Inactive Suspicious apps enabled at startup called "Program" and "NA"

[Inactive] Suspicious apps enabled at startup called "Program" and "NA "

Hello my talented friends,

A few weeks ago, when I started work on Monday morning, I noticed my PC wasn’t acting quite right. It kept freezing up here and there. As the days went by it slowly got worse "“ freezing more often and freezing for longer periods of time. If I left my computer for more than 20 minutes or so, I would come back to a blue screen: "your PC ran into a problem and needs to restart." Sometimes a random app would crash (off the top of my head, Firefox, Thunderbird, Excel and Windows SRS were some of the apps that crashed). Sometimes the system would freeze up for long enough that I’d eventually give up and have to hold down the power button. Usually, once an app is frozen, attempting to perform a task in another app, or attempting to open another app (such as Task Manager) will cause the entire system to freeze (but I should note that’s the way Windows 8 has always been for me since the that day I bought this computer brand new; ctrl+alt+delete does nothing until whatever is frozen unfreezes).

I came to the conclusion I had a bad hard drive. Here’s why: When I would try to go back to a previous restore point, it would fail because it could not extract certain files; when I tried backing up all of my important files, dozens of them failed because the source files could not be read; and when I checked the hard drive for system errors via right-clicking it, it found errors that could not be repaired. Also, HP Support Assistant gave me some kind of warning that some tool that is supposed to lock down your hard drive when it senses your computer has taken a jolt, failed at some point during the weekend before all this started.

I backed up everything I could then ran chkdsk /f /r /x from the command line. When it was finished, my machine was super fast and glitch-free again. This only lasted for a day or two. For the past two weeks, I’ve been having issues with apps freezing up (but not in the same manner as before "“ just lots of freezing without crashing, and no system crashes). Normally, I’d take off to buy a new hard drive at this point, but I noticed something strange:

An error popped up notifying me that some of the apps that are enabled to run at startup are causing my system to run slowly, so I took a look. There were apps enabled that have strange names such as "NA" and "Program" with no publisher. When you right-click them, the file location and properties are grayed out.

Also, after I disabled them there was a noticeable improvement in my system’s performance "“ fewer freezes. The system is still running like ****, just not as bad.

Maybe I have a bad hard drive AND malware? The thing is, the problems aren’t progressively getting worse as would be indicative of a bad hard drive; it’s steady. And I can’t find a corrupt file to save my life. Meanwhile, I’ve got programs freezing and very suspicious apps trying to run. Before I waste money on a new hard drive and have to go through all the pain of reinstalling everything, I want to make sure it isn’t some virus that caused this mess.

Since this post is already ridiculously long, I’ll post the logs in another post in a few seconds. Hang on…

 

MBAM results:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/5/2014
Scan Time: 5:38:00 PM
Logfile: 6-5-14 MBAM scan results.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.05.13
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Sam

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 275545
Time Elapsed: 10 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],

Files: 5
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\ism.exe, Quarantined, [eff2284c7dfec076f24af52a946c8878],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],

Physical Sectors: 0
(No malicious items detected)


(end)

 

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Sam at 18:52:51 on 2014-06-05
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.8086.6271 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\WRSA.exe
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Programdata\Ralink Driver\RT2860 Wireless LAN Card\RT\RT28.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Cozendey\Voice Finger\VoiceFinger.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Windows\Speech\Common\sapisvr.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [Power2GoExpress8] NA
uRun: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
uRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
uRun: [Voice Finger] C:\Program Files (x86)\Cozendey\Voice Finger\VoiceFinger.exe
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe "
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{F1C2A803-A6E7-4D00-8842-B0D33D304F6E} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sam\AppData\Roaming\Mozilla\Firefox\Profiles\6nvpf4fe.default\
FF - prefs.js: browser.search.selectedEngine - Duck Duck Go + Google Suggest
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2014-5-21 644968]
R0 RapportKE64;RapportKE64;C:\Windows\System32\Drivers\RapportKE64.sys [2013-10-4 358552]
R0 WRkrn;WRkrn;C:\Windows\System32\Drivers\WRkrn.sys [2013-5-18 115680]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-6-2 92536]
R1 RapportCerberus_68261;RapportCerberus_68261;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_68261.sys [2014-5-15 631096]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2014-5-3 299512]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-2-7 1641768]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-7-9 35232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-9-3 165760]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2014-5-3 1882392]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-3 364416]
R2 WLAN ServiceC;WLAN ServiceC;C:\ProgramData\Ralink Driver\RT2860 Wireless LAN Card\RT\RT28.exe [2012-9-3 2232320]
R2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2013-5-18 765528]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\Windows\System32\Drivers\ATSwpWDF.sys [2012-6-22 1109296]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2013-12-4 2505904]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-7-9 690832]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-7-25 43832]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2014-1-22 108800]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RapportHades64;RapportHades64;C:\Windows\System32\Drivers\RapportHades64.sys [2013-10-4 288344]
S3 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2014-5-3 414232]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2012-9-3 266896]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-7-25 41272]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudmdm.sys [2014-1-22 206080]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2013-1-7 401856]
.
=============== Created Last 30 ================
.
2014-06-06 00:35:28 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-06 00:34:54 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-06 00:34:54 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-06-06 00:34:54 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-06-06 00:34:54 -------- d-----w- C:\ProgramData\Malwarebytes
2014-06-06 00:34:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-22 04:09:09 -------- d-----w- C:\Users\Sam\AppData\Local\lptmp54799794
2014-05-21 20:53:59 644968 ----a-w- C:\Windows\System32\drivers\iaStorA.sys
2014-05-13 21:08:58 1281536 ----a-w- C:\Windows\System32\lsasrv.dll
2014-05-10 07:28:38 965232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc52.dll
2014-05-08 13:48:42 227704 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2014-05-22 04:09:08 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
2014-05-22 04:07:47 154248 ----a-w- C:\Windows\SysWow64\WRusr.dll
2014-05-22 04:07:47 105320 ----a-w- C:\Windows\System32\WRusr.dll
2014-05-06 03:37:50 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-06 03:26:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-04 05:55:50 288344 ----a-w- C:\Windows\System32\drivers\RapportHades64.sys
2014-05-04 05:55:48 358552 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2014-05-01 20:37:50 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-01 20:37:50 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-04-19 09:39:36 628024 ----a-w- C:\Windows\System32\NotificationUI.exe
2014-04-19 08:45:39 693760 ----a-w- C:\Windows\System32\WSShared.dll
2014-04-19 08:45:39 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 06:57:49 566784 ----a-w- C:\Windows\SysWow64\WSShared.dll
2014-04-19 06:57:49 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-16 03:02:58 354656 ----a-w- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
2014-04-15 09:34:10 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-04-13 19:19:19 115680 ----a-w- C:\Windows\System32\drivers\WRkrn.sys
2014-04-12 09:27:03 172888 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 09:10:31 578048 ----a-w- C:\Windows\System32\winlogon.exe
2014-04-12 09:09:43 208896 ----a-w- C:\Windows\System32\wdigest.dll
2014-04-12 09:09:39 1043968 ----a-w- C:\Windows\System32\usercpl.dll
2014-04-12 09:09:34 94720 ----a-w- C:\Windows\System32\TSpkg.dll
2014-04-12 09:09:19 588288 ----a-w- C:\Windows\System32\SHCore.dll
2014-04-12 09:08:37 318464 ----a-w- C:\Windows\System32\msv1_0.dll
2014-04-12 09:08:17 439808 ----a-w- C:\Windows\System32\lsm.dll
2014-04-12 09:08:10 827904 ----a-w- C:\Windows\System32\kerberos.dll
2014-04-12 09:07:36 20480 ----a-w- C:\Windows\System32\credssp.dll
2014-04-12 07:23:59 178688 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-04-12 07:23:52 961536 ----a-w- C:\Windows\SysWow64\usercpl.dll
2014-04-12 07:23:49 76800 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-04-12 07:23:40 452608 ----a-w- C:\Windows\SysWow64\SHCore.dll
2014-04-12 07:23:14 273920 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-04-12 07:22:58 666624 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-04-12 07:22:33 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-04-12 06:58:06 14848 ----a-w- C:\Windows\System32\workerdd.dll
2014-03-28 19:19:38 35856 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2014-03-28 08:23:00 1287168 ----a-w- C:\Windows\System32\schedsvc.dll
2014-03-23 22:11:52 269592 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
2014-03-11 03:32:43 6987096 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-11 03:25:51 100184 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-03-11 00:41:55 323072 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-03-11 00:41:51 559104 ----a-w- C:\Windows\SysWow64\objsel.dll
2014-03-11 00:41:24 38400 ----a-w- C:\Windows\SysWow64\dimsroam.dll
2014-03-11 00:39:12 35840 ----a-w- C:\Windows\System32\lsass.exe
2014-03-11 00:38:58 27648 ----a-w- C:\Windows\System32\sspisrv.dll
2014-03-11 00:38:58 164864 ----a-w- C:\Windows\System32\sspicli.dll
2014-03-11 00:38:53 419328 ----a-w- C:\Windows\System32\schannel.dll
2014-03-11 00:38:47 684032 ----a-w- C:\Windows\System32\objsel.dll
2014-03-11 00:38:31 982016 ----a-w- C:\Windows\System32\KernelBase.dll
2014-03-11 00:38:23 45056 ----a-w- C:\Windows\System32\dimsroam.dll
2014-03-11 00:38:23 179712 ----a-w- C:\Windows\System32\dpapisrv.dll
2014-03-10 03:05:14 668160 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-10 01:27:03 99840 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
============= FINISH: 18:53:21.96 ===============

 

Attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 5/18/2013 4:47:25 PM
System Uptime: 6/5/2014 5:58:31 PM (1 hours ago)
.
Motherboard: Hewlett-Packard | | 18EE
Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz | U3E1 | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 905 GiB total, 832.175 GiB free.
D: is FIXED (NTFS) - 26 GiB total, 3.1 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP74: 6/1/2014 3:09:19 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
4 Elements II
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 11.6
AuthenTec TrueAPI 64-bit
AuthenTec WinBio FingerPrint Software 64-bit
Bejeweled 3
Bonjour
Build-a-lot 4 - Power Source
Bullzip PDF Printer 10.1.0.1871
Chuzzle Deluxe
Cradle Of Egypt Collector's Edition
Cradle of Rome 2
CyberLink LabelPrint
CyberLink Media Suite 10
CyberLink PhotoDirector
CyberLink Power2Go 8
CyberLink PowerDirector 10
CyberLink PowerDVD
CyberLink YouCam
D3DX10
DAZzle
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup
DYMO Printable Postage
Energy Star
Farm Frenzy
FATE: The Cursed King
Final Drive Fury
FlatOut 2
GIMP 2.8.6
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.2.2.3
Hoyle Card Games
HP 3D DriveGuard
HP Connected Backup
HP Connected Music (Meridian - installer)
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MyRoom
HP Postscript Converter
HP Quick Launch
HP Recovery Manager
HP Registration Service
HP SimplePass
HP Software Framework
HP Support Assistant
HP Utility Center
HP Wireless Button Driver
IDT Audio
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Jewel Match 3
John Deere Drive Green
Luxor Evolved
Mahjongg Dimensions Deluxe: Tiles in Time
Malwarebytes Anti-Malware version 2.0.2.1012
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mortimer Beckett and the Crimson Thief Premium Edition
Mozilla Firefox 29.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 24.5.0 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 Parser and SDK
MyFreeCodec
Mystery P.I. - Curious Case of Counterfeit Cove
Peggle Nights
Penguins!
Polar Bowler
Polar Golfer
Ralink RT5390R 802.11bgn Wi-Fi Adapter
Rapport
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Roads of Rome 3
Samsung Kies
SAMSUNG USB Driver for Mobile Phones
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2878284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
StreamTorrent 1.0
swMSM
Synaptics Pointing Device Driver
Tales of Lagoona
Trusteer Endpoint Protection
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
Update Installer for WildTangent Games App
Vacation Questâ„¢ - Australia
VC80CRTRedist - 8.0.50727.6195
VLC media player 2.0.6
Voice Finger
Webroot SecureAnywhere
WildTangent Games
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zebra Font Downloader
Zebra Setup Utilities
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
6/5/2014 9:27:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
6/5/2014 9:27:48 AM, Error: Service Control Manager [7000] -
6/5/2014 9:26:02 AM, Error: Service Control Manager [7022] - The Intel(R) Management and Security Application User Notification Service service hung on starting.
6/5/2014 9:23:53 AM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
6/5/2014 9:21:35 AM, Error: Service Control Manager [7022] - The Software Protection service hung on starting.
6/5/2014 3:05:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the STacSV service.
6/5/2014 3:01:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
6/4/2014 9:23:55 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the hpqwmiex service.
6/3/2014 8:54:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
5/31/2014 7:01:59 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
5/30/2014 10:01:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
.
==== End Of File ===========================

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 6/5/2014
Scan Time: 5:38:00 PM
Logfile: 6-5-14 MBAM scan results.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.06.05.13
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Sam

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 275545
Time Elapsed: 10 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],

Files: 5
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\ism.exe, Quarantined, [eff2284c7dfec076f24af52a946c8878],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [6081ff75403beb4b33d21e6545bd619f],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],
PUP.Optional.Conduit.A, C:\Users\Sam\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [fee3b1c30b70b97dd23387fcca38ca36],

Physical Sectors: 0
(No malicious items detected)


(end)

 

I think the MBAM log is coming. For whatever reason I was able to post the other logs but the MBAM log is awaiting moderation. fyi

 

Hi. Thanks so much for the response.

Unfortunately, it looks like I'm going to have to give up and reinstall. My machine has taken a turn for the worse and I doubt I'm going to be able to get through these steps. Long story. I'm off to buy a new hard drive. Wish me luck!

Thanks for your time