Jump to content

ShardtheFox

Members
 View Profile  See their activity

  • Posts

    19

  • Joined

  • Last visited

Reputation

0 Neutral
  1. ShardtheFox
    Thanks for all the advice. She already has MalwareBytes Anti-Malware Premium, and the full suite of Kaspersky. Since my first post I learned that multiple software firewall is a big nono, so i disabled comodo and windows defender, now using just the Kaspersky firewall. User account controls have been set as suggested. Unfortunately, I can't convince her to use any browser that is not Internet Explorer. I guess only time will tell if these actions will be suffcient protection. Thanks all for your help.
  2. ShardtheFox
    So every couple months, my Grandmother comes to me with a disgustingly infected PC. Generally, i can handle it, although sometimes I have to get help here. Is there a good way to set a whitelist of allowed actions, and block everything else? I don't just mean a firewall, but actually block system functions that normal users would have access to. I've already set up an admin account, and made her account a normal user, and she doesn't have access to the admin account. I've got a subscription of Kaspersky running, and I'm using comodo firewall, in addition to the windows firewall. I was hoping there is either some user setting I'm missing, or a piece of software that someone could suggest. She's running window's 7, and the machine is fairly new, built just last year.
  3. ShardtheFox
    C:\FRST\Quarantine\C\Program Files (x86)\2jUninstall Recipe Hub.dll.xBAD a variant of Win32/Toolbar.MyWebSearch.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\bar\1.bin\NP14Stub.dll.xBAD Win32/Toolbar.MyWebSearch.T potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14auxstb.dll Win32/Toolbar.MyWebSearch.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14brmon.exe Win32/Toolbar.MyWebSearch.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14datact.dll a variant of Win32/Toolbar.MyWebSearch.A potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14html.dll probably a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14htmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14ieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14impipe.exe Win32/Toolbar.MyWebSearch.W potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14Plugin.dll a variant of Win32/Toolbar.MyWebSearch potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14skin.dll a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application C:\FRST\Quarantine\C\Program Files (x86)\TotalRecipeSearch_14\TotalRecipeSearch_14\bar\1.bin\14skplay.exe Win32/Toolbar.MyWebSearch.W potentially unwanted application C:\Users\Evelyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OOK4VW5\RecipeHub.exe Win32/AdInstaller potentially unwanted application C:\Users\Evelyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\955A8ZEX\ApnIC11130[1].dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Users\Evelyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4Z81FBR\ApnToolbarInstaller11130[1].exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Users\Evelyn\AppData\Local\Temp\ApnIC.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Users\Evelyn\AppData\Local\Temp\ApnToolbarInstaller.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application C:\Users\Evelyn\AppData\Local\Temp\Set124A.tmp Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Users\Evelyn\AppData\Local\Temp\Set6A2D.tmp Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Users\Evelyn\AppData\Local\Temp\setup.exe a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Users\Evelyn\AppData\LocalLow\RecipeHub_2jEI\Installr\Cache\05CA7F79.exe a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application C:\Users\Evelyn\AppData\LocalLow\TotalRecipeSearch_14EI\Installr\Cache\357FB459.exe a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application C:\Users\Evelyn\Downloads\RecipeHub (1).exe Win32/AdInstaller potentially unwanted application C:\Users\Evelyn\Downloads\RecipeHub.exe Win32/AdInstaller potentially unwanted application C:\Windows\Installer\MSIC300.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
  4. ShardtheFox
    The logs are attached. Fixlog_25-03-2014_03-04-30.txt mbam-log-2014-03-25 (03-05-54).txt
  5. ShardtheFox
    The files were to long to copy and paste, so they're attached. TDSSKiller.3.0.0.26_24.03.2014_20.32.36_log.txt FRST_24-03-2014_21-06-21.txt Addition_24-03-2014_21-05-13.txt
  6. ShardtheFox
    My grandmother requested I take a look at her computer, as it was running slow. Apparently, she purchased a service called "RegServo" that is a registry cleaner, and ran the file while under remote assistance from some guy on the phone. She's kind of senile, so the details don't all add up. Anyways, her computer is a mess, and I was hoping someone could assist me with checking it out. I am aware of your piracy policy, and have already checked the laptop for any torrent software, and found none. Below are the FRST.txt and Addition.txt logs. Edit: Apparently, the copy and paste functionality no longer works. I just attached the logs instead. FRST.txt Addition.txt
  7. ShardtheFox
    Alright, sorry about the wait. The scan failed the first time, and i had to leave the infected computer. Back on it now. Here's the ESET SCAN C:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jauxstb.dll Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jbar.dll Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jbrmon.exe Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jdatact.dll a variant of Win32/Toolbar.MyWebSearch.A applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jhtmlmu.dll probably a variant of Win32/Toolbar.MyWebSearch.B applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jieovr.dll probably a variant of Win32/Toolbar.MyWebSearch.P applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jimpipe.exe Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jPlugin.dll probably a variant of Win32/Toolbar.MyWebSearch applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jreghk.dll a variant of Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jskin.dll a variant of Win32/Toolbar.MyWebSearch.P applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jskplay.exe Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\4jSrchMn.exe a variant of Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\CREXT.DLL Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\CrExtP4j.exe Win32/Toolbar.MyWebSearch.W applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\NP4jStub.dll Win32/Toolbar.MyWebSearch.T applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\T8HTML.DLL probably a variant of Win32/Toolbar.MyWebSearch.F applicationC:\FRST\Quarantine\RadioRage_4j\bar\1.bin\T8TICKER.DLL Win32/Toolbar.MyWebSearch.W applicationC:\Users\wendyredrum\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJO70QYL\RadioRage.exe Win32/AdInstaller application And the security check logs Results of screen317's Security Check version 0.99.76 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Kaspersky PURE 3.0 Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 25 Java version out of Date! Adobe Flash Player 11.9.900.117 Google Chrome 30.0.1599.101 Google Chrome 30.0.1599.69 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Kaspersky Lab Kaspersky PURE 3.0 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)````````````````````End of Log``````````````````````
  8. ShardtheFox
    OK, here are the logs. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-10-2013Ran by wendyredrum at 2013-11-04 16:26:37 Run:1Running from C:\Users\wendyredrum\DownloadsBoot Mode: Normal============================================== Content of fixlist:*****************StartHKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)C:\Program Files (x86)\Ask.comHKLM-x32\...\Run: [inboxToolbar] - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1378800 2013-10-09] (Inbox.com, Inc.)C:\Program Files (x86)\Inbox ToolbarURLSearchHook: HKCU - (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)C:\Program Files (x86)\RadioRage_4jSearchScopes: HKLM-x32 - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = http://search.mywebs...t=sb&searchfor={searchTerms}SearchScopes: HKCU - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = http://search.mywebs...t=sb&searchfor={searchTerms}SearchScopes: HKCU - {7F01EE14-C6CF-44E9-BAE6-67FDF4010B24} URL = http://websearch.ask...13959&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=SV&apn_dtid=YYYYYYB9US&apn_uid=9f731df4-dab1-4306-8e5f-f876201b2023&apn_sauid=EF3F69DA-D681-4AE6-8005-212243758828BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.)BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark)BHO-x32: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)BHO-x32: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.)Toolbar: HKLM-x32 - Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark)Toolbar: HKCU - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.)Toolbar: HKCU - No Name - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - No FileCHR Extension: (Inbox Toolbar) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crxR2 RadioRage_4jService; C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe [42504 2013-02-02] (COMPANYVERS_NAME)C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exeC:\Users\wendyredrum\AppData\Local\Temp\DefaultAssets.exeC:\Users\wendyredrum\AppData\Local\Temp\DefaultOfflineContent.exeC:\Users\wendyredrum\AppData\Local\Temp\NLStubInstallerResources.dllC:\Users\wendyredrum\AppData\Local\Temp\PCCU_Installer.exeC:\Users\wendyredrum\AppData\Local\Temp\SkypeSetup.exeC:\Users\wendyredrum\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dllAlternateDataStreams: C:\ProgramData\TEMP:157E1AD3End ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater => Value deleted successfully.C:\Program Files (x86)\Ask.com => Moved successfully.HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxToolbar => Value deleted successfully.C:\Program Files (x86)\Inbox Toolbar => Moved successfully.HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3c35ad63-af1d-4e21-b484-b6651a8efcf9} => Value deleted successfully.HKCR\Wow6432Node\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9} => Key deleted successfully.C:\Program Files (x86)\RadioRage_4j => Moved successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{110a9ea2-8810-4c04-b916-cfd4e9427fec} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec} => Key deleted successfully.HKCR\CLSID\{110a9ea2-8810-4c04-b916-cfd4e9427fec} => Key not found.HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F01EE14-C6CF-44E9-BAE6-67FDF4010B24} => Key deleted successfully.HKCR\CLSID\{7F01EE14-C6CF-44E9-BAE6-67FDF4010B24} => Key not found.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.HKCR\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48909954-14fb-4971-a7b3-47e7af10b38a} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{48909954-14fb-4971-a7b3-47e7af10b38a} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5848763c-2668-44ca-adbe-2999a6ee2858} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Value deleted successfully.HKCR\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Value deleted successfully.HKCR\Wow6432Node\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Key deleted successfully.HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{78ba36c9-6036-482b-b48d-ecca6f964b84} => Value deleted successfully.HKCR\Wow6432Node\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84} => Key deleted successfully.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Value deleted successfully.HKCR\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} => Key not found.HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{78BA36C9-6036-482B-B48D-ECCA6F964B84} => Value deleted successfully.HKCR\CLSID\{78BA36C9-6036-482B-B48D-ECCA6F964B84} => Key not found.C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl => Moved successfully.HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\apgjagobplilmcdfelodhgefiidomnfl => Key deleted successfully."C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx" => File/Directory not found.RadioRage_4jService => Service deleted successfully."C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe" => File/Directory not found.C:\Users\wendyredrum\AppData\Local\Temp\DefaultAssets.exe => Moved successfully.C:\Users\wendyredrum\AppData\Local\Temp\DefaultOfflineContent.exe => Moved successfully.C:\Users\wendyredrum\AppData\Local\Temp\NLStubInstallerResources.dll => Moved successfully.C:\Users\wendyredrum\AppData\Local\Temp\PCCU_Installer.exe => Moved successfully.C:\Users\wendyredrum\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.C:\Users\wendyredrum\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => Moved successfully.C:\ProgramData\TEMP => ":157E1AD3" ADS removed successfully. The system needs a manual reboot. ==== End of Fixlog ==== Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.11.04.09 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16721wendyredrum :: WENDYREDRUM-PC [administrator] 11/4/2013 4:29:16 PMmbam-log-2013-11-04 (16-29-16).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 210971Time elapsed: 10 minute(s), 28 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 10HKCR\CLSID\{33119133-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.HKCR\TypeLib\{03119103-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.HKCR\Interface\{23119123-0854-469D-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.HKCR\RadioRage_4j.SkinLauncherSettings.1 (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.HKCR\RadioRage_4j.SkinLauncherSettings (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully.HKCU\Software\Inbox Toolbar (PUP.Optional.InboxToolBar.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 5C:\Users\wendyredrum\Local Settings\Temporary Internet Files\Content.IE5\ADBJ7KTS\Inbox[1].cab (PUP.Optional.Inbox) -> Quarantined and deleted successfully.C:\Users\wendyredrum\Local Settings\Temporary Internet Files\Content.IE5\D21U3WRE\Inbox64[1].cab (PUP.Optional.Inbox) -> Quarantined and deleted successfully.C:\Users\wendyredrum\Local Settings\Temporary Internet Files\Content.IE5\D21U3WRE\Inbox_dll[2].cab (PUP.Optional.Inbox) -> Quarantined and deleted successfully.C:\Users\wendyredrum\Local Settings\Temporary Internet Files\Content.IE5\MD6UBRP4\Inbox[1].cab (PUP.Optional.Inbox) -> Quarantined and deleted successfully.C:\Users\wendyredrum\Local Settings\Temporary Internet Files\Content.IE5\UF72OS9H\Inbox_dll[1].cab (PUP.Optional.Inbox) -> Quarantined and deleted successfully. (end) # AdwCleaner v3.011 - Report created 04/11/2013 at 16:46:55# Updated 03/11/2013 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : wendyredrum - WENDYREDRUM-PC# Running from : C:\Users\wendyredrum\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [4jffxtbr@RadioRage_4j.com]Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLLKey Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWndKey Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1Key Deleted : HKLM\SOFTWARE\Classes\Inbox.AppServerKey Deleted : HKLM\SOFTWARE\Classes\Inbox.IBX404Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServerKey Deleted : HKLM\SOFTWARE\Classes\Inbox.ToolbarKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbhoKey Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inboxKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButtonKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.DynamicBarButton.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManagerKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenuKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanelKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButtonKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPluginKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.Radio.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettingsKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.RadioSettings.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButtonKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPluginKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncherKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SkinLauncher.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstallerKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButtonKey Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.UrlAlertButton.1Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.XMLSessionPluginKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancsKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCSKey Deleted : HKLM\SOFTWARE\MozillaPlugins\@RadioRage_4j.com/PluginValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage Search Scope Monitor]Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage_4j Browser Plugin Loader]Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A2B7C6-7487-4B99-9F6C-1FDF57FE130B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11D4B723-18CA-48C6-BA13-965488F19A70}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53855564-CF81-410C-9C1C-321C7E067816}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6562E272-88E1-4DFF-8FF8-FE1A05323D36}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E7ABF2A-8C44-4562-895D-DBCA3CDDD1A9}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638B7D6-11F5-4406-B387-327642A11FFB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA41198F-C3C5-47D8-99E1-1AB199E81723}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D740AD89-BAF4-47D5-9B5E-343D30F07A7A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEB941C-8B58-4899-97C3-88FE394E1285}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23760BE-23A3-4CEF-9304-66AF079F53DB}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E6AD866F-EA06-476A-8432-ED943683FAB1}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECEF0D95-32FA-48D3-8A2D-D6453B5B7361}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F69FE1BE-09C3-460C-AC89-8CCD9D3DF1CC}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F706E19B-6C14-4272-BA98-2F16636A898D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1ED65BE2-AE84-46CB-8EA6-1C2B86ADF768}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9E18E695-C9AF-4369-8CC3-93141C2928AF}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48909954-14FB-4971-A7B3-47E7AF10B38A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5848763C-2668-44CA-ADBE-2999A6EE2858}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78BA36C9-6036-482B-B48D-ECCA6F964B84}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9638B7D6-11F5-4406-B387-327642A11FFB}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48909954-14FB-4971-A7B3-47E7AF10B38A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5848763C-2668-44CA-ADBE-2999A6EE2858}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78BA36C9-6036-482B-B48D-ECCA6F964B84}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{434FA5E9-253E-4BD0-ADB6-7CE4CEA114CA}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{581C7D7D-F809-4E03-A631-74C069D5F04A}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68122F44-3A4A-4EDB-B28F-0C0E07F89BD0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638B7D6-11F5-4406-B387-327642A11FFB}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F706E19B-6C14-4272-BA98-2F16636A898D}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-CF81-410C-9C1C-321C7E067816}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A661D4DC-4BD8-48FC-964B-A24AB8157DE6}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}Key Deleted : HKCU\Software\APNKey Deleted : HKCU\Software\Ask.comKey Deleted : HKCU\Software\AppDataLow\Software\AskToolbarKey Deleted : HKCU\Software\AppDataLow\Software\RadioRage_4jKey Deleted : HKLM\Software\APNKey Deleted : HKLM\Software\AskToolbarKey Deleted : HKLM\Software\Inbox ToolbarKey Deleted : HKLM\Software\RadioRage_4jKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEFKey Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16720 -\\ Google Chrome v30.0.1599.101 [ File : C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : search_url ************************* AdwCleaner[R0].txt - [15255 octets] - [04/11/2013 16:41:00]AdwCleaner[R1].txt - [14192 octets] - [04/11/2013 16:45:28]AdwCleaner[s0].txt - [1136 octets] - [04/11/2013 16:43:17]AdwCleaner[s1].txt - [14177 octets] - [04/11/2013 16:46:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [14238 octets] ##########
  9. ShardtheFox
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013 Ran by wendyredrum (administrator) on WENDYREDRUM-PC on 04-11-2013 15:52:47 Running from C:\Users\wendyredrum\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\windows\system32\atiesrxx.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe ( ) C:\windows\system32\lxdncoms.exe (Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe (COMPANYVERS_NAME) C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe (TOSHIBA Corporation) C:\windows\system32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (AMD) C:\windows\system32\atieclxx.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe () C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe (Lexmark International Inc.) C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (SAMSUNG Electornics Co., Ltd.) C:\Users\wendyredrum\AppData\Roaming\Verizon\UA_ar\UA.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Amazon Digital Services, LLC.) C:\Users\wendyredrum\AppData\Local\Apps\2.0\MQGYAQ7K.0N0\KJ96NMG0.QLV\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (Sun Microsystems, Inc.) C:\Users\wendyredrum\AppData\Local\Apps\2.0\MQGYAQ7K.0N0\KJ96NMG0.QLV\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\LocalServiceJre\bin\AmazonCloudDriveW.exe () C:\windows\SysWOW64\GSService.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe () C:\windows\system32\spool\DRIVERS\x64\3\lxdnPSWX.EXE (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] - [x] HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.) HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.) HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [590256 2011-05-17] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-06-09] (TOSHIBA Corporation) HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation) HKLM\...\Run: [lxdnmon.exe] - C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe [660136 2010-02-04] () HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe [107176 2010-02-04] (Lexmark International Inc.) HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-01-10] (Google Inc.) HKCU\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.) HKCU\...\Run: [Amazon Cloud Player] - C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3109376 2013-10-22] () MountPoints2: {931cbf96-6c1a-11e2-8ca3-00266c005922} - E:\VZW_Software_upgrade_assistant.exe HKLM-x32\...\Run: [startCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation) HKLM-x32\...\Run: [NortonOnlineBackupReminder] - C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe [3218864 2011-06-22] (Toshiba) HKLM-x32\...\Run: [ToshibaAppPlace] - C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Communicator] - C:\Program Files (x86)\Microsoft Lync\communicator.exe [12108456 2013-06-27] (Microsoft Corporation) HKLM-x32\...\Run: [inboxToolbar] - C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [1378800 2013-10-09] (Inbox.com, Inc.) HKLM-x32\...\Run: [RadioRage Search Scope Monitor] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe [42536 2013-02-02] (MindSpark) HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe [30096 2013-02-02] (VER_COMPANY_NAME) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) Startup: C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\wendyredrum\AppData\Local\Apps\2.0\MQGYAQ7K.0N0\KJ96NMG0.QLV\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (Amazon Digital Services, LLC.) Startup: C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\wendyredrum\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=1 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/?cid=C001B2Y URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) URLSearchHook: HKCU - (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark) SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZX^xdm039^YY^us&si=radiopi&ptb=893C7FE7-89E6-463D-A494-34553855DFC8&ind=2013020217&n=77fc4039&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZX^xdm039^YY^us&si=radiopi&ptb=893C7FE7-89E6-463D-A494-34553855DFC8&ind=2013020217&n=77fc4039&psa=&st=sb&searchfor={searchTerms} SearchScopes: HKCU - {7F01EE14-C6CF-44E9-BAE6-67FDF4010B24} URL = http://websearch.ask.com/redirect?client=ie&tb=X-SD&o=13959&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=SV&apn_dtid=YYYYYYB9US&apn_uid=9f731df4-dab1-4306-8e5f-f876201b2023&apn_sauid=EF3F69DA-D681-4AE6-8005-212243758828 SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80472&lng=en BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll (Microsoft Corporation) BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (MindSpark) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) BHO-x32: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.) Toolbar: HKLM-x32 - Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (MindSpark) Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.) Toolbar: HKCU - No Name - {78BA36C9-6036-482B-B48D-ECCA6F964B84} - No File DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll (Inbox.com, Inc.) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 Chrome: ======= CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\gcswf32.dll No File CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File CHR Plugin: (registryAccess) - C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanpaddaaoffccehffldolecpkgpej\7.14.1.20311_0\background/registryAccess.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File CHR Plugin: (Skype Click to Call) - C:\Users\wendyredrum\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.) CHR Plugin: (Java Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (Sammsoft Toolbar) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaanpaddaaoffccehffldolecpkgpej\7.15.16.37909_0 CHR Extension: (Inbox Toolbar) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apgjagobplilmcdfelodhgefiidomnfl\1.0.0.9_0 CHR Extension: (YouTube) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0 CHR Extension: (Safe Money) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0 CHR Extension: (Virtual Keyboard) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0 CHR Extension: (Skype Click to Call) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.9.0.12585_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 CHR Extension: (Gmail) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 CHR Extension: (Anti-Banner) - C:\Users\WENDYR~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0 CHR HKLM-x32\...\Chrome\Extension: [aaaanpaddaaoffccehffldolecpkgpej] - C:\Users\wendyredrum\AppData\Local\APN\GoogleCRXs\aaaanpaddaaoffccehffldolecpkgpej_7.14.1.0.crx CHR HKLM-x32\...\Chrome\Extension: [apgjagobplilmcdfelodhgefiidomnfl] - C:\Program Files (x86)\Inbox Toolbar\Chrome\ibxtoolbar_chr.crx CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch) R3 GSService; C:\windows\SysWOW64\GSService.exe [490208 2013-07-26] () R2 lxdn_device; C:\windows\system32\lxdncoms.exe [1039872 2007-11-28] ( ) R2 lxdn_device; C:\windows\SysWow64\lxdncoms.exe [589824 2007-11-28] ( ) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-09-07] (Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation) R2 RadioRage_4jService; C:\PROGRA~2\RADIOR~2\bar\1.bin\4jbarsvc.exe [42504 2013-02-02] (COMPANYVERS_NAME) ==================== Drivers (Whitelisted) ==================== R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-02] (Kaspersky Lab) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [27152 2009-09-14] (Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-09-03] (Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-09-03] (Kaspersky Lab) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-10-18] (Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178008 2012-08-13] (Kaspersky Lab) R3 MusCAudio; C:\Windows\System32\drivers\MusCAudio.sys [34528 2013-07-26] (Windows ® Win 7 DDK provider) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-02] (Kaspersky Lab) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-04 15:34 - 2013-11-04 15:36 - 00029649 _____ C:\Users\wendyredrum\Downloads\Addition.txt 2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\FRST 2013-11-04 15:29 - 2013-11-04 15:29 - 01957098 _____ (Farbar) C:\Users\wendyredrum\Downloads\FRST64.exe 2013-11-04 15:04 - 2013-11-04 15:04 - 00093693 _____ C:\Users\wendyredrum\Desktop\dds.txt 2013-11-04 15:04 - 2013-11-04 15:04 - 00013186 _____ C:\Users\wendyredrum\Desktop\attach.txt 2013-11-04 14:59 - 2013-11-04 15:00 - 00688992 ____R (Swearware) C:\Users\wendyredrum\Desktop\dds.com 2013-11-04 14:59 - 2013-11-04 14:59 - 00688992 _____ (Swearware) C:\Users\wendyredrum\Desktop\dds.scr 2013-11-04 14:36 - 2013-11-04 14:36 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Malwarebytes 2013-11-04 14:33 - 2013-11-04 14:33 - 00001168 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-04 14:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2013-11-04 14:25 - 2013-11-04 14:26 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wendyredrum\Downloads\mbam-setup-1.75.0.1300.exe 2013-10-25 04:13 - 2013-11-04 15:36 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player 2013-10-25 04:13 - 2013-10-25 04:13 - 00001256 _____ C:\Users\wendyredrum\Desktop\Amazon Cloud Player.lnk 2013-10-25 04:13 - 2013-10-25 04:13 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player 2013-10-23 18:31 - 2013-10-23 18:35 - 00000000 ____D C:\Users\wendyredrum\Cloud Drive 2013-10-23 18:02 - 2013-10-23 18:02 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Amazon Cloud Drive 2013-10-23 18:01 - 2013-10-23 18:01 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-10-23 17:29 - 2013-11-04 15:19 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Deployment 2013-10-23 17:29 - 2013-10-23 17:29 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Apps\2.0 2013-10-15 04:50 - 2013-10-15 04:50 - 00000000 ____D C:\windows\SysWOW64\%Report% 2013-10-13 07:26 - 2013-09-04 04:12 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys 2013-10-13 07:26 - 2013-09-04 04:11 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys 2013-10-11 05:35 - 2013-10-11 05:35 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-10-11 04:58 - 2013-10-11 04:58 - 00000000 ____D C:\Users\Public\Documents\Verizon2.0_Log 2013-10-11 04:26 - 2013-10-11 04:26 - 00002996 _____ C:\windows\System32\Tasks\{586719CE-3A3F-46DC-9F41-850A9748DCB6} 2013-10-11 04:26 - 2013-10-11 04:26 - 00002996 _____ C:\windows\System32\Tasks\{452AC143-452F-44AE-B5FD-D490BD0103BD} 2013-10-11 04:25 - 2013-10-11 04:25 - 00002996 _____ C:\windows\System32\Tasks\{2CDCAFFC-F34C-44D7-95C2-11E0D8F6A176} 2013-10-11 04:19 - 2013-10-11 04:19 - 00002996 _____ C:\windows\System32\Tasks\{E6BEC02A-A010-42DB-A0BA-22F1E3C334A6} 2013-10-11 04:19 - 2013-10-11 04:19 - 00002996 _____ C:\windows\System32\Tasks\{4C7D3272-2C8E-46C5-9553-A61647C63344} 2013-10-11 04:04 - 2013-10-11 04:04 - 00000000 ____D C:\windows\SysWOW64\%DataRoot% 2013-10-11 03:54 - 2013-09-22 15:28 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2013-10-11 03:54 - 2013-09-22 15:28 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 14335488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2013-10-11 03:54 - 2013-09-22 15:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2013-10-11 03:54 - 2013-09-22 14:55 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2013-10-11 03:54 - 2013-09-22 14:55 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2013-10-11 03:54 - 2013-09-22 14:55 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2013-10-11 03:54 - 2013-09-22 14:54 - 19252224 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 02647552 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2013-10-11 03:54 - 2013-09-22 14:54 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2013-10-11 03:54 - 2013-09-20 19:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2013-10-11 03:54 - 2013-09-20 19:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2013-10-11 03:54 - 2013-09-20 18:48 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe 2013-10-11 03:54 - 2013-09-20 18:39 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe 2013-10-10 21:08 - 2013-10-10 21:08 - 00002996 _____ C:\windows\System32\Tasks\{C3D51229-1C3B-4764-AA7E-EA5F1C7A4803} 2013-10-10 17:55 - 2013-10-10 17:55 - 00002996 _____ C:\windows\System32\Tasks\{B3655D66-885E-429B-BE2A-BBF684D1686A} 2013-10-10 17:43 - 2013-10-10 17:43 - 00002996 _____ C:\windows\System32\Tasks\{988B6070-15DE-45C8-8D0C-80A39C50EF9B} 2013-10-10 17:43 - 2013-10-10 17:43 - 00002996 _____ C:\windows\System32\Tasks\{4B83FA03-F515-4CCC-82BF-FBBD2249A682} 2013-10-10 17:38 - 2013-10-28 05:45 - 00000000 ____D C:\Converted 2013-10-10 17:37 - 2013-10-28 20:56 - 00000083 _____ C:\windows\SysWOW64\gpupdate.bin 2013-10-10 17:37 - 2013-10-28 20:56 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\AllMusicConverter 2013-10-10 17:35 - 2013-10-10 17:35 - 00001231 _____ C:\Users\Public\Desktop\AllMusicConverter CDRipper.lnk 2013-10-10 17:35 - 2013-10-10 17:35 - 00001174 _____ C:\Users\Public\Desktop\AllMusicConverter.lnk 2013-10-10 17:35 - 2013-10-10 17:35 - 00000142 _____ C:\Users\Public\Desktop\Buy AllMusicConverter Now.url 2013-10-10 17:35 - 2013-10-10 17:35 - 00000000 ____D C:\Program Files (x86)\AllMusicConverter 2013-10-10 17:35 - 2013-07-26 17:06 - 00034528 _____ (Windows ® Win 7 DDK provider) C:\windows\system32\MusCAudio.sys 2013-10-10 17:35 - 2013-07-26 17:06 - 00034528 _____ (Windows ® Win 7 DDK provider) C:\windows\system32\Drivers\MusCAudio.sys 2013-10-10 17:35 - 2013-07-26 17:06 - 00008417 _____ C:\windows\system32\MusCAudio.cat 2013-10-10 17:35 - 2013-07-26 13:57 - 00490208 _____ C:\windows\SysWOW64\GSService.exe 2013-10-10 17:16 - 2013-09-13 17:10 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2013-10-10 17:16 - 2013-09-07 18:30 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2013-10-10 17:16 - 2013-09-07 18:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll 2013-10-10 17:16 - 2013-09-07 18:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll 2013-10-10 17:16 - 2013-08-28 18:17 - 05549504 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2013-10-10 17:16 - 2013-08-28 18:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2013-10-10 17:16 - 2013-08-28 18:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2013-10-10 17:16 - 2013-08-28 18:16 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2013-10-10 17:16 - 2013-08-28 18:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2013-10-10 17:16 - 2013-08-28 17:51 - 03969472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2013-10-10 17:16 - 2013-08-28 17:51 - 03914176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2013-10-10 17:16 - 2013-08-28 17:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2013-10-10 17:16 - 2013-08-28 17:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2013-10-10 17:16 - 2013-08-28 17:50 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2013-10-10 17:16 - 2013-08-28 17:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2013-10-10 17:16 - 2013-08-28 16:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2013-10-10 17:16 - 2013-08-28 16:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2013-10-10 17:16 - 2013-08-28 16:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2013-10-10 17:16 - 2013-08-28 16:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2013-10-10 17:16 - 2013-08-27 17:21 - 03155968 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2013-10-10 17:16 - 2013-07-12 02:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys 2013-10-10 17:16 - 2013-07-12 02:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys 2013-10-10 17:16 - 2013-07-12 02:40 - 00109824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBAUDIO.sys 2013-10-10 17:16 - 2013-07-04 04:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2013-10-10 17:16 - 2013-07-04 04:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll 2013-10-10 17:16 - 2013-07-04 04:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll 2013-10-10 17:16 - 2013-07-04 03:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll 2013-10-10 17:16 - 2013-07-04 03:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll 2013-10-10 17:16 - 2013-07-04 03:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll 2013-10-10 17:16 - 2013-07-04 02:11 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2013-10-10 17:16 - 2013-07-02 20:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys 2013-10-10 17:16 - 2013-07-02 20:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys 2013-10-10 17:16 - 2013-07-02 20:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys 2013-10-10 17:16 - 2013-06-25 14:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys 2013-10-10 17:16 - 2013-06-05 21:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2013-10-10 17:16 - 2013-06-05 21:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2013-10-10 17:16 - 2013-06-05 21:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2013-10-10 17:16 - 2013-06-05 21:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2013-10-10 17:16 - 2013-06-05 20:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll 2013-10-10 17:16 - 2013-06-05 20:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll 2013-10-10 17:16 - 2013-06-05 20:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll 2013-10-10 17:16 - 2013-06-05 19:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2013-10-10 17:16 - 2013-06-05 19:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll 2013-10-10 17:16 - 2013-06-05 19:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll 2013-10-10 17:15 - 2013-08-27 17:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll 2013-10-10 17:15 - 2013-08-01 04:09 - 00983488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2013-10-10 17:15 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-10 17:15 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-06 15:41 - 2013-10-06 15:41 - 00003206 _____ C:\windows\System32\Tasks\Installation App Launcher 2013-10-06 15:41 - 2013-10-06 15:41 - 00000256 _____ C:\ProgramData\FastPics.log 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\ProgramData\Ezprint 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files\Lexmark 2600 Series 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files (x86)\Lexmark Toolbar 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files (x86)\Lexmark 2600 Series 2013-10-06 15:41 - 2009-10-20 13:59 - 00001633 _____ C:\windows\SysWOW64\lxdn.loc 2013-10-06 15:41 - 2009-07-14 03:10 - 00147456 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdnjswr.dll 2013-10-06 15:41 - 2009-07-14 03:10 - 00106496 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdninsr.dll 2013-10-06 15:41 - 2009-07-14 03:10 - 00036864 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdncur.dll 2013-10-06 15:41 - 2009-07-14 03:08 - 00200704 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdninsb.dll 2013-10-06 15:41 - 2009-07-14 03:08 - 00090112 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdncub.dll 2013-10-06 15:41 - 2009-07-14 03:06 - 00176128 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdnins.dll 2013-10-06 15:41 - 2009-07-14 03:06 - 00077824 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdncu.dll 2013-10-06 15:41 - 2009-07-14 03:03 - 00540672 _____ (Lexmark International, Inc.) C:\windows\SysWOW64\lxdnutil.dll 2013-10-06 15:41 - 2009-07-14 01:24 - 00335872 _____ () C:\windows\SysWOW64\lxdncomx.dll 2013-10-06 15:41 - 2008-04-01 07:34 - 00983121 _____ (Microsoft Corporation) C:\windows\SysWOW64\lxdngf.dll 2013-10-06 15:41 - 2007-11-28 09:47 - 00672256 _____ ( ) C:\windows\system32\LXDNhcp.dll 2013-10-06 15:41 - 2007-11-28 09:47 - 00528384 _____ C:\windows\system32\LXDNinst.dll 2013-10-06 15:41 - 2007-11-28 09:19 - 00647168 _____ ( ) C:\windows\SysWOW64\lxdnpmui.dll 2013-10-06 15:41 - 2007-11-28 09:16 - 01101824 _____ ( ) C:\windows\SysWOW64\lxdnserv.dll 2013-10-06 15:41 - 2007-11-28 09:13 - 00569344 _____ ( ) C:\windows\SysWOW64\lxdnlmpm.dll 2013-10-06 15:41 - 2007-11-28 09:13 - 00376832 _____ ( ) C:\windows\SysWOW64\lxdncomm.dll 2013-10-06 15:41 - 2007-11-28 09:13 - 00360448 _____ ( ) C:\windows\SysWOW64\lxdncfg.exe 2013-10-06 15:41 - 2007-11-28 09:13 - 00339968 _____ ( ) C:\windows\SysWOW64\lxdniesc.dll 2013-10-06 15:41 - 2007-11-28 09:12 - 00843776 _____ ( ) C:\windows\SysWOW64\lxdnusb1.dll 2013-10-06 15:41 - 2007-11-28 09:12 - 00663552 _____ ( ) C:\windows\SysWOW64\lxdnhbn3.dll 2013-10-06 15:41 - 2007-11-28 09:12 - 00589824 _____ ( ) C:\windows\SysWOW64\lxdncoms.exe 2013-10-06 15:41 - 2007-11-28 09:12 - 00315392 _____ ( ) C:\windows\SysWOW64\lxdnih.exe 2013-10-06 15:41 - 2007-11-28 09:11 - 00851968 _____ ( ) C:\windows\SysWOW64\lxdncomc.dll 2013-10-06 15:41 - 2007-11-28 09:10 - 00053248 _____ ( ) C:\windows\SysWOW64\lxdnprox.dll 2013-10-06 15:41 - 2007-11-28 09:09 - 00364544 _____ ( ) C:\windows\SysWOW64\lxdninpa.dll 2013-10-06 15:41 - 2007-11-28 09:09 - 00348160 _____ C:\windows\SysWOW64\LXDNinst.dll 2013-10-06 15:41 - 2007-11-21 00:45 - 00110592 _____ (Lexmark International, Inc.) C:\windows\system32\lxdnwupd.dll 2013-10-06 15:41 - 2007-11-21 00:44 - 00011264 _____ (Lexmark International, Inc.) C:\windows\system32\lxdnwupd.exe 2013-10-06 15:41 - 2006-12-06 21:28 - 00126976 _____ (Lexmark International Inc.) C:\windows\SysWOW64\lxdnlnks.dll 2013-10-06 15:39 - 2013-10-06 15:40 - 76625368 _____ C:\Users\wendyredrum\Downloads\wu2600Win7en64.exe 2013-10-06 15:38 - 2013-10-06 15:38 - 00000382 _____ C:\Users\Public\Desktop\Complete Installation of Lexmark 2600 Series.LNK 2013-10-06 15:34 - 2013-11-03 08:11 - 00000000 ____D C:\ProgramData\lx_Cats 2013-10-06 15:34 - 2013-10-06 15:41 - 00017743 _____ C:\windows\system32\LexFiles.ulf ==================== One Month Modified Files and Folders ======= 2013-11-04 15:36 - 2013-11-04 15:34 - 00029649 _____ C:\Users\wendyredrum\Downloads\Addition.txt 2013-11-04 15:36 - 2013-10-25 04:13 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player 2013-11-04 15:30 - 2013-11-04 15:30 - 00000000 ____D C:\FRST 2013-11-04 15:30 - 2012-01-10 06:04 - 00000912 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-04 15:29 - 2013-11-04 15:29 - 01957098 _____ (Farbar) C:\Users\wendyredrum\Downloads\FRST64.exe 2013-11-04 15:19 - 2013-10-23 17:29 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Deployment 2013-11-04 15:06 - 2012-04-11 11:31 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2013-11-04 15:04 - 2013-11-04 15:04 - 00093693 _____ C:\Users\wendyredrum\Desktop\dds.txt 2013-11-04 15:04 - 2013-11-04 15:04 - 00013186 _____ C:\Users\wendyredrum\Desktop\attach.txt 2013-11-04 15:00 - 2013-11-04 14:59 - 00688992 ____R (Swearware) C:\Users\wendyredrum\Desktop\dds.com 2013-11-04 14:59 - 2013-11-04 14:59 - 00688992 _____ (Swearware) C:\Users\wendyredrum\Desktop\dds.scr 2013-11-04 14:36 - 2013-11-04 14:36 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Malwarebytes 2013-11-04 14:33 - 2013-11-04 14:33 - 00001168 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-11-04 14:33 - 2013-11-04 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-11-04 14:26 - 2013-11-04 14:25 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\wendyredrum\Downloads\mbam-setup-1.75.0.1300.exe 2013-11-04 14:23 - 2012-01-10 04:59 - 01598623 _____ C:\windows\WindowsUpdate.log 2013-11-04 11:59 - 2013-01-27 11:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-11-04 11:46 - 2009-07-13 21:13 - 00778834 _____ C:\windows\system32\PerfStringBackup.INI 2013-11-03 08:11 - 2013-10-06 15:34 - 00000000 ____D C:\ProgramData\lx_Cats 2013-11-02 05:03 - 2012-03-20 05:31 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Skype 2013-11-02 03:30 - 2012-01-10 06:04 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-28 20:56 - 2013-10-10 17:37 - 00000083 _____ C:\windows\SysWOW64\gpupdate.bin 2013-10-28 20:56 - 2013-10-10 17:37 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\AllMusicConverter 2013-10-28 05:45 - 2013-10-10 17:38 - 00000000 ____D C:\Converted 2013-10-25 04:13 - 2013-10-25 04:13 - 00001256 _____ C:\Users\wendyredrum\Desktop\Amazon Cloud Player.lnk 2013-10-25 04:13 - 2013-10-25 04:13 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Cloud Player 2013-10-23 18:35 - 2013-10-23 18:31 - 00000000 ____D C:\Users\wendyredrum\Cloud Drive 2013-10-23 18:32 - 2013-05-04 06:04 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Verizon 2013-10-23 18:31 - 2012-03-19 16:38 - 00000000 ____D C:\Users\wendyredrum 2013-10-23 18:02 - 2013-10-23 18:02 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Amazon Cloud Drive 2013-10-23 18:02 - 2012-03-19 16:41 - 00000000 ___RD C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-10-23 18:01 - 2013-10-23 18:01 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2013-10-23 17:29 - 2013-10-23 17:29 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Apps\2.0 2013-10-22 18:55 - 2012-03-21 21:49 - 00000000 ____D C:\Users\wendyredrum\AppData\Local\Adobe 2013-10-16 16:41 - 2009-07-13 20:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-16 16:41 - 2009-07-13 20:45 - 00024608 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-15 04:52 - 2009-07-13 21:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2013-10-15 04:51 - 2009-07-13 20:51 - 00110109 _____ C:\windows\setupact.log 2013-10-15 04:50 - 2013-10-15 04:50 - 00000000 ____D C:\windows\SysWOW64\%Report% 2013-10-13 07:35 - 2009-07-13 19:20 - 00000000 ____D C:\windows\rescache 2013-10-12 05:32 - 2013-03-04 09:12 - 00000000 ____D C:\Verizon_Android 2013-10-12 05:32 - 2013-03-04 09:12 - 00000000 ____D C:\Users\Public\Documents\Verizon_Android 2013-10-12 05:03 - 2012-11-07 20:54 - 00000000 ____D C:\Program Files (x86)\Inbox Toolbar 2013-10-11 05:36 - 2013-05-04 06:02 - 00000000 ____D C:\ProgramData\Samsung 2013-10-11 05:36 - 2011-10-30 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-10-11 05:35 - 2013-10-11 05:35 - 00000000 ____D C:\Program Files (x86)\Samsung 2013-10-11 05:19 - 2013-05-04 06:04 - 00000000 ____D C:\Users\wendyredrum\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon 2013-10-11 04:58 - 2013-10-11 04:58 - 00000000 ____D C:\Users\Public\Documents\Verizon2.0_Log 2013-10-11 04:26 - 2013-10-11 04:26 - 00002996 _____ C:\windows\System32\Tasks\{586719CE-3A3F-46DC-9F41-850A9748DCB6} 2013-10-11 04:26 - 2013-10-11 04:26 - 00002996 _____ C:\windows\System32\Tasks\{452AC143-452F-44AE-B5FD-D490BD0103BD} 2013-10-11 04:25 - 2013-10-11 04:25 - 00002996 _____ C:\windows\System32\Tasks\{2CDCAFFC-F34C-44D7-95C2-11E0D8F6A176} 2013-10-11 04:19 - 2013-10-11 04:19 - 00002996 _____ C:\windows\System32\Tasks\{E6BEC02A-A010-42DB-A0BA-22F1E3C334A6} 2013-10-11 04:19 - 2013-10-11 04:19 - 00002996 _____ C:\windows\System32\Tasks\{4C7D3272-2C8E-46C5-9553-A61647C63344} 2013-10-11 04:06 - 2009-07-13 20:45 - 00342664 _____ C:\windows\system32\FNTCACHE.DAT 2013-10-11 04:04 - 2013-10-11 04:04 - 00000000 ____D C:\windows\SysWOW64\%DataRoot% 2013-10-11 04:02 - 2010-11-20 19:47 - 00662930 _____ C:\windows\PFRO.log 2013-10-11 04:01 - 2012-03-19 18:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-11 03:50 - 2012-05-17 08:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2013-10-11 03:50 - 2012-05-17 08:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-11 03:47 - 2012-03-20 15:37 - 00773050 _____ C:\windows\SysWOW64\PerfStringBackup.INI 2013-10-11 03:37 - 2013-07-14 08:00 - 00000000 ____D C:\windows\system32\MRT 2013-10-11 03:33 - 2012-03-20 12:53 - 80541720 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2013-10-11 03:25 - 2012-01-10 06:04 - 00003908 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-10-11 03:25 - 2012-01-10 06:04 - 00003656 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-10-10 21:08 - 2013-10-10 21:08 - 00002996 _____ C:\windows\System32\Tasks\{C3D51229-1C3B-4764-AA7E-EA5F1C7A4803} 2013-10-10 17:55 - 2013-10-10 17:55 - 00002996 _____ C:\windows\System32\Tasks\{B3655D66-885E-429B-BE2A-BBF684D1686A} 2013-10-10 17:43 - 2013-10-10 17:43 - 00002996 _____ C:\windows\System32\Tasks\{988B6070-15DE-45C8-8D0C-80A39C50EF9B} 2013-10-10 17:43 - 2013-10-10 17:43 - 00002996 _____ C:\windows\System32\Tasks\{4B83FA03-F515-4CCC-82BF-FBBD2249A682} 2013-10-10 17:35 - 2013-10-10 17:35 - 00001231 _____ C:\Users\Public\Desktop\AllMusicConverter CDRipper.lnk 2013-10-10 17:35 - 2013-10-10 17:35 - 00001174 _____ C:\Users\Public\Desktop\AllMusicConverter.lnk 2013-10-10 17:35 - 2013-10-10 17:35 - 00000142 _____ C:\Users\Public\Desktop\Buy AllMusicConverter Now.url 2013-10-10 17:35 - 2013-10-10 17:35 - 00000000 ____D C:\Program Files (x86)\AllMusicConverter 2013-10-08 21:47 - 2012-04-11 11:31 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2013-10-08 21:47 - 2012-04-11 11:31 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2013-10-08 21:47 - 2011-10-30 19:37 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-07 05:06 - 2012-03-20 20:23 - 00000000 ____D C:\Users\wendyredrum\Desktop\To backup 2013-10-06 15:41 - 2013-10-06 15:41 - 00003206 _____ C:\windows\System32\Tasks\Installation App Launcher 2013-10-06 15:41 - 2013-10-06 15:41 - 00000256 _____ C:\ProgramData\FastPics.log 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\ProgramData\Ezprint 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files\Lexmark 2600 Series 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files (x86)\Lexmark Toolbar 2013-10-06 15:41 - 2013-10-06 15:41 - 00000000 ____D C:\Program Files (x86)\Lexmark 2600 Series 2013-10-06 15:41 - 2013-10-06 15:34 - 00017743 _____ C:\windows\system32\LexFiles.ulf 2013-10-06 15:40 - 2013-10-06 15:39 - 76625368 _____ C:\Users\wendyredrum\Downloads\wu2600Win7en64.exe 2013-10-06 15:38 - 2013-10-06 15:38 - 00000382 _____ C:\Users\Public\Desktop\Complete Installation of Lexmark 2600 Series.LNK Some content of TEMP: ==================== C:\Users\wendyredrum\AppData\Local\Temp\DefaultAssets.exe C:\Users\wendyredrum\AppData\Local\Temp\DefaultOfflineContent.exe C:\Users\wendyredrum\AppData\Local\Temp\NLStubInstallerResources.dll C:\Users\wendyredrum\AppData\Local\Temp\PCCU_Installer.exe C:\Users\wendyredrum\AppData\Local\Temp\SkypeSetup.exe C:\Users\wendyredrum\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-23 04:13 ==================== End Of Log ============================
  10. ShardtheFox
    hmm, upon closer inspection, i never got a primary text saved to the desk top. I'll run the scan again, and post it.
  11. ShardtheFox
    Ok, here are the results. .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 3/19/2012 5:38:44 PMSystem Uptime: 11/2/2013 4:16:59 PM (47 hours ago).Motherboard: TOSHIBA | | Portable PCProcessor: AMD E-300 APU with Radeon HD Graphics | Socket FT1 | 1300/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 283 GiB total, 202.157 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP152: 9/25/2013 9:05:50 PM - Windows UpdateRP153: 10/1/2013 6:39:51 PM - Installed iTunesRP154: 10/1/2013 6:42:58 PM - Windows UpdateRP155: 10/5/2013 4:28:05 AM - Windows UpdateRP156: 10/8/2013 6:06:22 AM - Windows UpdateRP157: 10/10/2013 6:35:27 PM - Device Driver Package Install: MusCAudio Sound, video and game controllersRP158: 10/11/2013 4:19:18 AM - Windows UpdateRP159: 10/11/2013 6:33:50 AM - Installed SUABnRRP161: 10/14/2013 6:17:41 AM - Windows Modules InstallerRP162: 10/15/2013 6:01:34 AM - Windows UpdateRP163: 10/20/2013 1:55:46 PM - Windows UpdateRP164: 10/26/2013 7:10:32 AM - Windows UpdateRP165: 10/29/2013 7:16:11 AM - Windows UpdateRP166: 11/1/2013 5:11:27 PM - Windows Update.==== Installed Programs ======================.Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X MUIAllMusicConverter 4.4.6Amazon Cloud DriveAmazon Cloud PlayerAMD Media Foundation DecodersAMD VISION Engine Control CenterApple Application SupportApple Mobile Device SupportApple Software UpdateAsk ToolbarAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverATI Catalyst Install ManagerBejeweled 3BonjourCatalyst Control Center - BrandingCatalyst Control Center Graphics Previews CommonCatalyst Control Center InstallProxyCatalyst Control Center Localization Allccc-utility64CCC Help Chinese StandardCCC Help Chinese TraditionalCCC Help CzechCCC Help DanishCCC Help DutchCCC Help EnglishCCC Help FinnishCCC Help FrenchCCC Help GermanCCC Help GreekCCC Help HungarianCCC Help ItalianCCC Help JapaneseCCC Help KoreanCCC Help NorwegianCCC Help PolishCCC Help PortugueseCCC Help RussianCCC Help SpanishCCC Help SwedishCCC Help ThaiCCC Help TurkishConexant HD AudioD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionETDWare PS/2-X64 8.0.8.0_R01FATE - The Traitor SoulGoogle ChromeGoogle Toolbar for Internet ExplorerGoogle Update HelperInbox ToolbariTunesJava Auto UpdaterJava 6 Update 25Junk Mail filter updateKaspersky PURE 3.0Label@Once 1.0Letters from Nowhere 2Lexmark 2600 SeriesMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Lync 2010Microsoft Office 2010Microsoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Home and Student 2010Microsoft Office Office 64-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 64-bit MUI (English) 2010Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Single Image 2010Microsoft Office Word MUI (English) 2010Microsoft SilverlightMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319MSVCRTMSVCRT_amd64Neuro-Programmer 3 Visualizations Pack 1.0Neuro-Programmer 3.2.3Norton PC CheckupPenguins!Plants vs. Zombies - Game of the YearPlayReady PC Runtime amd64PlayReady PC Runtime x86Polar BowlerRadioRage ToolbarRealtek USB 2.0 Card ReaderRealtek WLAN DriverRollerCoaster Tycoon 3: PlatinumSAMSUNG USB Driver for Mobile PhonesSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit EditionSecurity Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2553371) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2589320) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2598243) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687276) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687423) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2687510) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826023) 32-Bit EditionSecurity Update for Microsoft Office 2010 (KB2826035) 32-Bit EditionSecurity Update for Microsoft Outlook 2010 (KB2794707) 32-Bit EditionSecurity Update for Microsoft Publisher 2010 (KB2553147) 32-Bit EditionSecurity Update for Microsoft Visio 2010 (KB2810068) 32-Bit EditionSkype Click to CallSkype LauncherSkype™ 6.5SUABnRSupport.com Toolbar UpdaterTales of LagoonaToshiba App PlaceTOSHIBA Application InstallerTOSHIBA AssistToshiba Book PlaceTOSHIBA Bulletin BoardTOSHIBA Disc CreatorTOSHIBA Face RecognitionTOSHIBA Hardware SetupTOSHIBA HDD/SSD AlertToshiba Laptop CheckupTOSHIBA Media ControllerToshiba Online BackupTOSHIBA Quality ApplicationTOSHIBA Recovery Media CreatorTOSHIBA ReelTimeTOSHIBA Service StationTOSHIBA Supervisor PasswordTOSHIBA Value Added PackageTOSHIBA Web Camera ApplicationTOSHIBARegistrationUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Update for Microsoft Access 2010 (KB2553446) 32-Bit EditionUpdate for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553267) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft Office 2010 (KB2589298) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2589375) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2596964) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2598242) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2687503) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760598) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2760631) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2767886) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2794737) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2826026) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft OneNote 2010 (KB2810072) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2687623) 32-Bit EditionUpdate for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit EditionUpdate for Microsoft PowerPoint 2010 (KB2553145) 32-Bit EditionUpdate for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit EditionUpdate for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit EditionUpdate for Microsoft Word 2010 (KB2827323) 32-Bit EditionUpdate Installer for WildTangent Games AppVerizon Wireless Software Upgrade Assistant - Samsung(ar)Verizon Wireless Software Utility Application for Android - SamsungWildTangent GamesWildTangent Games App (Toshiba Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesZuma's Revenge.==== Event Viewer Messages From Past Week ========.11/4/2013 2:19:52 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service.11/4/2013 10:56:04 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.11/2/2013 12:39:00 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.10/29/2013 7:33:56 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.10/28/2013 5:32:01 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user wendyredrum-PC\wendyredrum SID (S-1-5-21-3060629155-3806406582-230518274-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.10/28/2013 5:32:01 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user wendyredrum-PC\wendyredrum SID (S-1-5-21-3060629155-3806406582-230518274-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool..==== End Of File =========================== Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013Ran by wendyredrum at 2013-11-04 15:34:19Running from C:\Users\wendyredrum\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Kaspersky PURE 3.0 (Enabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} ==================== Installed Programs ====================== Adobe AIR (x32 Version: 2.6.0.19140)Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)Adobe Reader X MUI (x32 Version: 10.0.0)AllMusicConverter 4.4.6 (x32 Version: 4.4.6)Amazon Cloud Drive (HKCU Version: 2.1.2013.1340)Amazon Cloud Player (HKCU Version: 1.5.0.341)AMD Media Foundation Decoders (Version: 1.0.60607.2201)AMD VISION Engine Control Center (x32 Version: 2011.0607.2212.38019)Apple Application Support (x32 Version: 2.3.6)Apple Mobile Device Support (Version: 7.0.0.117)Apple Software Update (x32 Version: 2.1.3.127)Ask Toolbar (x32 Version: 1.14.1.0)Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)ATI Catalyst Install Manager (Version: 3.0.829.0)Bejeweled 3 (x32 Version: 2.2.0.97)Bonjour (Version: 3.0.0.10)Catalyst Control Center - Branding (x32 Version: 1.00.0000)Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0607.2212.38019)Catalyst Control Center InstallProxy (x32 Version: 2011.0607.2212.38019)Catalyst Control Center Localization All (x32 Version: 2011.0607.2212.38019)CCC Help Chinese Standard (x32 Version: 2011.0607.2211.38019)CCC Help Chinese Traditional (x32 Version: 2011.0607.2211.38019)CCC Help Czech (x32 Version: 2011.0607.2211.38019)CCC Help Danish (x32 Version: 2011.0607.2211.38019)CCC Help Dutch (x32 Version: 2011.0607.2211.38019)CCC Help English (x32 Version: 2011.0607.2211.38019)CCC Help Finnish (x32 Version: 2011.0607.2211.38019)CCC Help French (x32 Version: 2011.0607.2211.38019)CCC Help German (x32 Version: 2011.0607.2211.38019)CCC Help Greek (x32 Version: 2011.0607.2211.38019)CCC Help Hungarian (x32 Version: 2011.0607.2211.38019)CCC Help Italian (x32 Version: 2011.0607.2211.38019)CCC Help Japanese (x32 Version: 2011.0607.2211.38019)CCC Help Korean (x32 Version: 2011.0607.2211.38019)CCC Help Norwegian (x32 Version: 2011.0607.2211.38019)CCC Help Polish (x32 Version: 2011.0607.2211.38019)CCC Help Portuguese (x32 Version: 2011.0607.2211.38019)CCC Help Russian (x32 Version: 2011.0607.2211.38019)CCC Help Spanish (x32 Version: 2011.0607.2211.38019)CCC Help Swedish (x32 Version: 2011.0607.2211.38019)CCC Help Thai (x32 Version: 2011.0607.2211.38019)CCC Help Turkish (x32 Version: 2011.0607.2211.38019)ccc-utility64 (Version: 2011.0607.2212.38019)Conexant HD Audio (Version: 8.54.1.0)D3DX10 (x32 Version: 15.4.2368.0902)Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)ETDWare PS/2-X64 8.0.8.0_R01 (Version: 8.0.8.0)FATE - The Traitor Soul (x32 Version: 2.2.0.95)Google Chrome (x32 Version: 30.0.1599.101)Google Toolbar for Internet Explorer (x32 Version: 1.0.0)Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)Google Update Helper (x32 Version: 1.3.21.165)Inbox Toolbar (x32 Version: 2.0.0.36)iTunes (Version: 11.0.5.5)Java Auto Updater (x32 Version: 2.0.4.1)Java 6 Update 25 (x32 Version: 6.0.250)Junk Mail filter update (x32 Version: 15.4.3502.0922)Kaspersky PURE 3.0 (x32 Version: 13.0.2.558)Label@Once 1.0 (x32 Version: 1.0)Letters from Nowhere 2 (x32 Version: 2.2.0.97)Lexmark 2600 SeriesMalwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)Mesh Runtime (x32 Version: 15.4.5722.2)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)Microsoft .NET Framework 4 Extended (Version: 4.0.30319)Microsoft Application Error Reporting (Version: 12.0.6015.5000)Microsoft Lync 2010 (Version: 4.0.7577.4398)Microsoft Office 2010 (x32 Version: 14.0.4763.1000)Microsoft Office 2010 Service Pack 1 (SP1) (x32)Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)Microsoft Silverlight (Version: 5.1.20913.0)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)MSVCRT (x32 Version: 15.4.2862.0708)MSVCRT_amd64 (x32 Version: 15.4.2862.0708)Neuro-Programmer 3 Visualizations Pack 1.0 (x32)Neuro-Programmer 3.2.3 (x32)Norton PC Checkup (x32 Version: 3.0.4.49.0)Penguins! (x32 Version: 2.2.0.98)Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)PlayReady PC Runtime amd64 (Version: 1.3.0)PlayReady PC Runtime x86 (x32 Version: 1.3.0)Polar Bowler (x32 Version: 2.2.0.97)RadioRage Toolbar (x32)Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30124)Realtek WLAN Driver (x32 Version: 2.00.0016)RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98)SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)Skype Click to Call (x32 Version: 6.9.12585)Skype Launcher (x32 Version: 2.01)Skype™ 6.5 (x32 Version: 6.5.158)SUABnR (x32 Version: 1.1.0.13082_1)Support.com Toolbar Updater (HKCU Version: 1.2.0.20007)Tales of Lagoona (x32 Version: 2.2.0.98)Toshiba App Place (x32 Version: 1.0.6.3)TOSHIBA Application Installer (x32 Version: 9.0.1.2)TOSHIBA Assist (x32 Version: 4.2.3.0)Toshiba Book Place (x32 Version: 3.0.9490)TOSHIBA Bulletin Board (Version: 1.6.11.64)TOSHIBA Bulletin Board (x32 Version: 1.6.11.64)TOSHIBA Disc Creator (Version: 2.1.0.11 for x64)TOSHIBA Face Recognition (Version: 3.1.17.64)TOSHIBA Face Recognition (x32 Version: 3.1.17.64)TOSHIBA Hardware Setup (x32 Version: 2.1.0.3)TOSHIBA HDD/SSD Alert (Version: 3.1.64.9)Toshiba Laptop Checkup (x32 Version: 2.0.13.11)TOSHIBA Media Controller (x32 Version: 1.0.87.4)Toshiba Online Backup (x32 Version: 2.0.0.31)TOSHIBA Quality Application (x32 Version: 1.0.4)TOSHIBA Recovery Media Creator (x32 Version: 2.1.5.5109a)TOSHIBA ReelTime (Version: 1.7.21.64)TOSHIBA ReelTime (x32 Version: 1.7.21.64)TOSHIBA Service Station (x32 Version: 2.2.13)TOSHIBA Supervisor Password (x32 Version: 2.1.0.2)TOSHIBA Value Added Package (Version: 1.6.1.64)TOSHIBA Value Added Package (x32 Version: 1.6.1.64)TOSHIBA Web Camera Application (x32 Version: 2.0.3.3)TOSHIBARegistration (x32 Version: 1.0.7)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2553065) (x32)Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2566458) (x32)Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)Update Installer for WildTangent Games App (x32)Verizon Wireless Software Upgrade Assistant - Samsung(ar) (x32 Version: 2.13.0903)Verizon Wireless Software Utility Application for Android - Samsung (x32 Version: 2.13.0806)WildTangent Games (x32 Version: 1.0.2.5)WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.31)Windows Live Communications Platform (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3502.0922)Windows Live Essentials (x32 Version: 15.4.3555.0308)Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)Windows Live Installer (x32 Version: 15.4.3502.0922)Windows Live Language Selector (Version: 15.4.3555.0308)Windows Live Mail (x32 Version: 15.4.3502.0922)Windows Live Mesh (x32 Version: 15.4.3502.0922)Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)Windows Live Messenger (x32 Version: 15.4.3538.0513)Windows Live MIME IFilter (Version: 15.4.3502.0922)Windows Live Movie Maker (x32 Version: 15.4.3502.0922)Windows Live Photo Common (x32 Version: 15.4.3502.0922)Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)Windows Live Remote Client (Version: 15.4.5722.2)Windows Live Remote Client Resources (Version: 15.4.5722.2)Windows Live Remote Service (Version: 15.4.5722.2)Windows Live Remote Service Resources (Version: 15.4.5722.2)Windows Live SOXE (x32 Version: 15.4.3502.0922)Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)Windows Live UX Platform (x32 Version: 15.4.3502.0922)Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)Windows Live Writer (x32 Version: 15.4.3502.0922)Windows Live Writer Resources (x32 Version: 15.4.3502.0922)Zuma's Revenge (x32 Version: 2.2.0.98) ==================== Restore Points ========================= 26-09-2013 04:05:50 Windows Update02-10-2013 01:39:51 Installed iTunes02-10-2013 01:42:58 Windows Update05-10-2013 11:28:05 Windows Update08-10-2013 13:06:22 Windows Update11-10-2013 01:35:27 Device Driver Package Install: MusCAudio Sound, video and game controllers11-10-2013 11:19:18 Windows Update11-10-2013 13:33:50 Installed SUABnR14-10-2013 13:17:41 Windows Modules Installer15-10-2013 13:01:34 Windows Update20-10-2013 20:55:46 Windows Update26-10-2013 14:10:32 Windows Update29-10-2013 14:16:11 Windows Update02-11-2013 00:11:27 Windows Update ==================== Hosts content: ========================== 2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1ECC52CB-8C05-4293-A4C5-6DCB596A2EAB} - System32\Tasks\{586719CE-3A3F-46DC-9F41-850A9748DCB6} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {2148DD4F-A102-455B-B085-60491EBF0E22} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)Task: {29127DB3-7FBE-4FE6-9E4E-1068BC03F2E9} - System32\Tasks\{988B6070-15DE-45C8-8D0C-80A39C50EF9B} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {3428B329-AFE6-4FB0-A4D2-2B669CF0D5A8} - System32\Tasks\{4C7D3272-2C8E-46C5-9553-A61647C63344} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {382683AF-9A93-4045-9E35-9794FE39A210} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)Task: {3FFFA098-9C2E-4286-9CB7-E494BAE0C58F} - System32\Tasks\{C3D51229-1C3B-4764-AA7E-EA5F1C7A4803} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {4D2DC7F5-56AC-4846-B7DE-C17AAA9B31AA} - System32\Tasks\{95CCB377-1191-4DE4-A5A1-4DB0A0D26FDD} => Iexplore.exe http://ui.skype.com/ui/0/6.6.0.106/en/abandoninstall?page=tsMainTask: {51192E1B-F8F3-42D7-9410-FE777040E280} - System32\Tasks\{452AC143-452F-44AE-B5FD-D490BD0103BD} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {5381549A-303A-4A32-B5A6-76ADF8FFAA15} - System32\Tasks\{4B83FA03-F515-4CCC-82BF-FBBD2249A682} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {54444B94-CADB-4A8C-9962-1DDB82D8672A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08] (Adobe Systems Incorporated)Task: {703894BA-3653-4DED-B3CE-AC521EF97C7A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-10] (Google Inc.)Task: {87F2C090-ADED-4060-AE5A-1A47E9C5FEB0} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-09-07] (Symantec Corporation)Task: {B35003DA-3D25-46BC-800C-10733A767962} - System32\Tasks\{2CDCAFFC-F34C-44D7-95C2-11E0D8F6A176} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {C7294F5E-3458-4157-B466-6C66A6050836} - System32\Tasks\{E6BEC02A-A010-42DB-A0BA-22F1E3C334A6} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {CEFB3F81-CF80-4B25-A5E2-7F4ADB23EC9A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {D3B74357-8B8C-4BD5-A775-6868AA5D4333} - System32\Tasks\{B3655D66-885E-429B-BE2A-BBF684D1686A} => C:\Program Files (x86)\AllMusicConverter\CDRipper.exe [2013-07-26] ()Task: {F0D3509F-2CB1-4C4F-81FA-41DE250576D0} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-01-03] ()Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll2011-06-07 22:11 - 2011-06-07 22:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll2011-03-22 10:17 - 2011-03-22 10:17 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll2011-06-09 20:09 - 2011-06-09 20:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll2007-05-29 06:41 - 2007-05-29 06:41 - 00193024 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdndatr.dll2007-03-26 06:39 - 2007-03-26 06:39 - 00062464 _____ () C:\windows\system32\spool\DRIVERS\x64\3\lxdncats.dll2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2012-12-20 17:19 - 2012-12-20 17:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll2012-12-20 17:19 - 2012-12-20 17:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll2013-10-06 15:41 - 2009-07-23 13:48 - 00380928 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdnscw.dll2013-10-06 15:41 - 2007-05-29 01:39 - 00589824 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdndatr.dll2013-10-06 15:41 - 2007-03-26 01:39 - 00073728 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdncats.dll2013-10-06 15:41 - 2009-07-23 13:49 - 00782336 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdnDRS.dll2013-10-06 15:41 - 2009-05-14 07:46 - 00081920 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdncaps.dll2013-10-06 15:41 - 2007-10-02 08:51 - 00069632 _____ () C:\Program Files (x86)\Lexmark 2600 Series\lxdncnv4.dll2013-10-06 15:41 - 2007-10-12 12:24 - 00364544 _____ () C:\Program Files (x86)\Lexmark 2600 Series\iptk.dll2012-12-20 17:20 - 2012-12-20 17:20 - 00068616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\QtWebKit\qmlwebkitplugin4.dll2013-10-23 18:31 - 2013-10-23 18:31 - 00046080 _____ () C:\Users\wendyredrum\AppData\Local\Apps\2.0\MQGYAQ7K.0N0\KJ96NMG0.QLV\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\NativeOperations.dll2013-10-23 18:31 - 2013-10-23 18:31 - 00541696 _____ () C:\Users\wendyredrum\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll2013-10-25 04:13 - 2013-10-22 12:47 - 28850176 _____ () C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player\libcef.dll2013-10-25 04:13 - 2013-10-22 12:47 - 00722944 _____ () C:\Users\wendyredrum\AppData\Local\Amazon Cloud Player\tag.dll2013-10-20 12:53 - 2013-10-08 16:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll2013-10-20 12:53 - 2013-10-08 16:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll2013-10-20 12:53 - 2013-10-08 16:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll2013-10-20 12:53 - 2013-10-08 16:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll2013-10-20 12:53 - 2013-10-08 16:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:157E1AD3 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors:==================Error: (11/04/2013 00:37:52 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2044 Error: (11/04/2013 00:37:51 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2044 Error: (11/04/2013 00:37:51 PM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2808 Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 2808 Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1326 Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1326 Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 10:56:03 AM) (Source: Bonjour Service) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 34281718 System errors:=============Error: (11/04/2013 02:19:52 PM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/04/2013 11:42:30 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/04/2013 10:56:04 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Error: (11/03/2013 01:21:33 PM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/03/2013 07:58:43 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/02/2013 03:45:17 PM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/02/2013 11:39:00 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (11/02/2013 09:53:27 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/02/2013 09:46:49 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PCCUJobMgr service. Error: (11/02/2013 06:38:54 AM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Microsoft Office Sessions:=========================Error: (11/04/2013 00:37:52 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2044 Error: (11/04/2013 00:37:51 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 2044 Error: (11/04/2013 00:37:51 PM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 2808 Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 2808 Error: (11/04/2013 11:16:09 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1326 Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledEvent 1326 Error: (11/04/2013 11:16:07 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/04/2013 10:56:03 AM) (Source: Bonjour Service)(User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 34281718 CodeIntegrity Errors:=================================== Date: 2013-09-27 09:25:48.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:25:48.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:25:48.498 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:25:48.466 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:25:48.466 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-09-27 09:25:48.466 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-28 17:22:19.263 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-28 17:22:19.248 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-28 17:22:19.232 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2013-08-28 17:22:19.201 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 54%Total physical RAM: 3686.87 MBAvailable physical RAM: 1687.36 MBTotal Pagefile: 7371.91 MBAvailable Pagefile: 3637.55 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (TI106302W0C) (Fixed) (Total:282.92 GB) (Free:202.07 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 20C94C86)Partition 1: (Active) - (Size=1 GB) - (Type=27)Partition 2: (Not Active) - (Size=283 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=14 GB) - (Type=17) ==================== End Of Log ============================
  12. ShardtheFox
    Hello, the other day I was helping a friend clean up their computer that they complained was slow, so i downloaded Malwarebytes free and gave it a scan. Multiple instances of Registry Keys and File appeared infected, named PUP.Optional.inbox, PUP.Optional.inboxtoolbar.A, and PUP.Optional.FunWebProducts.A. I've got the dds and attach files all ready to go, and was hoping someone could tell me if malwarebytes took care of everything. Thanks. Upon trying to post the dds and attach text files contents directly here, I was informed my post was too long. They are now attached. attach.txt dds.txt
  13. ShardtheFox

    MrCharlie saved my butt! SweetPacks is no more :) Thanks from both my Savannah and I!

  14. ShardtheFox
    Alright, everything looks good! Thank you so much for your help. I am amazed with how fast you reply. I will most definitly add a comment on your profile. Salutations good sire!
  15. ShardtheFox
    Here it is. Results of screen317's Security Check version 0.99.63 Windows Vista Service Pack 1 x86 (UAC is enabled) Out of date service pack!! Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 6 Java version out of Date! Adobe Flash Player 9 Flash Player out of Date! Adobe Flash Player 11.6.602.180 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (20.0.1) ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Windows Defender MSASCui.exe Windows Defender MSASCui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log``````````````````````
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.