy Bot, but found a bunch of alarming stuff on Pilefile. At the same time, the default web page on IE11 and Chrome33.0 were set to Key-find.com, which turns out to be another annoying hijack. Ran Malwarebytes, it found nothing. And did I mention, my Windows 7 PC is already "secured" with McAfee Total Protection... right! This has been happening for the last 2 days and I'm at my wits end. Just noticed today, every time I would kill the Pilefile reminder, McAfee will flash -- trojan quarantined - Artemis! Seem related? So I followed the instructions, and below are my logs. Please help! Thank you. Shaun DDS.TXT DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16521 BrowserJavaVersion: 10.51.2 Run by FRIEDGREEN at 19:18:00 on 2014-04-01 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8104.5792 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE C:\Windows\jmesoft\Service.exe c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe C:\windows\system32\mfevtps.exe C:\Program Files\Microsoft LifeCam\MSCamS64.exe c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\McAfee\MSC\McAPExe.exe C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\SysWOW64\rundll32.exe C:\windows\system32\rundll32.exe C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\System32\rundll32.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE C:\Program Files (x86)\McAfee Online Backup\MOBKstat.exe C:\Program Files (x86)\NETGEAR\WPN111\wpn111.exe C:\windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\jmesoft\hotkey.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe C:\Windows\jmesoft\JME_LOAD.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\taskeng.exe c:\PROGRA~2\mcafee\SITEAD~1\saui.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe C:\windows\system32\sppsvc.exe C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\windows\system32\wbem\wmiprvse.exe c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\windows\servicing\TrustedInstaller.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mWinlogon: Userinit = userinit.exe, BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll uRun: [EPSON WorkForce 1100 Series] C:\windows\System32\spool\DRIVERS\x64\3\E_IATIFEA.EXE /FU "C:\windows\TEMP\E_SF8B0.tmp" /EF "HKCU" uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" uRun: [Google Update] "C:\Users\FRIEDGREEN\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [jmekey] C:\windows\jmesoft\hotkey.exe mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe mRun: [Lenovo Eye Distance System] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe 1 mRun: [Lenovo Dynamic Brightness System] C:\Program Files\Lenovo\Lenovo Brightness System\Lenovo Dynamic Brightness System.exe 1 mRun: [setDefaultSCR] C:\Program Files (x86)\Lenovo\Lenovo Screensaver\SetDefaultSCR.exe mRun: [CLMLServer] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe" mRun: [updateP2GoShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" dRunOnce: [{91140000-0011-0000-0000-0000000FF1CE}] C:\windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H dRunOnce: [{90140000-0018-0409-0000-0000000FF1CE}] C:\windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Online Backup\MOBKstat.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\WPN111\wpn111.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll TCP: NameServer = 10.0.0.1 TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424} : DHCPNameServer = 10.0.0.1 TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}\26F6D626 : DHCPNameServer = 10.0.0.1 TCP: Interfaces\{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}\37869647374796C6C6 : DHCPNameServer = 192.168.254.254 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R0 fbfmon;fbfmon;C:\windows\System32\drivers\fbfmon.sys [2011-12-8 57952] R0 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;C:\windows\System32\drivers\ddcdrv.sys [2011-12-8 20832] R1 BPntDrv;BPntDrv;C:\windows\System32\drivers\BPntDrv.sys [2011-12-8 13408] R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\windows\System32\drivers\jswpslwfx.sys [2012-3-26 26624] R1 MOBKFilter;MOBKFilter;C:\windows\System32\drivers\MOBK.sys [2012-5-10 66040] R2 aksdf;aksdf;C:\windows\System32\drivers\aksdf.sys [2012-9-12 65024] R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928] R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2011-12-8 32768] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2014-3-30 140424] R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2013-5-11 178528] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928] R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-5-11 328928] R2 McPvDrv;McPvDrv Driver;C:\windows\System32\drivers\McPvDrv.sys [2013-9-26 74560] R2 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\drivers\mfeavfk.sys [2013-8-7 311600] R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [2013-5-11 1025712] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2013-8-27 219752] R2 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\drivers\mfehidk.sys [2013-8-7 783864] R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-8-27 185792] R2 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\drivers\mfewfpk.sys [2013-8-7 344688] R2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224] R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-7 4915040] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-8 2655768] R3 cfwids;McAfee Inc. cfwids;C:\windows\System32\drivers\cfwids.sys [2013-8-7 70592] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-4-10 317440] R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\drivers\mfefirek.sys [2013-8-7 520696] R3 mfencbdc;McAfee Inc. mfencbdc;C:\windows\System32\drivers\mfencbdc.sys [2014-1-21 422712] R3 PCASp50a64;PCASp50a64 NDIS Protocol Driver;C:\windows\System32\drivers\PCASp50a64.sys [2012-3-3 41280] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-12-8 247400] R3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;C:\windows\System32\drivers\WPN111vx.sys [2012-6-27 1075712] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192] S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\drivers\HipShieldK.sys [2014-1-21 197704] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-3-13 111616] S3 jswpsapi;JumpStart Wi-Fi Protected Setup;C:\Program Files (x86)\D-Link\DWA-556 revA\jswpsapi.exe [2012-3-26 954368] S3 mfencrk;McAfee Inc. mfencrk;C:\windows\System32\drivers\mfencrk.sys [2014-1-21 96592] S3 PCAMp50a64;PCAMp50a64 NDIS Protocol Driver;C:\windows\System32\drivers\PCAMp50a64.sys [2012-3-3 43328] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-3-3 1255736] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464] S3 wsvd;wsvd;C:\windows\System32\drivers\wsvd.sys [2009-7-21 121840] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\System32\drivers\yk62x64.sys [2009-6-10 389120] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== File Associations =============== . FileExt: .txt: bftxtfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1" FileExt: .vbs: bfvbsfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1" FileExt: .js: bfjsfile="C:\Program Files (x86)\Bluefish\bluefish.exe" "%1" . =============== Created Last 30 ================ . 2014-04-01 10:42:09 10521840 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7D6FF86-5B4D-4DDF-AD34-6401DEFBF4CB}\mpengine.dll 2014-03-30 18:01:38 119512 ----a-w- C:\windows\System32\drivers\MBAMSwissArmy.sys 2014-03-30 18:01:19 88280 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys 2014-03-30 18:01:19 63192 ----a-w- C:\windows\System32\drivers\mwac.sys 2014-03-30 18:01:19 25816 ----a-w- C:\windows\System32\drivers\mbam.sys 2014-03-30 18:01:19 -------- d-----w- C:\ProgramData\Malwarebytes 2014-03-30 18:01:19 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-03-30 18:00:51 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\Programs 2014-03-30 16:40:08 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\SupTab 2014-03-30 16:40:01 -------- d-----w- C:\ProgramData\WPM 2014-03-30 16:38:56 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\key-find 2014-03-29 23:32:50 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\21c37a63-8883-49bd-2ed5-6c2ed504d0af 2014-03-29 23:32:07 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Local\SearchProtect 2014-03-29 23:23:51 -------- d-----w- C:\Users\FRIEDGREEN\AppData\Roaming\Oxy 2014-03-13 10:41:45 624128 ----a-w- C:\windows\System32\qedit.dll 2014-03-13 10:41:44 509440 ----a-w- C:\windows\SysWow64\qedit.dll 2014-03-13 10:41:44 1424384 ----a-w- C:\windows\System32\WindowsCodecs.dll 2014-03-13 10:41:43 1230336 ----a-w- C:\windows\SysWow64\WindowsCodecs.dll 2014-03-11 23:17:13 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll . ==================== Find3M ==================== . 2014-03-12 00:56:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-03-12 00:56:35 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2014-03-01 05:17:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb 2014-03-01 05:16:26 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll 2014-03-01 04:52:55 66048 ----a-w- C:\windows\System32\iesetup.dll 2014-03-01 04:51:59 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll 2014-03-01 04:33:52 139264 ----a-w- C:\windows\System32\ieUnatt.exe 2014-03-01 04:33:34 111616 ----a-w- C:\windows\System32\ieetwcollector.exe 2014-03-01 04:32:59 708608 ----a-w- C:\windows\System32\jscript9diag.dll 2014-03-01 04:23:49 940032 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe 2014-03-01 04:11:20 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb 2014-03-01 03:54:33 5768704 ----a-w- C:\windows\System32\jscript9.dll 2014-03-01 03:52:43 61952 ----a-w- C:\windows\SysWow64\iesetup.dll 2014-03-01 03:51:53 51200 ----a-w- C:\windows\SysWow64\ieetwproxystub.dll 2014-03-01 03:38:26 112128 ----a-w- C:\windows\SysWow64\ieUnatt.exe 2014-03-01 03:37:35 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll 2014-03-01 03:35:11 2041856 ----a-w- C:\windows\System32\inetcpl.cpl 2014-03-01 03:14:15 4244480 ----a-w- C:\windows\SysWow64\jscript9.dll 2014-03-01 03:10:28 2334208 ----a-w- C:\windows\System32\wininet.dll 2014-03-01 03:00:08 1964032 ----a-w- C:\windows\SysWow64\inetcpl.cpl 2014-03-01 02:32:16 1820160 ----a-w- C:\windows\SysWow64\wininet.dll 2014-02-07 01:23:30 3156480 ----a-w- C:\windows\System32\win32k.sys 2014-01-29 02:32:18 484864 ----a-w- C:\windows\System32\wer.dll 2014-01-29 02:06:47 381440 ----a-w- C:\windows\SysWow64\wer.dll 2014-01-28 02:32:46 228864 ----a-w- C:\windows\System32\wwansvc.dll 2014-01-27 14:43:26 70592 ----a-w- C:\windows\System32\drivers\cfwids.sys 2014-01-27 14:37:32 344688 ----a-w- C:\windows\System32\drivers\mfewfpk.sys 2014-01-27 14:37:08 185792 ----a-w- C:\windows\System32\mfevtps.exe 2014-01-27 14:33:26 783864 ----a-w- C:\windows\System32\drivers\mfehidk.sys 2014-01-27 14:31:34 520696 ----a-w- C:\windows\System32\drivers\mfefirek.sys 2014-01-27 14:30:06 311600 ----a-w- C:\windows\System32\drivers\mfeavfk.sys 2014-01-27 14:29:22 180272 ----a-w- C:\windows\System32\drivers\mfeapfk.sys 2014-01-21 08:50:46 11336 ----a-w- C:\windows\System32\drivers\mfeclnrk.sys 2014-01-21 08:50:24 96592 ----a-w- C:\windows\System32\drivers\mfencrk.sys 2014-01-21 08:50:02 422712 ----a-w- C:\windows\System32\drivers\mfencbdc.sys 2014-01-11 16:52:37 9006072 ----a-w- C:\ProgramData\TempMOBK-update-4ec82966293498cc5bd9350557ef54e8.exe 2002-07-26 22:02:06 153088 ----a-w- C:\Program Files (x86)\UNWISE.EXE . ============= FINISH: 19:18:41.12 =============== ATTACH.TXT . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 2/27/2012 8:45:05 PM System Uptime: 4/1/2014 7:11:26 PM (0 hours ago) . Motherboard: LENOVO | | To be filled by O.E.M. Processor: Intel® Core i5-2320 CPU @ 3.00GHz | CPU 1 | 3001/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1838 GiB total, 1723.2 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1} Description: McAfee Inc. mfeapfk Device ID: ROOT\LEGACY_MFEAPFK\0000 Manufacturer: Name: McAfee Inc. mfeapfk PNP Device ID: ROOT\LEGACY_MFEAPFK\0000 Service: mfeapfk . ==== System Restore Points =================== . RP177: 3/21/2014 7:28:06 PM - Windows Update RP178: 3/25/2014 5:35:16 AM - Windows Update RP179: 4/1/2014 5:41:29 AM - Windows Update . ==== Installed Programs ====================== . 7-Zip 9.20 (x64 edition) Adobe AIR Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Adobe Photoshop Lightroom 4.4 64-bit Adobe Reader XI (11.0.05) ALL-Cut LPT_Com X64 Bluefish 2.2.1 Canon IJ Network Scan Utility Canon IJ Network Tool Canon MP Navigator EX 3.0 Canon MP560 series MP Drivers Corel Graphics - Windows Shell Extension Corel Graphics - Windows Shell Extension 32 Bit CorelDRAW Graphics Suite X6 CorelDRAW Graphics Suite X6 - BR CorelDRAW Graphics Suite X6 - Capture CorelDRAW Graphics Suite X6 - Common CorelDRAW Graphics Suite X6 - Connect CorelDRAW Graphics Suite X6 - Content CorelDRAW Graphics Suite X6 - Custom Data CorelDRAW Graphics Suite X6 - Draw CorelDRAW Graphics Suite X6 - EN CorelDRAW Graphics Suite X6 - ES CorelDRAW Graphics Suite X6 - Filters CorelDRAW Graphics Suite X6 - FontNav CorelDRAW Graphics Suite X6 - FR CorelDRAW Graphics Suite X6 - IPM CorelDRAW Graphics Suite X6 - PHOTO-PAINT CorelDRAW Graphics Suite X6 - Photozoom Plugin CorelDRAW Graphics Suite X6 - Redist CorelDRAW Graphics Suite X6 - Setup Files CorelDRAW Graphics Suite X6 - VBA CorelDRAW Graphics Suite X6 - VideoBrowser CorelDRAW Graphics Suite X6 - VSTA CorelDRAW Graphics Suite X6 - Writing Tools Coupon Printer for Windows CouponBar CutePDF Writer 2.8 D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox DWA-556 EPSON WorkForce 1100 Series Printer Uninstall Google Chrome Google Drive Google Update Helper GoToMeeting 5.1.0.880 GreatCut Hardlock Device Drivers Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) Inkscape 0.48.2 Intel® Control Center Intel® Management Engine Components Intel® Network Connections Drivers Intel® Processor Graphics Java 7 Update 51 Java Auto Updater JavaFX 2.1.1 Junk Mail filter update Lenovo Blacksilk USB Keyboard Driver Lenovo Driver and Application Installation Lenovo Dynamic Brightness System Lenovo EE Boot Optimizer Lenovo Eye Distance System Lenovo Power2Go Lenovo Rescue System Lenovo Screensaver LVT Malwarebytes Anti-Malware version 2.00.0.1000 McAfee Online Backup McAfee Total Protection Mesh Runtime Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Corporation Microsoft LifeCam Microsoft Office 2010 Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual Basic for Applications 7.1 (x86) Microsoft Visual Basic for Applications 7.1 (x86) English Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual Studio Tools for Applications 2.0 - ENU Microsoft Visual Studio Tools for Applications 2.0 Runtime MSVCRT MSVCRT_amd64 NETGEAR RangeMax Wireless USB 2.0 Adapter WPN111 Notepad++ Oxy PileFile reminder Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Shared C Run-time for x64 Skype™ 6.11 TeamViewer 9 Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition Windows 7 Codec Pack 4.0.3 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinSCP 4.3.9 . ==== Event Viewer Messages From Past Week ======== . 4/1/2014 7:11:49 PM, Error: Service Control Manager [7000] - The McAfee Inc. mfeapfk service failed to start due to the following error: The specified service does not exist. 3/31/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 3/31/2014 6:06:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51} 3/31/2014 6:05:23 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 3/31/2014 6:05:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 3/31/2014 6:05:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 3/31/2014 6:05:16 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 3/31/2014 6:04:55 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD BPntDrv DfsC discache JSWPSLWF MOBKFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 3/31/2014 6:04:55 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 3/31/2014 5:43:50 AM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s). 3/31/2014 5:34:05 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer UNDERDAWG that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8B449D86-FF9D-46D6-B0E3-54A2A9ECD424}. The master browser is stopping or an election is being forced. 3/30/2014 4:19:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service VSS with arguments "" in order to run the server: {0B5A2C52-3EB9-470A-96E2-6C6D4570E40F} 3/30/2014 4:12:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 3/30/2014 4:12:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 3/30/2014 4:11:00 PM, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM failed to start the TCP/IP or SPX/IPX listening thread 3/30/2014 11:40:09 AM, Error: Service Control Manager [7034] - The Search Protect by Conduit Service service terminated unexpectedly. It has done this 1 time(s). 3/28/2014 10:18:20 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect. 3/28/2014 10:18:20 PM, Error: Service Control Manager [7000] - The McAfee Platform Services service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/28/2014 10:18:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7} . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.