Xoftspyse - Satchfan [Solved] Options

[PattiChati]

You people on this forum are so fantastic. What do you do, come home from work and just sit at the computer all night to help people? That is unbelievable and such a charitable task. Do you have any idea how much money you save people. I made a donation when I was working with Satafan (sp), because I want this forum to continue. Will talk to you later and thank you SO much again, Patti

[jeffce]

Thanks for the kind words!

What do you do, come home from work and just sit at the computer all night to help people?

Well I can really only speak for myself but....yes that's pretty much what I do LOL!

I made a donation when I was working with Satafan (sp), because I want this forum to continue

Thank you Patti! That is very generous of you.

[PattiChati]

XOFTSOFT IS BACK!!!!

[jeffce]

XOFTSOFT IS BACK!!!!

Download CKScanner by askey127 from Here & save it to your Desktop.

• Right-click and Run as Administrator CKScanner.exe then click Search For Files
• When the cursor hourglass disappears, click Save List To File
• A message box will verify the file saved
• Double-click the CKFiles.txt icon on your desktop then copy/paste the contents in your next reply

[PattiChati]

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.MN.11.FRAPLP
----- EOF -----

[jeffce]

Ok....

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

• Disable any script blocking protection
• Right-click and Run as Administrator dds to run the tool.
• When done, two DDS.txt's will open.
• Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

[PattiChati]

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.5.0
Run by Patty at 12:22:56 on 2012-09-06
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3037.1430 [GMT -4:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Dwm.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\Program Files\ShadowExplorer\sesvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\igfxpers.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Office2010\Office14\ONENOTEM.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\Patty\Desktop\CKScanner.exe
C:\Program Files\Microsoft Office2010\Office14\WINWORD.EXE
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page =
mStart Page = hxxp://www.yahoo.com/?ilc=8&fr=mkg029
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mi4066~1\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\patty\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office2010\office14\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\eventp~1.lnk - c:\program files\creative home\hallmark card studio 2012 deluxe\planner\PLNRnote.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office2010\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office2010\office14\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://pcpitstop.com/betapit/PCPitStop.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
TCP: Interfaces\{B3E4F083-98BF-476A-B54A-CA975B5E2AAD} : DhcpNameServer = 24.247.15.53 66.189.0.100 24.178.162.3
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi4066~1\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\patty\appdata\roaming\mozilla\firefox\profiles\791mcddo.default-1346059307542\
FF - prefs.js: browser.startup.homepage - hxxp://us.mg5.mail.yahoo.com/neo/launch?.rand=dfcgl1kd68nre
FF - plugin: c:\progra~1\mi4066~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\mi4066~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\patty\appdata\local\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2012-8-21 16064]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-8-24 655944]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\program files\macrium\reflect\ReflectService.exe [2012-8-21 224960]
R2 sesvc;ShadowExplorer Service;c:\program files\shadowexplorer\sesvc.exe [2012-9-5 9216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-8-24 22344]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
R3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2012-8-21 53952]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-26 250568]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office2010\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-10 113120]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 74112]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952]
S3 PSVolAcc;PSVolAcc;c:\windows\system32\drivers\PSVolAcc.sys [2012-8-21 12992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-2-12 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-1 1343400]
.
=============== Created Last 30 ================
.
2012-09-06 01:59:10 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{baa24eba-a19f-4a58-821f-d4f973b46c02}\mpengine.dll
2012-09-05 21:17:35 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-05 16:12:30 7022536 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-01 18:44:05 -------- d-----w- c:\users\patty\appdata\local\temp
2012-09-01 18:35:31 98816 ----a-w- c:\windows\sed.exe
2012-09-01 18:35:31 518144 ----a-w- c:\windows\SWREG.exe
2012-09-01 18:35:31 256000 ----a-w- c:\windows\PEV.exe
2012-09-01 18:35:31 208896 ----a-w- c:\windows\MBR.exe
2012-09-01 15:57:28 -------- d-----w- c:\users\patty\appdata\local\Avanquest North America
2012-08-31 21:48:02 -------- d-----w- C:\_OTL
2012-08-31 13:43:12 4278384 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup-2\markup.dll
2012-08-31 13:42:58 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll
2012-08-27 03:05:05 73416 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-27 03:05:05 696520 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 23:43:47 -------- d-----w- c:\users\patty\appdata\local\NovaRegister
2012-08-24 23:42:09 -------- d-----w- c:\users\patty\appdata\local\HCSShell
2012-08-24 23:38:53 -------- d-----w- c:\users\patty\appdata\local\Creative Home
2012-08-24 19:56:57 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-24 06:06:15 -------- d-----w- c:\program files\ESET
2012-08-21 04:41:20 53952 ----a-w- c:\windows\system32\drivers\psmounter.sys
2012-08-21 04:41:20 16064 ----a-w- c:\windows\system32\drivers\pssnap.sys
2012-08-21 04:41:20 12992 ----a-w- c:\windows\system32\drivers\PSVolAcc.sys
2012-08-15 10:53:15 41984 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 10:53:15 102912 ----a-w- c:\windows\system32\browser.dll
2012-08-15 10:53:10 769024 ----a-w- c:\windows\system32\localspl.dll
2012-08-14 16:33:24 -------- d-----w- c:\users\patty\appdata\local\antiphishing-vmninternethelper1_1dn
2012-08-12 20:01:56 -------- d-----w- c:\users\patty\appdata\local\APN
2012-08-11 23:58:35 -------- d-----w- c:\users\patty\appdata\local\Apple Computer
2012-08-11 23:56:47 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-06 02:06:30 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-06 02:06:20 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-27 05:53:07 981504 ----a-w- c:\windows\system32\wininet.dll
2012-06-27 04:10:55 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-27 02:14:52 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2011-11-16 19:20:55 584192 ----a-w- c:\program files\OTL.exe
.
============= FINISH: 12:23:26.47 ===============

[PattiChati]

IT ONLY SHOWED ONE DDS FILE, JUST THE ONE THAT POPPED UP THAT I GAVE YOU ABOVR

[jeffce]

Please post the Attach.txt as well. It should have been created at the same time. If not run DDS again and be sure to save the Attach.txt log to your Desktop and then post it here.

When are you seeing the Xoftspyse (make sure that is spelled correctly).

[PattiChati]

All I get is the one report that pops up, I even shrink that down to see if there is one under it and there is not. XoftspySE

[PattiChati]

ok, it says I have to zip it up, HOW do I do that. The file was in my notepad!!!

[jeffce]

No you dont' need to zip it....just copy and paste the contents here.

[PattiChati]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2/10/2012 11:42:20 PM
System Uptime: 9/6/2012 5:32:50 AM (7 hours ago)
.
Motherboard: Dell Inc. | | 0P301D
Processor: Intel® Core™2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2795/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 298 GiB total, 223.254 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 932 GiB total, 588.127 GiB free.
K: is FIXED (NTFS) - 298 GiB total, 251.273 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: mbr
Device ID: ROOT\LEGACY_MBR\0000
Manufacturer:
Name: mbr
PNP Device ID: ROOT\LEGACY_MBR\0000
Service: mbr
.
==== System Restore Points ===================
.
RP200: 8/24/2012 3:36:12 PM - ComboFix created restore point
RP201: 8/24/2012 7:34:29 PM - Installed Hallmark Card Studio 2012 Deluxe.
RP202: 8/25/2012 5:45:02 PM - Windows Update
RP203: 8/26/2012 3:18:44 AM - Windows Backup
RP205: 8/26/2012 10:59:28 PM - Revo Uninstaller's restore point - Adobe Flash Player 11 ActiveX
RP207: 8/26/2012 11:00:23 PM - Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
RP208: 8/29/2012 11:28:14 AM - Windows Update
RP210: 8/30/2012 3:38:01 PM - Revo Uninstaller's restore point - Revo Uninstaller Pro 2.5.5
RP211: 8/30/2012 3:58:39 PM - OTL Restore Point - 8/30/2012 3:58:39 PM
RP212: 9/1/2012 2:35:34 PM - ComboFix created restore point
RP213: 9/1/2012 2:57:56 PM - Windows Update
RP214: 9/2/2012 10:44:20 AM - Windows Backup
RP215: 9/4/2012 4:01:08 PM - Windows Update
RP217: 9/5/2012 10:44:18 AM - Revo Uninstaller's restore point - ShadowExplorer 0.8
RP218: 9/5/2012 6:23:54 PM - Windows Backup
.
==== Installed Programs ======================
.
2010 Hallmark Registration Bonus Pack
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Photoshop Elements 2.0
Adobe Reader X (10.1.4)
Apple Application Support
Apple Software Update
Canon Easy-PhotoPrint EX
Canon MP Navigator 2.0
Canon MP Navigator EX 4.1
Canon MP500
CCleaner
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Download Manager
ERUNT 1.1j
ESET Online Scanner v3
Garmin Lifetime Updater
Hallmark Card Studio 2010 Deluxe
Hallmark Card Studio 2012 Deluxe
Java Auto Updater
Java™ 7 Update 5
Junk Mail filter update
Macrium Reflect Free Edition
Malwarebytes Anti-Malware version 1.62.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OGA Notifier 2.0.0048.0
Picasa 3
QuickTime
Revo Uninstaller 1.93
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
ShadowExplorer 0.8
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Verizon Wireless Software Upgrade Assistant - Samsung
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC)
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Yahoo! BrowserPlus 2.9.8
Zoosk Messenger
.
==== Event Viewer Messages From Past Week ========
.
9/5/2012 6:14:24 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
9/5/2012 5:16:23 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
9/5/2012 11:55:17 AM, Error: Microsoft-Windows-Eventlog [22] - The event logging service encountered an error while initializing publishing resources for channel DebugChannel. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.
9/4/2012 3:45:26 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
9/1/2012 2:39:27 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.234.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
8/31/2012 5:57:14 PM, Error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
8/31/2012 5:50:12 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
8/31/2012 5:50:12 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535.
8/31/2012 1:20:37 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.127.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402f Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
.
==== End Of File ===========================

[PattiChati]

xoftspySE is by PARATOLOGIC

[jeffce]

• Right-click and Run as Administrator SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  
  CODE
  :filefind
  *XoftspySE*
  *PARATOLOGIC*
  
  :folderfind
  *XoftspySE*
  *PARATOLOGIC*
  
  
• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt