Page 1 of 4 1234 LastLast
Results 1 to 10 of 38

Thread: Max Spyware defender

  1. 2014-02-13, 00:56 #1
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default Max Spyware defender

    Requested information follows. Used 7zip for attach.zip since native windows zip function not working on this desktop. working on some other user accounts; efforts to restart the zip function on this desktop failed. could not figure out how to save just the top portion of the spybot log file. I saved it all in a zip file; it is included in the Everything.zip file. The Everthing.zip folder contains all the informaation. As a side note the security center got turned off. Some dlls in the System 32 directory may also be corrupted. SFC scan run. Not sure if fixed everything.

    Edit: http://forums.spybot.info/showthread...230#post450230

    In an attempt to remove:
    Windows Control Panel uninstall
    DOS commands (rd and deltree. even with the hidden attribute turned on the directory could not be found)
    Microsoft security essentials
    Spybot 2.1 - I have a true Adminstrator account and run Spybot while logged in a Administrator
    Malware Anti Malware BYtes
    Combofix

    This is one tough bugger to remove

    DDS

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-02-12 15:26:42
    -----------------------------
    15:26:42.663 OS Version: Windows 6.0.6002 Service Pack 2
    15:26:42.663 Number of processors: 4 586 0x202
    15:26:42.663 ComputerName: JOHN-PC UserName: John
    15:26:43.474 Initialize success
    15:27:33.129 AVAST engine defs: 14021202
    15:27:44.330 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
    15:27:44.330 Disk 0 Vendor: WDC_WD16 08.0 Size: 152627MB BusType: 6
    15:27:44.330 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000060
    15:27:44.345 Disk 1 Vendor: ST310005 CC38 Size: 953869MB BusType: 6
    15:27:44.829 Disk 0 MBR read successfully
    15:27:44.844 Disk 0 MBR scan
    15:27:44.891 Disk 0 Windows VISTA default MBR code
    15:27:44.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 63
    15:27:44.969 Disk 0 scanning sectors +312576705
    15:27:45.546 Disk 0 scanning C:\Windows\system32\drivers
    15:28:29.975 Service scanning
    15:28:59.615 Service MpKsl6202fea2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23EFF374-4473-4671-B37C-E815B175D789}\MpKsl6202fea2.sys **LOCKED** 32
    15:29:34.372 Modules scanning
    15:29:43.670 Disk 0 trace - called modules:
    15:29:43.716 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
    15:29:43.732 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87fcbac8]
    15:29:43.748 3 CLASSPNP.SYS[8afc58b3] -> nt!IofCallDriver -> [0x86dc0cc0]
    15:29:43.763 5 acpi.sys[83c106bc] -> nt!IofCallDriver -> \Device\0000005f[0x86e04958]
    15:29:44.777 AVAST engine scan C:\Windows
    15:29:50.846 AVAST engine scan C:\Windows\system32
    15:40:16.578 AVAST engine scan C:\Windows\system32\drivers
    15:41:37.294 AVAST engine scan C:\Users\John
    15:56:33.609 AVAST engine scan C:\ProgramData
    16:18:46.078 Scan finished successfully
    16:19:30.007 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
    16:19:30.039 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"


    aswMBR

    aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
    Run date: 2014-02-12 15:26:42
    -----------------------------
    15:26:42.663 OS Version: Windows 6.0.6002 Service Pack 2
    15:26:42.663 Number of processors: 4 586 0x202
    15:26:42.663 ComputerName: JOHN-PC UserName: John
    15:26:43.474 Initialize success
    15:27:33.129 AVAST engine defs: 14021202
    15:27:44.330 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005f
    15:27:44.330 Disk 0 Vendor: WDC_WD16 08.0 Size: 152627MB BusType: 6
    15:27:44.330 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000060
    15:27:44.345 Disk 1 Vendor: ST310005 CC38 Size: 953869MB BusType: 6
    15:27:44.829 Disk 0 MBR read successfully
    15:27:44.844 Disk 0 MBR scan
    15:27:44.891 Disk 0 Windows VISTA default MBR code
    15:27:44.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152625 MB offset 63
    15:27:44.969 Disk 0 scanning sectors +312576705
    15:27:45.546 Disk 0 scanning C:\Windows\system32\drivers
    15:28:29.975 Service scanning
    15:28:59.615 Service MpKsl6202fea2 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{23EFF374-4473-4671-B37C-E815B175D789}\MpKsl6202fea2.sys **LOCKED** 32
    15:29:34.372 Modules scanning
    15:29:43.670 Disk 0 trace - called modules:
    15:29:43.716 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys nvstor32.sys
    15:29:43.732 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87fcbac8]
    15:29:43.748 3 CLASSPNP.SYS[8afc58b3] -> nt!IofCallDriver -> [0x86dc0cc0]
    15:29:43.763 5 acpi.sys[83c106bc] -> nt!IofCallDriver -> \Device\0000005f[0x86e04958]
    15:29:44.777 AVAST engine scan C:\Windows
    15:29:50.846 AVAST engine scan C:\Windows\system32
    15:40:16.578 AVAST engine scan C:\Windows\system32\drivers
    15:41:37.294 AVAST engine scan C:\Users\John
    15:56:33.609 AVAST engine scan C:\ProgramData
    16:18:46.078 Scan finished successfully
    16:19:30.007 Disk 0 MBR has been saved successfully to "C:\Users\John\Desktop\MBR.dat"
    16:19:30.039 The log file has been saved successfully to "C:\Users\John\Desktop\aswMBR.txt"
    Attached Files Attached Files
    Last edited by tashi; 2014-02-13 at 02:00. Reason: Added link to original topic
  2. 2014-02-13, 13:01 #2
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Let's see what we can do.

    Please copy and paste the logs to your replies.

    Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
    There are 6 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click and choose Run as Admin
    You only need to get one of them to run, not all of them.
    1. rkill.exe
    2. rkill.com
    3. rkill.scr
    4. rkill.pif
    5. WiNlOgOn.exe
    6. uSeRiNiT.exe


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    Please download Farbar Recovery Scan Tool <-- to your desktop

    (use correct version for your system.....Which system am I using?)

    and Tutorial
    http://www.geekstogo.com/forum/topic...ery-scan-tool/



    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  3. 2014-02-13, 22:01 #3
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default Max Spyware Defender - Julia - 2 separate posts required

    2 separate posts. one post exceeds the file size limit. Here we go. All the files you requested.

    rkill

    Rkill 2.6.5 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2014 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingcomputer.com/forums/topic308364.html

    Program started at: 02/13/2014 02:35:57 PM in x86 mode.
    Windows Version: Windows Vista (TM) Home Premium Service Pack 2

    Checking for Windows services to stop:

    * MaxMerger Stopped. [DoctoAntivirus-PUP]
    * MaxWatchDogService Stopped. [DoctoAntivirus-PUP]

    2 services stopped!

    Checking for processes to terminate:

    * No malware processes found to kill.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * No issues found.

    Checking Windows Service Integrity:

    * Windows Firewall (MpsSvc) is not Running.
    Startup Type set to: Disabled

    * Windows Firewall Authorization Driver (mpsdrv) is not Running.
    Startup Type set to: Manual

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * HOSTS file entries found:

    127.0.0.1 localhost

    Program finished at: 02/13/2014 02:37:07 PM
    Execution time: 0 hours(s), 1 minute(s), and 9 seconds(s)

    FRST

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
    Ran by John (administrator) on JOHN-PC on 13-02-2014 14:41:39
    Running from C:\Users\John\Desktop
    Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English(US)
    Internet Explorer Version 9
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/down...an-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/down...an-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
    (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    (Max Secure Software) C:\Program Files\Max Spyware Detector\MaxActMon.exe
    (Max Secure Software) C:\Program Files\Max Spyware Detector\MaxSDTray.exe
    (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
    (Max Secure Software) C:\Program Files\Max Spyware Detector\MaxUSBProc.exe
    (Microsoft Corporation) C:\Windows\ehome\ehtray.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    (Max Secure Software) C:\Program Files\Max Spyware Detector\MaxDBServer.exe
    (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
    (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Abine Inc.) C:\Program Files\DoNotTrackPlus\IE\DNTPService.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
    HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288 2011-10-07] (Logitech, Inc.)
    HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor)
    HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM\...\Run: [SDActiveMonitor] - C:\Program Files\Max Spyware Detector\MaxSDTray.exe [1091040 2014-02-07] (Max Secure Software)
    HKLM\...\Run: [MaxUSBProc] - C:\Program Files\Max Spyware Detector\MaxUSBProc.exe [447968 2014-02-07] (Max Secure Software)
    HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
    HKLM\...\Policies\Explorer: [HideSCAHealth] 0
    HKU\S-1-5-21-164766087-4118575548-873725582-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
    HKU\S-1-5-21-164766087-4118575548-873725582-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
    HKU\S-1-5-21-164766087-4118575548-873725582-1000\...\Policies\Explorer: [TaskbarNoNotification] 0
    Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir...ie&ar=iesearch
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    SearchScopes: HKCU - DefaultScope {65ACE837-41DC-4A8A-A9A9-B3F9164DF26C} URL = http://www.google.com/search?q={searchTerms}
    SearchScopes: HKCU - {65ACE837-41DC-4A8A-A9A9-B3F9164DF26C} URL = http://www.google.com/search?q={searchTerms}
    BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
    BHO: Do Not Track Me - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Program Files\DoNotTrackPlus\IE\DNTPAddon.dll (Abine Inc)
    BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKCU - No Name - {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No File
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
    DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/Driver...reqlab_nvd.cab
    DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} https://webvpn.ben.edu/+CSCOL+/relayp.cab
    DPF: {5DD00D19-478E-4086-BE54-616723EB8EC8} http://boa.menulink.net/americasbett.../MLInstall.ocx
    DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} http://www.nvidia.com/content/Driver...aSmartScan.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/ge...nt/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

    ========================== Services (Whitelisted) =================

    S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    S4 AdobeActiveFileMonitor8.0; C:\Program Files\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-09-06] (Adobe Systems Incorporated)
    S4 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
    S4 Cyphertite; C:\Program Files\Cyphertite\ctd.exe [2406248 2013-09-17] ()
    S4 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [61064 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
    S4 Guard Agent; C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe [23176 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
    S2 MaxMerger; C:\Program Files\Max Spyware Detector\MaxMerger.exe [307168 2014-02-07] (Max Secure Software)
    S2 MaxWatchDogService; C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe [651744 2014-02-07] (Max Secure Software)
    S4 MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
    S4 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [3947320 2012-07-12] (Trend Micro Inc.)
    S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
    S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
    S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
    S4 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

    ==================== Drivers (Whitelisted) ====================

    R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
    R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [50312 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
    R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [44680 2011-12-22] ()
    R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [17032 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
    R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [187016 2011-12-22] (CHENGDU YIWO Tech Development Co., Ltd)
    R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
    R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
    S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-02] (Logitech, Inc.)
    R0 MaxMgr; C:\Windows\System32\drivers\MaxMgr.sys [72160 2014-02-07] (Max Secure Software)
    R1 MaxProtector32; C:\Windows\System32\drivers\MaxProtector32.sys [85984 2014-02-07] (Max Secure Software)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
    R0 SDActMon; C:\Windows\System32\drivers\SDActMon.sys [123360 2014-02-07] (Max Secure Software)
    R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2010-12-28] (Acronis)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
    S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
    S3 catchme; \??\C:\Users\John\AppData\Local\Temp\catchme.sys [X]
    S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
    S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
    S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]
    S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
    S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
    S3 PTHDRBUS; system32\DRIVERS\PTHDRBUS.sys [X]
    S3 PTHDRMDM; system32\DRIVERS\PTHDRMDM.sys [X]
    S3 PTHDRVSP; system32\DRIVERS\PTHDRVSP.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-02-13 14:41 - 2014-02-13 14:42 - 00011558 _____ () C:\Users\John\Desktop\FRST.txt
    2014-02-13 14:39 - 2014-02-13 14:41 - 00000000 ____D () C:\FRST
    2014-02-13 14:39 - 2014-02-13 14:39 - 01141248 _____ (Farbar) C:\Users\John\Desktop\FRST.exe
    2014-02-13 14:35 - 2014-02-13 14:37 - 00002620 _____ () C:\Users\John\Desktop\Rkill.txt
    2014-02-13 14:35 - 2014-02-13 14:35 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\John\Desktop\rkill.exe
    2014-02-12 18:09 - 2014-02-05 02:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-02-12 18:09 - 2014-02-05 02:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-02-12 18:09 - 2014-02-05 02:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-02-12 18:09 - 2014-02-05 02:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-02-12 18:09 - 2014-02-05 02:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-02-12 18:09 - 2014-02-05 02:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-02-12 18:09 - 2014-02-05 02:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-02-12 18:09 - 2014-02-05 02:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-02-12 18:09 - 2014-02-05 02:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-02-12 18:09 - 2014-02-05 02:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-02-12 18:09 - 2014-02-05 02:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-02-12 18:09 - 2014-02-05 02:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-02-12 18:09 - 2014-02-05 02:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-02-12 18:09 - 2014-02-05 02:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-02-12 18:09 - 2014-02-05 02:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-02-12 18:09 - 2014-02-05 02:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-02-12 17:27 - 2014-02-12 17:27 - 00007453 _____ () C:\Users\Administrator\Desktop\Scan Results.140212-1701.zip
    2014-02-12 17:01 - 2014-02-12 17:01 - 00049118 _____ () C:\Users\Administrator\Desktop\Scan Results.140212-1701.txt
    2014-02-12 13:51 - 2014-02-12 13:51 - 04745728 _____ (AVAST Software) C:\Users\John\Desktop\aswMBR.exe
    2014-02-12 13:47 - 2014-02-12 13:47 - 00688992 ____R (Swearware) C:\Users\John\Desktop\dds.scr
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\UpdatusUser\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Mary\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Bethany\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\UpdatusUser\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Mary\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\John\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Bethany\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000000 ____D () C:\Program Files\ERUNT
    2014-02-12 13:21 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
    2014-02-12 13:00 - 2014-02-12 13:00 - 00016894 _____ () C:\ComboFix.txt
    2014-02-12 12:31 - 2014-02-12 13:42 - 00000000 ____D () C:\Windows\erdnt
    2014-02-11 18:21 - 2014-02-11 18:21 - 00000757 _____ () C:\Users\John\Desktop\070428Passwords - Shortcut.lnk
    2014-02-09 06:56 - 2014-02-09 06:56 - 00000866 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-02-09 06:56 - 2014-02-09 06:56 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-02-09 06:56 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-02-09 05:49 - 2014-02-13 14:35 - 00000000 ____D () C:\Windows\system32\WaitingForMerge
    2014-02-09 05:49 - 2014-02-09 05:58 - 00000000 ____D () C:\Windows\system32\SDLiveupdate
    2014-02-09 05:40 - 2014-02-12 18:44 - 00372916 _____ () C:\Windows\PFRO.log
    2014-02-08 22:33 - 2014-02-11 15:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DoNotTrackPlus
    2014-02-08 22:31 - 2014-02-12 17:06 - 00108454 _____ () C:\Windows\wininit.ini
    2014-02-08 19:37 - 2014-02-08 19:37 - 00001737 _____ () C:\Users\Public\Desktop\Max Spyware Detector.lnk
    2014-02-08 19:37 - 2014-02-04 20:04 - 00117248 _____ () C:\Windows\system32\MaxNative.exe
    2014-02-08 19:37 - 2013-10-17 08:39 - 00450660 ____R () C:\Windows\system32\Drivers\etc\hosts.backup
    2014-02-08 19:36 - 2014-02-08 22:31 - 00000000 ____D () C:\Program Files\Max Spyware Detector
    2014-02-08 19:36 - 2014-02-07 11:20 - 00123360 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00085984 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector32.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00077792 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector64.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00074208 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon2K.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00072160 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxMgr.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00068576 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProc64.sys
    2014-02-08 19:36 - 2014-02-07 11:20 - 00013280 _____ (Max Secure Software) C:\Windows\system32\Drivers\004.sys
    2014-02-08 19:33 - 2014-02-08 19:36 - 00000000 ____D () C:\ProgramData\Max Secure
    2014-02-08 19:28 - 2014-02-08 19:29 - 232949192 _____ (Max Secure Software ) C:\Users\John\Desktop\MaxSpywaredetector.exe
    2014-02-08 19:11 - 2014-02-08 19:11 - 00000000 ____D () C:\Users\John\AppData\Local\Max Secure Software
    2014-02-08 19:10 - 2014-02-08 19:11 - 00000000 ____D () C:\Users\John\AppData\Roaming\GetRightToGo
    2014-01-24 20:05 - 2014-01-24 20:05 - 00100944 _____ () C:\Users\John\Desktop\SketchUcationTools_v2.5.1.rbz
    2014-01-24 08:51 - 2014-01-24 08:53 - 00000000 ____D () C:\Users\John\AdobeLicensingFilesBackup
    2014-01-23 21:13 - 2014-02-12 21:09 - 00000000 ____D () C:\Users\John\AppData\Local\DoNotTrackPlus
    2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D () C:\Program Files\DoNotTrackPlus
    2014-01-23 12:38 - 2014-01-23 12:38 - 00000770 _____ () C:\Users\Public\Desktop\OneNote 2010 Sort Utility.lnk
    2014-01-23 12:38 - 2014-01-23 12:38 - 00000000 ____D () C:\Program Files\OneNote
    2014-01-17 20:32 - 2014-01-17 20:32 - 00000800 _____ () C:\Users\Public\Desktop\DriverTuner.lnk
    2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Program Files\DriverTuner
    2014-01-14 10:54 - 2014-02-01 17:47 - 00001436 _____ () C:\Windows\LkmdfCoInst.log
    2014-01-14 10:54 - 2014-02-01 17:47 - 00000170 _____ () C:\Windows\setupact.log
    2014-01-14 10:54 - 2014-01-14 10:54 - 00000000 _____ () C:\Windows\setuperr.log

    ==================== One Month Modified Files and Folders =======

    2014-02-13 14:42 - 2014-02-13 14:41 - 00011558 _____ () C:\Users\John\Desktop\FRST.txt
    2014-02-13 14:41 - 2014-02-13 14:39 - 00000000 ____D () C:\FRST
    2014-02-13 14:39 - 2014-02-13 14:39 - 01141248 _____ (Farbar) C:\Users\John\Desktop\FRST.exe
    2014-02-13 14:37 - 2014-02-13 14:35 - 00002620 _____ () C:\Users\John\Desktop\Rkill.txt
    2014-02-13 14:35 - 2014-02-13 14:35 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\John\Desktop\rkill.exe
    2014-02-13 14:35 - 2014-02-09 05:49 - 00000000 ____D () C:\Windows\system32\WaitingForMerge
    2014-02-13 14:08 - 2012-04-03 14:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-02-13 13:14 - 2006-11-02 06:52 - 01502898 _____ () C:\Windows\WindowsUpdate.log
    2014-02-13 13:06 - 2013-08-20 10:42 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
    2014-02-13 13:06 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-02-13 13:06 - 2006-11-02 06:47 - 00005344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2014-02-13 13:06 - 2006-11-02 06:47 - 00005344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2014-02-12 21:28 - 2010-07-28 19:21 - 00000012 _____ () C:\Windows\bthservsdp.dat
    2014-02-12 21:28 - 2006-11-02 07:01 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-02-12 21:09 - 2014-01-23 21:13 - 00000000 ____D () C:\Users\John\AppData\Local\DoNotTrackPlus
    2014-02-12 18:51 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2014-02-12 18:44 - 2014-02-09 05:40 - 00372916 _____ () C:\Windows\PFRO.log
    2014-02-12 18:20 - 2010-07-23 08:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-02-12 18:18 - 2013-07-12 10:29 - 00000000 ____D () C:\Windows\system32\MRT
    2014-02-12 18:14 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
    2014-02-12 18:11 - 2006-11-02 04:33 - 00756898 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-02-12 18:05 - 2013-06-17 14:54 - 00000000 ____D () C:\Users\John\Desktop\DesktopFolders
    2014-02-12 17:27 - 2014-02-12 17:27 - 00007453 _____ () C:\Users\Administrator\Desktop\Scan Results.140212-1701.zip
    2014-02-12 17:06 - 2014-02-08 22:31 - 00108454 _____ () C:\Windows\wininit.ini
    2014-02-12 17:01 - 2014-02-12 17:01 - 00049118 _____ () C:\Users\Administrator\Desktop\Scan Results.140212-1701.txt
    2014-02-12 14:28 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\LogFiles
    2014-02-12 13:51 - 2014-02-12 13:51 - 04745728 _____ (AVAST Software) C:\Users\John\Desktop\aswMBR.exe
    2014-02-12 13:47 - 2014-02-12 13:47 - 00688992 ____R (Swearware) C:\Users\John\Desktop\dds.scr
    2014-02-12 13:42 - 2014-02-12 12:31 - 00000000 ____D () C:\Windows\erdnt
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\UpdatusUser\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Mary\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Bethany\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000693 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\UpdatusUser\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Mary\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\John\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Bethany\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000674 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
    2014-02-12 13:38 - 2014-02-12 13:38 - 00000000 ____D () C:\Program Files\ERUNT
    2014-02-12 13:00 - 2014-02-12 13:00 - 00016894 _____ () C:\ComboFix.txt
    2014-02-12 13:00 - 2006-11-02 05:18 - 00000000 ___RD () C:\Users\Public
    2014-02-12 12:58 - 2006-11-02 04:23 - 00000215 _____ () C:\Windows\system.ini
    2014-02-11 18:21 - 2014-02-11 18:21 - 00000757 _____ () C:\Users\John\Desktop\070428Passwords - Shortcut.lnk
    2014-02-11 18:18 - 2012-04-03 14:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2014-02-11 18:18 - 2011-05-19 08:03 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2014-02-11 18:16 - 2006-11-02 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
    2014-02-11 18:14 - 2010-07-23 13:30 - 00000000 ____D () C:\Users\John\AppData\Roaming\Kuuho
    2014-02-11 15:23 - 2014-02-08 22:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\DoNotTrackPlus
    2014-02-09 06:57 - 2011-03-11 09:14 - 00000000 ____D () C:\Users\John\AppData\Roaming\Malwarebytes
    2014-02-09 06:56 - 2014-02-09 06:56 - 00000866 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-02-09 06:56 - 2014-02-09 06:56 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
    2014-02-09 06:53 - 2013-12-17 13:38 - 00264224 _____ () C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-02-09 05:58 - 2014-02-09 05:49 - 00000000 ____D () C:\Windows\system32\SDLiveupdate
    2014-02-09 05:40 - 2013-12-17 15:07 - 00798736 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-02-08 22:31 - 2014-02-08 19:36 - 00000000 ____D () C:\Program Files\Max Spyware Detector
    2014-02-08 21:45 - 2013-12-26 11:21 - 00264224 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-02-08 19:37 - 2014-02-08 19:37 - 00001737 _____ () C:\Users\Public\Desktop\Max Spyware Detector.lnk
    2014-02-08 19:36 - 2014-02-08 19:33 - 00000000 ____D () C:\ProgramData\Max Secure
    2014-02-08 19:29 - 2014-02-08 19:28 - 232949192 _____ (Max Secure Software ) C:\Users\John\Desktop\MaxSpywaredetector.exe
    2014-02-08 19:11 - 2014-02-08 19:11 - 00000000 ____D () C:\Users\John\AppData\Local\Max Secure Software
    2014-02-08 19:11 - 2014-02-08 19:10 - 00000000 ____D () C:\Users\John\AppData\Roaming\GetRightToGo
    2014-02-07 20:36 - 2010-07-22 21:39 - 00000000 ____D () C:\Users\John
    2014-02-07 11:20 - 2014-02-08 19:36 - 00123360 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00085984 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector32.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00077792 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector64.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00074208 _____ (Max Secure Software) C:\Windows\system32\Drivers\SDActMon2K.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00072160 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxMgr.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00068576 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProc64.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00013280 _____ (Max Secure Software) C:\Windows\system32\Drivers\004.sys
    2014-02-06 17:19 - 2010-09-02 16:59 - 00000000 ____D () C:\Users\John\AppData\Local\CrashDumps
    2014-02-05 02:58 - 2014-02-12 18:09 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-02-05 02:56 - 2014-02-12 18:09 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-02-05 02:53 - 2014-02-12 18:09 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-02-05 02:51 - 2014-02-12 18:09 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-02-05 02:50 - 2014-02-12 18:09 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-02-05 02:49 - 2014-02-12 18:09 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-02-05 02:49 - 2014-02-12 18:09 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
    2014-02-05 02:48 - 2014-02-12 18:09 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-02-05 02:48 - 2014-02-12 18:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2014-02-05 02:48 - 2014-02-12 18:09 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-02-05 02:48 - 2014-02-12 18:09 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-02-05 02:48 - 2014-02-12 18:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-02-05 02:47 - 2014-02-12 18:09 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-02-05 02:47 - 2014-02-12 18:09 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-02-05 02:47 - 2014-02-12 18:09 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-02-05 02:46 - 2014-02-12 18:09 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-02-04 20:04 - 2014-02-08 19:37 - 00117248 _____ () C:\Windows\system32\MaxNative.exe
    2014-02-01 17:47 - 2014-01-14 10:54 - 00001436 _____ () C:\Windows\LkmdfCoInst.log
    2014-02-01 17:47 - 2014-01-14 10:54 - 00000170 _____ () C:\Windows\setupact.log
    2014-02-01 17:46 - 2011-06-17 13:21 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
    2014-01-24 20:05 - 2014-01-24 20:05 - 00100944 _____ () C:\Users\John\Desktop\SketchUcationTools_v2.5.1.rbz
    2014-01-24 08:53 - 2014-01-24 08:51 - 00000000 ____D () C:\Users\John\AdobeLicensingFilesBackup
    2014-01-24 08:53 - 2011-04-01 10:39 - 00000000 ____D () C:\ProgramData\FLEXnet
    2014-01-23 21:12 - 2014-01-23 21:12 - 00000000 ____D () C:\Program Files\DoNotTrackPlus
    2014-01-23 12:38 - 2014-01-23 12:38 - 00000770 _____ () C:\Users\Public\Desktop\OneNote 2010 Sort Utility.lnk
    2014-01-23 12:38 - 2014-01-23 12:38 - 00000000 ____D () C:\Program Files\OneNote
    2014-01-23 11:24 - 2014-01-09 11:08 - 00000000 ____D () C:\Program Files\OneNote PowerToys
    2014-01-21 15:40 - 2013-03-03 19:11 - 00000000 ____D () C:\Program Files\SpywareBlaster
    2014-01-21 08:56 - 2010-08-08 18:44 - 00000000 ____D () C:\Users\John\AppData\Local\Adobe
    2014-01-19 01:32 - 2010-07-25 18:52 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2014-01-17 20:32 - 2014-01-17 20:32 - 00000800 _____ () C:\Users\Public\Desktop\DriverTuner.lnk
    2014-01-17 20:32 - 2014-01-17 20:32 - 00000000 ____D () C:\Program Files\DriverTuner
    2014-01-14 10:54 - 2014-01-14 10:54 - 00000000 _____ () C:\Windows\setuperr.log

    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\system32\winlogon.exe => MD5 is legit
    C:\Windows\system32\wininit.exe => MD5 is legit
    C:\Windows\system32\svchost.exe => MD5 is legit
    C:\Windows\system32\services.exe => MD5 is legit
    C:\Windows\system32\User32.dll => MD5 is legit
    C:\Windows\system32\userinit.exe => MD5 is legit
    C:\Windows\system32\rpcss.dll => MD5 is legit
    C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-02-13 13:15

    ==================== End Of Log ============================
  4. 2014-02-13, 22:02 #4
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default Max Spyware defender - Julia- 2 separate posts needed

    U]Additional[/u]

    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2014 01
    Ran by John at 2014-02-13 14:44:44
    Running from C:\Users\John\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

    ==================== Installed Programs ======================

    Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
    µTorrent (HKCU Version: 3.3.1.30017 - BitTorrent Inc.)
    7-Zip 9.20 (Version: - )
    Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.)
    Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
    Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
    Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 8.0 (Version: 8.0 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 8.0 (Version: 8.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop.com Inspiration Browser (Version: 3.02 - Adobe Systems Incorporated)
    Adobe Photoshop.com Inspiration Browser (Version: 3.02 - Adobe Systems Incorporated) Hidden
    Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
    Akamai NetSession Interface Service (Version: - )
    Apple Application Support (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft Magic-i Visual Effects 2 (Version: 2.0.11.138 - ArcSoft)
    ArcSoft WebCam Companion 3 (Version: 3.0.45.413 - ArcSoft)
    Bonjour (Version: 3.0.0.10 - Apple Inc.)
    Canon Easy-PhotoPrint EX (Version: 4.1.5 - Canon Inc.)
    Canon Easy-WebPrint EX (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scan Utility (Version: - )
    Canon IJ Network Tool (Version: - )
    CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9 - Canon Inc.)
    Canon MOV Decoder (Version: 1.8.0.7 - Canon Inc.)
    Canon MOV Encoder (Version: 1.7.0.3 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (Version: 3.8.0.5 - Canon Inc.)
    Canon MP Navigator EX 1.0 (Version: - )
    Canon MX700 series (Version: - )
    Canon My Printer (Version: 3.1.0 - Canon Inc.)
    Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10 - Canon Inc.)
    Canon Utilities Solution Menu (Version: - )
    CCleaner (Version: 4.07 - Piriform)
    Click to Call with Skype (Version: 5.6.8153 - Skype Technologies S.A.)
    Cyphertite (Version: 1.6.5 - Conformal Systems)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
    DesignPro 5 (Version: 5.5.708 - Avery Dennison)
    DesignPro 5 (Version: 5.5.708 - Avery Dennison) Hidden
    DHTML Editing Component (Version: 6.02.0001 - Microsoft Corporation)
    Do Not Track Me Add-on 2.2.9.1112 (Version: 2.2.9.1112 - Abine Inc)
    DriverTuner 3.1.0.1 (Version: 3.1.0.1 - LionSea SoftWare)
    EaseUS Todo Backup Free 4.0 (Version: 4.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
    EasyViewer (Version: 1.3.0.9 - MSI)
    EasyViewer (Version: 1.3.0.9 - MSI) Hidden
    eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ERUNT 1.1j (Version: - Lars Hederer)
    FileZilla Client 3.7.3 (Version: 3.7.3 - Tim Kosse)
    Forms To Go 4.5.4 (Version: - Bebosoft, Inc.)
    HP Button Manager (Version: 3.5.00 - Hewlett-Packard)
    HP Webcam User's Guide (Version: - Hewlett-Packard)
    ImgBurn (Version: 2.5.8.0 - LIGHTNING UK!)
    iTunes (Version: 11.1.3.8 - Apple Inc.)
    Java 7 Update 45 (Version: 7.0.450 - Oracle)
    Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    LinkedIn Outlook Connector (Version: 1.1.10.0 - LinkedIn)
    Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
    MailStore Home 5.0.0.6684 (Version: 5.0.0.6684 - deepinvent Software GmbH)
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
    Max Spyware Detector (Version: 19.0.2.045 - Max Secure Software)
    MenuLink Client (Version: 3.0.0 - Radiant Systems)
    Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Easy Assist v2 (Version: 8.1.6416.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (Version: 14.0.6123.5001 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Project MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft OneNote 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Outlook Social Connector 32-bit (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
    Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
    Musicnotes Software Suite 1.5.5 (Version: 1.5.5 - Musicnotes Inc.)
    NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation) Hidden
    NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62 - NVIDIA Corporation)
    NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
    NVIDIA Display Control Panel (Version: 6.14.11.9713 - NVIDIA Corporation)
    NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA Graphics Driver 307.83 (Version: 307.83 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
    NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
    NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    OneNote 2010 Sort Sections (Version: 1.0.0 - OneNote PowerToys)
    OneNote 2010 Sort Utility 0.9 (Version: - JR Software)
    PCI Soft Data Fax Modem with SmartCP (Version: - )
    Print Perfect Clip Art 50,000 DVD (Version: 9.0.23 - Cosmi Corporation)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    QuickTime (Version: 7.74.80.86 - Apple Inc.)
    Realtek Ethernet Controller Driver (Version: 6.250.908.2011 - Realtek)
    Realtek High Definition Audio Driver (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
    Serif DrawPlus X4 (Version: 11.0.3.023 - Serif (Europe) Ltd)
    Serif PagePlus X4 (Version: 14.0.5.027 - Serif (Europe) Ltd)
    Serif PagePlus X4 Resources (Version: 14.0.0.008 - Serif (Europe) Ltd)
    Serif Premium Template Pack 1 for WebPlus (Version: 12.0.0.012 - Serif (Europe) Ltd)
    Serif Premium Template Pack 2 for WebPlus (Version: 12.0.0.012 - Serif (Europe) Ltd)
    Serif Premium Template Pack for PagePlus (Version: 14.0.0.012 - Serif (Europe) Ltd)
    Serif WebPlus X6 (Version: 14.0.2.25 - Serif (Europe) Ltd)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
    SketchUp 2013 (Version: 13.0.4812 - Trimble Navigation Limited)
    Skype™ 5.10 (Version: 5.10.116 - Skype Technologies S.A.)
    Spybot - Search & Destroy (Version: 2.1.21 - Safer-Networking Ltd.)
    SpywareBlaster 5.0 (Version: 5.0.0 - BrightFort LLC)
    Super-Charger (Version: 1.2.019 - MSI)
    System Requirements Lab (Version: - )
    Trend Micro SafeSync (Version: 5.1.0.1173 - Trend Micro)
    TwInbox (remove only) (Version: - TechHit)
    Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Access 2007 Help (KB963663) (Version: - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
    Update for Microsoft Office Infopath 2007 Help (KB963662) (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
    Update for Microsoft Office Publisher 2007 Help (KB963667) (Version: - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (Version: - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (Version: - Microsoft)
    Web Buttons (Version: - )

    ==================== Restore Points =========================

    23-01-2014 17:23:56 Removed OneNote 2010 Sort Pages
    24-01-2014 02:50:41 Windows Update
    03-02-2014 13:49:41 Windows Update
    07-02-2014 02:58:02 Windows Update
    08-02-2014 06:29:27 Scheduled Checkpoint
    09-02-2014 01:38:31 Installed Spyware Detector
    09-02-2014 15:45:59 Scheduled Checkpoint
    12-02-2014 19:21:29 Windows Update
    12-02-2014 20:30:30 Windows Update
    13-02-2014 00:08:07 Windows Update

    ==================== Hosts content: ==========================

    2006-11-02 04:23 - 2014-02-12 12:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {1755199B-7DF5-414E-97CA-EE62D53193E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
    Task: {1BDE4B7C-A8E3-4F90-927A-49C2ADC386EE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {1EFA52F6-1A18-459E-B28E-C3C35FF40E4C} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {2EF2C1C5-E2E5-4797-AD33-0CE62F536432} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11] (Adobe Systems Incorporated)
    Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
    Task: {478889B8-13BD-4CE0-8C3A-6E4034B65A2B} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {673DAFD4-7AB8-4041-B699-EB4B737A538A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {79A225BD-093D-4B38-887E-C778F5895AA3} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {8235DCDD-B9D3-4BC8-BF4A-C488FB4D5975} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {8D83D191-92EE-4F07-B59E-759E2EB10590} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {A32BBB99-F496-486F-8F2A-BA0ACD56BACD} - System32\Tasks\{0E4EE223-21B2-43B9-AAE0-4B6D05A5677B} => C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
    Task: {B3DDBF57-8582-402A-84E2-0B0178465B60} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-07-27] ()
    Task: {F340897F-E6BA-4189-96B0-E589D925B792} - System32\Tasks\{2EBAFCDF-881D-45CB-BDAE-B510D0E5477B} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.120/e...toolbaroffered
    Task: {FBEA05BC-44D8-49DB-A4A9-11ED7A6FF7F4} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-08-07 13:25 - 2013-08-07 13:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2011-10-07 03:41 - 2011-10-07 03:41 - 00879896 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
    2013-08-20 10:41 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2013-08-20 10:41 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
    2014-01-23 21:12 - 2013-11-12 15:21 - 00614264 _____ () C:\Program Files\DoNotTrackPlus\IE\DNTPContentFilter.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    AlternateDataStreams: C:\Users\Bethany\Documents\College_of_DuPage.eml:OECustomProperty
    AlternateDataStreams: C:\Users\John\Documents\ProdDevEng.wpp:SummaryInformation
    AlternateDataStreams: C:\Users\John\Documents\ProdDevEng.wpp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

    ==================== Disabled items from MSCONFIG ==============

    MSCONFIG\Services: ACDaemon => 2
    MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AeLookupSvc => 2
    MSCONFIG\Services: Akamai => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: Cyphertite => 2
    MSCONFIG\Services: EaseUS Agent => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: Guard Agent => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: LBTServ => 3
    MSCONFIG\Services: MSI_SuperCharger => 2
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: nvUpdatusService => 2
    MSCONFIG\Services: OnlineStorageService => 3
    MSCONFIG\Services: SDScannerService => 2
    MSCONFIG\Services: SDUpdateService => 2
    MSCONFIG\Services: SDWSCService => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: Themes => 2
    MSCONFIG\Services: uCamMonitor => 2
    MSCONFIG\Services: WcesComm => 2
    MSCONFIG\Services: XAudioService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk => C:\Windows\pss\HP Button Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk => C:\Windows\pss\Monitor Apache Servers.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\John\AppData\Local\Akamai\netsession_win.exe"
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    MSCONFIG\startupreg: EaseUs Tray => "C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
    MSCONFIG\startupreg: EaseUs Watch => "C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
    MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: Super-Charger => C:\Program Files\MSI\Super-Charger\Super-Charger.exe
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft ISATAP Adapter #3
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Microsoft ISATAP Adapter #4
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Canon MX700 ser Network
    Description: Canon MX700 ser Network
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Canon
    Service: StillCam
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/12/2014 01:01:03 PM) (Source: EventSystem) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

    Error: (02/12/2014 00:32:26 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point on volume (Process = C:\Windows\system32\wbem\wmiprvse.exe; Descripton = ComboFix created restore point; Hr = 0x8007043c).

    Error: (02/12/2014 00:32:26 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c.


    Operation:
    Instantiating VSS server

    Error: (02/12/2014 00:32:26 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started during Safe Mode.
    The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c]


    Operation:
    Instantiating VSS server

    Error: (02/12/2014 00:30:30 PM) (Source: EventSystem) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

    Error: (02/11/2014 03:18:32 PM) (Source: Application Hang) (User: )
    Description: The program SDCleaner.exe version 2.1.18.110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: b24
    Start Time: 01cf276ec03cb45b
    Termination Time: 0

    Error: (02/09/2014 05:44:01 AM) (Source: Application Hang) (User: )
    Description: The program SDCleaner.exe version 2.1.18.110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: f38
    Start Time: 01cf258c2027ddaf
    Termination Time: 0

    Error: (02/08/2014 07:37:59 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {d887b91f-794c-441b-ba43-c7ab05415f97}

    Error: (02/06/2014 08:47:15 PM) (Source: Application Hang) (User: )
    Description: The program iexplore.exe version 9.0.8112.16526 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: da8
    Start Time: 01cf23aed219767d
    Termination Time: 0

    Error: (02/06/2014 05:19:56 PM) (Source: Application Error) (User: )
    Description: Faulting application Explorer.exe, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module SHELL32.dll, version 6.0.6002.18646, time stamp 0x4fd23a92, exception code 0xc0000005, fault offset 0x0003f2b0,
    process id 0x16f8, application start time 0xExplorer.exe0.


    System errors:
    =============
    Error: (02/13/2014 01:07:10 PM) (Source: Service Control Manager) (User: )
    Description: i8042prt

    Error: (02/12/2014 06:46:32 PM) (Source: Service Control Manager) (User: )
    Description: i8042prt

    Error: (02/12/2014 06:19:50 PM) (Source: Service Control Manager) (User: )
    Description: Windows Search%%1053

    Error: (02/12/2014 06:19:50 PM) (Source: Service Control Manager) (User: )
    Description: 30000Windows Search

    Error: (02/12/2014 06:19:50 PM) (Source: DCOM) (User: )
    Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Staging(Staging) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state


    Microsoft Office Sessions:
    =========================
    Error: (02/04/2014 03:54:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 508 seconds with 480 seconds of active time. This session ended with a crash.


    CodeIntegrity Errors:
    ===================================
    Date: 2014-02-13 14:42:45.013
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:43.875
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:42.705
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:41.613
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:40.536
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:39.491
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:38.461
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:37.416
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-12 12:37:22.928
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-12 12:37:22.132
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Percentage of memory in use: 39%
    Total physical RAM: 2814.32 MB
    Available physical RAM: 1697.45 MB
    Total Pagefile: 5861.1 MB
    Available Pagefile: 4661.01 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1899.45 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:149.05 GB) (Free:38.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:931.5 GB) (Free:843.13 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 4CBA4CB9)
    Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 932 GB) (Disk ID: D8FE33D1)
    Partition 2: (Active) - (Size=932 GB) - (Type=05)

    ==================== End Of Log
  5. 2014-02-13, 22:04 #5
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default Second post with Additional text -Julia- 2 post needed

    U]Additional[/u]

    ditional scan result of Farbar Recovery Scan Tool (x86) Version: 12-02-2014 01
    Ran by John at 2014-02-13 14:44:44
    Running from C:\Users\John\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

    ==================== Installed Programs ======================

    Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft)
    µTorrent (HKCU Version: 3.3.1.30017 - BitTorrent Inc.)
    7-Zip 9.20 (Version: - )
    Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.)
    Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
    Adobe Flash Player 11 Plugin (Version: 11.9.900.117 - Adobe Systems Incorporated)
    Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 8.0 (Version: 8.0 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 8.0 (Version: 8.0 - Adobe Systems Incorporated) Hidden
    Adobe Photoshop.com Inspiration Browser (Version: 3.02 - Adobe Systems Incorporated)
    Adobe Photoshop.com Inspiration Browser (Version: 3.02 - Adobe Systems Incorporated) Hidden
    Adobe Reader X (10.1.9) (Version: 10.1.9 - Adobe Systems Incorporated)
    Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
    Akamai NetSession Interface Service (Version: - )
    Apple Application Support (Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft Magic-i Visual Effects 2 (Version: 2.0.11.138 - ArcSoft)
    ArcSoft WebCam Companion 3 (Version: 3.0.45.413 - ArcSoft)
    Bonjour (Version: 3.0.0.10 - Apple Inc.)
    Canon Easy-PhotoPrint EX (Version: 4.1.5 - Canon Inc.)
    Canon Easy-WebPrint EX (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Network Scan Utility (Version: - )
    Canon IJ Network Tool (Version: - )
    CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2 - Canon Inc.)
    CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9 - Canon Inc.)
    Canon MOV Decoder (Version: 1.8.0.7 - Canon Inc.)
    Canon MOV Encoder (Version: 1.7.0.3 - Canon Inc.)
    Canon MovieEdit Task for ZoomBrowser EX (Version: 3.8.0.5 - Canon Inc.)
    Canon MP Navigator EX 1.0 (Version: - )
    Canon MX700 series (Version: - )
    Canon My Printer (Version: 3.1.0 - Canon Inc.)
    Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (Version: 1.0.0.10 - Canon Inc.)
    Canon Utilities Solution Menu (Version: - )
    CCleaner (Version: 4.07 - Piriform)
    Click to Call with Skype (Version: 5.6.8153 - Skype Technologies S.A.)
    Cyphertite (Version: 1.6.5 - Conformal Systems)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
    DesignPro 5 (Version: 5.5.708 - Avery Dennison)
    DesignPro 5 (Version: 5.5.708 - Avery Dennison) Hidden
    DHTML Editing Component (Version: 6.02.0001 - Microsoft Corporation)
    Do Not Track Me Add-on 2.2.9.1112 (Version: 2.2.9.1112 - Abine Inc)
    DriverTuner 3.1.0.1 (Version: 3.1.0.1 - LionSea SoftWare)
    EaseUS Todo Backup Free 4.0 (Version: 4.0.0.1 - CHENGDU YIWO Tech Development Co., Ltd)
    EasyViewer (Version: 1.3.0.9 - MSI)
    EasyViewer (Version: 1.3.0.9 - MSI) Hidden
    eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
    ERUNT 1.1j (Version: - Lars Hederer)
    FileZilla Client 3.7.3 (Version: 3.7.3 - Tim Kosse)
    Forms To Go 4.5.4 (Version: - Bebosoft, Inc.)
    HP Button Manager (Version: 3.5.00 - Hewlett-Packard)
    HP Webcam User's Guide (Version: - Hewlett-Packard)
    ImgBurn (Version: 2.5.8.0 - LIGHTNING UK!)
    iTunes (Version: 11.1.3.8 - Apple Inc.)
    Java 7 Update 45 (Version: 7.0.450 - Oracle)
    Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    LinkedIn Outlook Connector (Version: 1.1.10.0 - LinkedIn)
    Logitech SetPoint 6.32 (Version: 6.32.20 - Logitech)
    MailStore Home 5.0.0.6684 (Version: 5.0.0.6684 - deepinvent Software GmbH)
    Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
    Max Spyware Detector (Version: 19.0.2.045 - Max Secure Software)
    MenuLink Client (Version: 3.0.0 - Radiant Systems)
    Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
    Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
    Microsoft Easy Assist v2 (Version: 8.1.6416.0 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft)
    Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
    Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (Version: 14.0.6123.5001 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Project MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
    Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
    Microsoft OneNote 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0 - Microsoft Corporation)
    Microsoft Outlook Social Connector 32-bit (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Project Professional 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
    Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
    Musicnotes Software Suite 1.5.5 (Version: 1.5.5 - Musicnotes Inc.)
    NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation) Hidden
    NVIDIA 3D Vision Controller Driver 285.62 (Version: 285.62 - NVIDIA Corporation)
    NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
    NVIDIA Display Control Panel (Version: 6.14.11.9713 - NVIDIA Corporation)
    NVIDIA Drivers (Version: 1.10.62.40 - NVIDIA Corporation)
    NVIDIA Graphics Driver 307.83 (Version: 307.83 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
    NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
    NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
    OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
    OneNote 2010 Sort Sections (Version: 1.0.0 - OneNote PowerToys)
    OneNote 2010 Sort Utility 0.9 (Version: - JR Software)
    PCI Soft Data Fax Modem with SmartCP (Version: - )
    Print Perfect Clip Art 50,000 DVD (Version: 9.0.23 - Cosmi Corporation)
    PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
    QuickTime (Version: 7.74.80.86 - Apple Inc.)
    Realtek Ethernet Controller Driver (Version: 6.250.908.2011 - Realtek)
    Realtek High Definition Audio Driver (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
    Serif DrawPlus X4 (Version: 11.0.3.023 - Serif (Europe) Ltd)
    Serif PagePlus X4 (Version: 14.0.5.027 - Serif (Europe) Ltd)
    Serif PagePlus X4 Resources (Version: 14.0.0.008 - Serif (Europe) Ltd)
    Serif Premium Template Pack 1 for WebPlus (Version: 12.0.0.012 - Serif (Europe) Ltd)
    Serif Premium Template Pack 2 for WebPlus (Version: 12.0.0.012 - Serif (Europe) Ltd)
    Serif Premium Template Pack for PagePlus (Version: 14.0.0.012 - Serif (Europe) Ltd)
    Serif WebPlus X6 (Version: 14.0.2.25 - Serif (Europe) Ltd)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
    SketchUp 2013 (Version: 13.0.4812 - Trimble Navigation Limited)
    Skype™ 5.10 (Version: 5.10.116 - Skype Technologies S.A.)
    Spybot - Search & Destroy (Version: 2.1.21 - Safer-Networking Ltd.)
    SpywareBlaster 5.0 (Version: 5.0.0 - BrightFort LLC)
    Super-Charger (Version: 1.2.019 - MSI)
    System Requirements Lab (Version: - )
    Trend Micro SafeSync (Version: 5.1.0.1173 - Trend Micro)
    TwInbox (remove only) (Version: - TechHit)
    Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Access 2007 Help (KB963663) (Version: - Microsoft)
    Update for Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft)
    Update for Microsoft Office Infopath 2007 Help (KB963662) (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (Version: - Microsoft)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (Version: - Microsoft)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft)
    Update for Microsoft Office Publisher 2007 Help (KB963667) (Version: - Microsoft)
    Update for Microsoft Office Script Editor Help (KB963671) (Version: - Microsoft)
    Update for Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (Version: - Microsoft)
    Web Buttons (Version: - )

    ==================== Restore Points =========================

    23-01-2014 17:23:56 Removed OneNote 2010 Sort Pages
    24-01-2014 02:50:41 Windows Update
    03-02-2014 13:49:41 Windows Update
    07-02-2014 02:58:02 Windows Update
    08-02-2014 06:29:27 Scheduled Checkpoint
    09-02-2014 01:38:31 Installed Spyware Detector
    09-02-2014 15:45:59 Scheduled Checkpoint
    12-02-2014 19:21:29 Windows Update
    12-02-2014 20:30:30 Windows Update
    13-02-2014 00:08:07 Windows Update

    ==================== Hosts content: ==========================

    2006-11-02 04:23 - 2014-02-12 12:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {1755199B-7DF5-414E-97CA-EE62D53193E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
    Task: {1BDE4B7C-A8E3-4F90-927A-49C2ADC386EE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
    Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
    Task: {1EFA52F6-1A18-459E-B28E-C3C35FF40E4C} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {2EF2C1C5-E2E5-4797-AD33-0CE62F536432} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-11] (Adobe Systems Incorporated)
    Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
    Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
    Task: {478889B8-13BD-4CE0-8C3A-6E4034B65A2B} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {673DAFD4-7AB8-4041-B699-EB4B737A538A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {79A225BD-093D-4B38-887E-C778F5895AA3} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
    Task: {8235DCDD-B9D3-4BC8-BF4A-C488FB4D5975} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {8D83D191-92EE-4F07-B59E-759E2EB10590} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
    Task: {A32BBB99-F496-486F-8F2A-BA0ACD56BACD} - System32\Tasks\{0E4EE223-21B2-43B9-AAE0-4B6D05A5677B} => C:\Program Files\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
    Task: {B3DDBF57-8582-402A-84E2-0B0178465B60} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
    Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2010-07-27] ()
    Task: {F340897F-E6BA-4189-96B0-E589D925B792} - System32\Tasks\{2EBAFCDF-881D-45CB-BDAE-B510D0E5477B} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.120/e...toolbaroffered
    Task: {FBEA05BC-44D8-49DB-A4A9-11ED7A6FF7F4} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-08-07 13:25 - 2013-08-07 13:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
    2011-10-07 03:41 - 2011-10-07 03:41 - 00879896 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
    2013-08-20 10:41 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2013-08-20 10:41 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
    2014-01-23 21:12 - 2013-11-12 15:21 - 00614264 _____ () C:\Program Files\DoNotTrackPlus\IE\DNTPContentFilter.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    AlternateDataStreams: C:\Users\Bethany\Documents\College_of_DuPage.eml:OECustomProperty
    AlternateDataStreams: C:\Users\John\Documents\ProdDevEng.wpp:SummaryInformation
    AlternateDataStreams: C:\Users\John\Documents\ProdDevEng.wpp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}

    ==================== Safe Mode (whitelisted) ===================

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

    ==================== Disabled items from MSCONFIG ==============

    MSCONFIG\Services: ACDaemon => 2
    MSCONFIG\Services: AdobeActiveFileMonitor8.0 => 2
    MSCONFIG\Services: AdobeARMservice => 2
    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AeLookupSvc => 2
    MSCONFIG\Services: Akamai => 2
    MSCONFIG\Services: Bonjour Service => 2
    MSCONFIG\Services: Cyphertite => 2
    MSCONFIG\Services: EaseUS Agent => 2
    MSCONFIG\Services: FLEXnet Licensing Service => 3
    MSCONFIG\Services: Guard Agent => 2
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: LBTServ => 3
    MSCONFIG\Services: MSI_SuperCharger => 2
    MSCONFIG\Services: nvsvc => 2
    MSCONFIG\Services: nvUpdatusService => 2
    MSCONFIG\Services: OnlineStorageService => 3
    MSCONFIG\Services: SDScannerService => 2
    MSCONFIG\Services: SDUpdateService => 2
    MSCONFIG\Services: SDWSCService => 2
    MSCONFIG\Services: SkypeUpdate => 2
    MSCONFIG\Services: Themes => 2
    MSCONFIG\Services: uCamMonitor => 2
    MSCONFIG\Services: WcesComm => 2
    MSCONFIG\Services: XAudioService => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Button Manager.lnk => C:\Windows\pss\HP Button Manager.lnk.CommonStartup
    MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk => C:\Windows\pss\Monitor Apache Servers.lnk.Startup
    MSCONFIG\startupfolder: C:^Users^John^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\John\AppData\Local\Akamai\netsession_win.exe"
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
    MSCONFIG\startupreg: EaseUs Tray => "C:\Program Files\EaseUS\Todo Backup\bin\TrayNotify.exe"
    MSCONFIG\startupreg: EaseUs Watch => "C:\Program Files\EaseUS\Todo Backup\bin\EuWatch.exe"
    MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: Super-Charger => C:\Program Files\MSI\Super-Charger\Super-Charger.exe
    MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft ISATAP Adapter #3
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Microsoft ISATAP Adapter #4
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver

    Name: Canon MX700 ser Network
    Description: Canon MX700 ser Network
    Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Manufacturer: Canon
    Service: StillCam
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/12/2014 01:01:03 PM) (Source: EventSystem) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

    Error: (02/12/2014 00:32:26 PM) (Source: System Restore) (User: )
    Description: Failed to create restore point on volume (Process = C:\Windows\system32\wbem\wmiprvse.exe; Descripton = ComboFix created restore point; Hr = 0x8007043c).

    Error: (02/12/2014 00:32:26 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c.


    Operation:
    Instantiating VSS server

    Error: (02/12/2014 00:32:26 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started during Safe Mode.
    The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c]


    Operation:
    Instantiating VSS server

    Error: (02/12/2014 00:30:30 PM) (Source: EventSystem) (User: )
    Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

    Error: (02/11/2014 03:18:32 PM) (Source: Application Hang) (User: )
    Description: The program SDCleaner.exe version 2.1.18.110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: b24
    Start Time: 01cf276ec03cb45b
    Termination Time: 0

    Error: (02/09/2014 05:44:01 AM) (Source: Application Hang) (User: )
    Description: The program SDCleaner.exe version 2.1.18.110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: f38
    Start Time: 01cf258c2027ddaf
    Termination Time: 0

    Error: (02/08/2014 07:37:59 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {d887b91f-794c-441b-ba43-c7ab05415f97}

    Error: (02/06/2014 08:47:15 PM) (Source: Application Hang) (User: )
    Description: The program iexplore.exe version 9.0.8112.16526 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
    Process ID: da8
    Start Time: 01cf23aed219767d
    Termination Time: 0

    Error: (02/06/2014 05:19:56 PM) (Source: Application Error) (User: )
    Description: Faulting application Explorer.exe, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module SHELL32.dll, version 6.0.6002.18646, time stamp 0x4fd23a92, exception code 0xc0000005, fault offset 0x0003f2b0,
    process id 0x16f8, application start time 0xExplorer.exe0.


    System errors:
    =============
    Error: (02/13/2014 01:07:10 PM) (Source: Service Control Manager) (User: )
    Description: i8042prt

    Error: (02/12/2014 06:46:32 PM) (Source: Service Control Manager) (User: )
    Description: i8042prt

    Error: (02/12/2014 06:19:50 PM) (Source: Service Control Manager) (User: )
    Description: Windows Search%%1053

    Error: (02/12/2014 06:19:50 PM) (Source: Service Control Manager) (User: )
    Description: 30000Windows Search

    Error: (02/12/2014 06:19:50 PM) (Source: DCOM) (User: )
    Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Staging(Staging) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state

    Error: (02/12/2014 02:31:05 PM) (Source: Microsoft-Windows-Servicing) (User: John-PC)
    Description: Windows Servicing failed to complete the process of setting package KB2901113 (Security Update) into Resolved(Resolved) state


    Microsoft Office Sessions:
    =========================
    Error: (02/04/2014 03:54:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 508 seconds with 480 seconds of active time. This session ended with a crash.


    CodeIntegrity Errors:
    ===================================
    Date: 2014-02-13 14:42:45.013
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:43.875
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:42.705
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:41.613
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:40.536
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:39.491
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:38.461
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-13 14:42:37.416
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-12 12:37:22.928
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.

    Date: 2014-02-12 12:37:22.132
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\MaxProc64.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Percentage of memory in use: 39%
    Total physical RAM: 2814.32 MB
    Available physical RAM: 1697.45 MB
    Total Pagefile: 5861.1 MB
    Available Pagefile: 4661.01 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1899.45 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:149.05 GB) (Free:38.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: () (Fixed) (Total:931.5 GB) (Free:843.13 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 4CBA4CB9)
    Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 932 GB) (Disk ID: D8FE33D1)
    Partition 2: (Active) - (Size=932 GB) - (Type=05)

    ==================== End Of Log
  6. 2014-02-13, 22:35 #6
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    OK, that thing is in there tight!


    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

    start
    C:\Program Files\Max Spyware Detector\MaxActMon.exe
    C:\Program Files\Max Spyware Detector\MaxSDTray.exe
    C:\Program Files\Max Spyware Detector\MaxUSBProc.exe
    C:\Program Files\Max Spyware Detector\MaxDBServer.exe
    HKLM\...\Run: [SDActiveMonitor] - C:\Program Files\Max Spyware Detector\MaxSDTray.exe [1091040 2014-02-07] (Max Secure Software)
    HKLM\...\Run: [MaxUSBProc] - C:\Program Files\Max Spyware Detector\MaxUSBProc.exe [447968 2014-02-07] (Max Secure Software)
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
    BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Toolbar: HKCU - No Name - {71AAABE5-1F0F-11D7-BD6F-004854603DCE} - No File
    Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    S2 MaxMerger; C:\Program Files\Max Spyware Detector\MaxMerger.exe [307168 2014-02-07] (Max Secure Software)
    S2 MaxWatchDogService; C:\Program Files\Max Spyware Detector\MaxWatchDogService.exe [651744 2014-02-07] (Max Secure Software)
    R0 MaxMgr; C:\Windows\System32\drivers\MaxMgr.sys [72160 2014-02-07] (Max Secure Software)
    R1 MaxProtector32; C:\Windows\System32\drivers\MaxProtector32.sys [85984 2014-02-07] (Max Secure Software)
    R0 SDActMon; C:\Windows\System32\drivers\SDActMon.sys [123360 2014-02-07] (Max Secure Software)
    S3 catchme; \??\C:\Users\John\AppData\Local\Temp\catchme.sys [X]
    C:\ProgramData\Max Secure
    2014-02-08 19:28 - 2014-02-08 19:29 - 232949192 _____ (Max Secure Software ) C:\Users\John\Desktop\MaxSpywaredetector.exe
    2014-02-08 19:11 - 2014-02-08 19:11 - 00000000 ____D () C:\Users\John\AppData\Local\Max Secure Software
    2014-02-08 19:36 - 2014-02-08 19:33 - 00000000 ____D () C:\ProgramData\Max Secure
    2014-02-08 19:29 - 2014-02-08 19:28 - 232949192 _____ (Max Secure Software ) C:\Users\John\Desktop\MaxSpywaredetector.exe
    2014-02-08 19:11 - 2014-02-08 19:11 - 00000000 ____D () C:\Users\John\AppData\Local\Max Secure Software
    2014-02-07 11:20 - 2014-02-08 19:36 - 00085984 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector32.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00077792 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProtector64.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00072160 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxMgr.sys
    2014-02-07 11:20 - 2014-02-08 19:36 - 00068576 _____ (Max Secure Software) C:\Windows\system32\Drivers\MaxProc64.sys
    AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
    end
    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    ~~~~~~~~~~~~~~~~~~~
    please post
    Fixlog.txt)
    C:\AdwCleaner[S1].txt
    JRT.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  7. 2014-02-16, 04:57 #7
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default Saving to Farbar Recovery tool

    Juliet: I copied the material to the notepad and saved to desktop (that was easy). I have no idea what I sneed to do to save the text into the Farbar scan tool. Sorry. I assume you mean copy the file into the directory where Farbar is stored. If true where is Farbar stored? If not what specifically do I need todo o copy the text into the Farbar tool?

    Yes, I do agree, the program is in there tight.

    John


    Quote Originally Posted by Juliet View Post
    OK, that thing is in there tight!


    Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)


    Run FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system



    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.



    ~~~~~~~~~~~~~~~~~~~
    please post
    Fixlog.txt)
    C:\AdwCleaner[S1].txt
    JRT.txt
  8. 2014-02-16, 12:16 #8
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Running from C:\Users\John\Desktop
    Do you see the FRST icon on your desktop?

    After you saved my fix to notepad, and saved as fixlist.txt <--important
    move the fixlist.txt next to the icon, It needs to be saved Next to the "Farbar Recovery Scan Tool"

    Then open FRST/FRST64 and press the Fix button just once and wait.

    if this doesn't work let me know.
    Last edited by Juliet; 2014-02-16 at 13:51. Reason: typo
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
  9. 2014-02-18, 03:06 #9
    TechnoDino
    TechnoDino is offline
    Member
    Join Date
    May 2013
    Location
    Chicagoland, IL
    Posts
    41

    Default FRST results

    Juliet: Ran FRST tool. Also ran adwCleaner and JRT. You had recommended I run these. I put all the results in the attached zip file. You put a big dent in the beast but I think it is still hanging around. No longer an icon on the desk top or in the notification bar. The program still shows up when I looked in the program list using control panel. A second observation: JRT was denied access to 3 (maybe 4) registry entries while scanning. Sorry this is such a tough one. I do appreciate, very much, your help.

    John


    Quote Originally Posted by Juliet View Post
    Running from C:\Users\John\Desktop
    Do you see the FRST icon on your desktop?

    After you saved my fix to notepad, and saved as fixlist.txt <--important
    move the fixlist.txt next to the icon, It needs to be saved Next to the "Farbar Recovery Scan Tool"

    Then open FRST/FRST64 and press the Fix button just once and wait.

    if this doesn't work let me know.
    Attached Files Attached Files
  10. 2014-02-18, 12:03 #10
    Juliet
    Juliet is offline
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

    How to use ComboFix

    Download ComboFix from here:
    Link 1
    Link 2
    Link 3

    Place ComboFix.exe on your Desktop <--Important
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.
      You can get help on disabling your protection programs here
    • Double click on ComboFix.exe & follow the prompts.
    • You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)
    • Your desktop may go blank. This is normal. It will return when ComboFix is done. Combofix may need to reboot your computer more than once to do its job this is normal.
    • When finished, it shall produce a log for you. Post that log in your next reply

      Note:
      Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

      Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

      ---------------------------------------------------------------------------------------------
    • Ensure your AntiVirus and AntiSpyware applications are re-enabled.

      Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
      Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
      ---------------------------------------------------------------------------------------------
    • If there are Internet issues after running ComboFix:
      Internet Explorer:
      Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" and check to "Automatically detect settings". Also clear any proxy address and port. ok, apply (only if applicable), ok.
      Firefox:
      Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection. "No Proxy" should be selected, unless you have one set up yourself.
      Chrome:
      Select -> Tools menu -> then "Options", then go to "Change Proxy Settings", then "LAN Settings" , then take out the check mark for "Use a proxy server for your LAN" if set, unless you set this up yourself.
      Safari
      Launch Safari
      Go to general settings menu
      Then in Preferences/ Advanced
      Then on line click Proxies change settings ...
      Click Internet Options, then click the Connections tab, click Network Settings.
      Disable option (uncheck) for the use of proxy server ...
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules