Jump to content

secondstar

Members
 View Profile  See their activity

  • Posts

    13

  • Joined

  • Last visited

 Content Type 

Everything posted by secondstar

  1. secondstar
    Thanks - it was "show in results list and DO NOT check for removal" - changed it. Still, would have expected to see it in results list. THANKS for the help!
  2. secondstar
    Oh, and again, you have beautiful dogs!
  3. secondstar
    Looks good at the moment, will not bore you with OTC. So, only questions left - any files to destroy? Any idea why malwarebytes Pro totally missed this? (mywebsearch, that is.... funmoods was just remnants)
  4. secondstar
    It's looking good, but I try to be complete. Will run OTL and then look around.
  5. secondstar
    Also, most of this is (essential to fix) registry entries and pointers. Are there files that should be removed? Also, any idea why malwarebytes didn't tweak on this? My impression from googling is that malwarebytes would normally find PUP.mywebsearch
  6. secondstar
    Successfully deleted the following --- sounds good. Should I run OLT anyway? I haven't run through anything yet, but like to be complete.
  7. secondstar
    This looks like interesting stuff. Did it also delete the user_pref items, or is it just noting them? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Professional x64 Ran by llane on Sun 05/19/2013 at 18:06:08.75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1 Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{4A841893-B23E-408E-A087-9226CFB8C113} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EE962290-9650-4C58-BCBC-A69ADC71D596} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7B111554-23AA-4D71-BBCC-138AAF768F73} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{cca2e567-1987-4100-a3c6-5b4267084510} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Users\llane.THECATERCO\appdata\local\iac" Successfully deleted: [Folder] "C:\Users\llane.THECATERCO\appdata\local\visi_coupon" Successfully deleted: [Folder] "C:\Users\llane.THECATERCO\appdata\locallow\iac" ~~~ FireFox Successfully deleted: [File] C:\Users\llane.THECATERCO\AppData\Roaming\mozilla\firefox\profiles\3b1mj3i4.default\user.js Successfully deleted the following from C:\Users\llane.THECATERCO\AppData\Roaming\mozilla\firefox\profiles\3b1mj3i4.default\prefs.js user_pref("browser.search.defaultenginename", "Funmoods"); user_pref("browser.search.order.1", "Ask.com"); user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=F0BF6072-0440-411F-94FD-A4875D58E778&n=77fcbba9&p2=^YK^xdm133^YY^us"); user_pref("extensions.funmoods.aflt", "adknlg"); user_pref("extensions.funmoods.autoRvrt", false); user_pref("extensions.funmoods.cntry", "US"); user_pref("extensions.funmoods.cv", "cv5"); user_pref("extensions.funmoods.dfltLng", ""); user_pref("extensions.funmoods.dfltSrch", true); user_pref("extensions.funmoods.dnsErr", true); user_pref("extensions.funmoods.envrmnt", "production"); user_pref("extensions.funmoods.excTlbr", false); user_pref("extensions.funmoods.hdrMd5", "4804EE680584B585F5A24F0216FE3443"); user_pref("extensions.funmoods.hmpg", true); user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J1G1I user_pref("extensions.funmoods.id", "DC0EA133EE0FCDB2"); user_pref("extensions.funmoods.instlDay", "15721"); user_pref("extensions.funmoods.instlRef", ""); user_pref("extensions.funmoods.isdcmntcmplt", true); user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:39:3"); user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); user_pref("extensions.funmoods.newTab", true); user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J1G user_pref("extensions.funmoods.prdct", "funmoods"); user_pref("extensions.funmoods.prtnrId", "funmoods"); user_pref("extensions.funmoods.sg", "none"); user_pref("extensions.funmoods.smplGrp", "none"); user_pref("extensions.funmoods.srchPrvdr", "Funmoods"); user_pref("extensions.funmoods.tlbrId", "base"); user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J user_pref("extensions.funmoods.vrsn", "1.5.23.22"); user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:39:3"); user_pref("extensions.funmoods.vrsni", "1.5.23.22"); user_pref("extensions.funmoods_i.newTab", true); user_pref("extensions.funmoods_i.smplGrp", "none"); user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:39:3"); user_pref("extensions.mywebsearch.prevKwdEnabled", true); user_pref("extensions.toolbar.mindspark._14Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=F0BF6072-0440-411F-94FD-A4875D58E778&n=77fcbba9&p2=^YK^xdm133^YY^us user_pref("extensions.toolbar.mindspark._14Members_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._14Members_.installation.installDate", "2013051817"); user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerId", "^YK^xdm133^YY^us"); user_pref("extensions.toolbar.mindspark._14Members_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._14Members_.installation.success", true); user_pref("extensions.toolbar.mindspark._14Members_.installation.toolbarId", "F0BF6072-0440-411F-94FD-A4875D58E778"); user_pref("extensions.toolbar.mindspark._14Members_.options.defaultSearch", true); user_pref("extensions.toolbar.mindspark._14Members_.options.homePageEnabled", true); user_pref("extensions.toolbar.mindspark._14Members_.options.keywordEnabled", true); user_pref("extensions.toolbar.mindspark._14Members_.options.tabEnabled", true); user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F0BF6072-0440-411F-94FD-A4875D58E778&n=77fcbba9&ind=2013051817&p2=^YK^xdm133^YY^us& Emptied folder: C:\Users\llane.THECATERCO\AppData\Roaming\mozilla\firefox\profiles\3b1mj3i4.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Sun 05/19/2013 at 18:09:33.64 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  8. secondstar
    What does "If not difference" mean? Run OTL IF something is "not difference"? Confused. Running JRT.exe now.
  9. secondstar
    Got it. Starting now.
  10. secondstar
    If not obvious, I'm also solving this via logmein to a remote computer.
  11. secondstar
    Here is the roguekiller 64 scan. More info so you can help as best as possible: I never do this, I always solve things myself. I had already run roguekiller and adwcleaner. But of course you cannot see the results. I had done some cleanup. My own next steps (without help) would be to change the browser home pages, remove the search provider mywebsearch, and so on by hand. I was just surprised to see that malwarebytes didn't detect this from the start. RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : llane [Admin rights] Mode : Scan -- Date : 05/19/2013 17:49:10 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 1 ¤¤¤ [TASK][sUSP PATH] Core Temp Autostart llane : "C:\Users\llane.THECATERCO\Desktop\Core Temp.exe" [-] -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK7575GSX +++++ --- User --- [MBR] 30eee3f102b473574157ae89b390f7f4 [bSP] f9b83b12d958b6122051b1ef8d4c775a : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 698443 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1433485312 | Size: 15460 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05192013_02d1749.txt >> RKreport[1]_S_05192013_02d1749.txt
  12. secondstar
    Will do. Love your dogs.
  13. secondstar
    Been attempting to remove MyWebSearch, that was installed as something like "Super Recipe Finder". Malwarebytes Pro says everything is aok. I have it gone from IE as best I can tell, but it is still in Firefox and Chrome. Thought that some tool would help me detect and remove this PUP, but everything says the computer is aok, but it is not. Files attached. I also see some funmoods items (that was detected and I guess MOSTLY removed in January). Would like to get rid of the remnants. dds.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 Run by llane at 17:24:07 on 2013-05-19 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8099.5871 [GMT -5:00] . AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\windows\System32\svchost.exe -k HPZ12 C:\windows\SysWOW64\NMSAccessU.exe C:\windows\System32\svchost.exe -k HPZ12 C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Secunia\PSI\PSIA.exe C:\windows\system32\ThpSrv.exe C:\windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\msiexec.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Secunia\PSI\sua.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\windows\system32\sppsvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe C:\windows\system32\taskeng.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Secunia\PSI\psi_tray.exe C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Users\llane.THECATERCO\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Skype\Updater\Updater.exe C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\igfxsrvc.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Search_URL = hxxp://www.google.com/ie uProxyOverride = <local>;*.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll uURLSearchHooks: <No Name>: - LocalServer32 - <no file> BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - <orphaned> BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll uRun: [Google Update] "C:\Users\llane.THECATERCO\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" StartupFolder: \\sbserver\redirectedfolders\llane\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\llane.THECATERCO\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INTUIT~1.LNK - C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: RunStartupScriptSync = dword:1 IE: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {485D813E-EE26-4DF8-9FAF-DEDF2885306E} - hxxps://sbserver/connectcomputer/nshelp.dll DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/RACtrl.cab?rnd=1903411984 TCP: NameServer = 192.168.200.11 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA} : DHCPNameServer = 192.168.200.11 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\2657E6E697 : DHCPNameServer = 192.168.50.52 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\343475946494 : DHCPNameServer = 192.168.200.11 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\3434759464944435 : DHCPNameServer = 192.168.200.11 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\45C434F5E4564777F627B6 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\45C434F5E4564777F627B6F52374548545 : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{6EB75E65-2558-433C-930C-9B8A351528EA}\C4C494F475946494D2E423 : DHCPNameServer = 192.168.200.11 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - C:\Program Files (x86)\Intuit\QuickBooks 2012\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\windows\SysWOW64\SSCbFsMntNtf3.dll STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\Windows\SysWOW64\SSCbFsMntNtf3.dll IFEO: ehshell.exe - "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3 x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: intu-help-qb5 - {867FCB77-9823-4cd6-8210-D85F968D466F} - <orphaned> x64-Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - <orphaned> x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SSODL: EldosMountNotificator - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\windows\System32\SSCbFsMntNtf3.dll x64-STS: Virtual Storage Mount Notification - {C28617FD-4FE7-4043-AD51-C8132CE90106} - C:\windows\System32\SSCbFsMntNtf3.dll x64-IFEO: ehshell.exe - "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\llane.THECATERCO\AppData\Roaming\Mozilla\Firefox\Profiles\3b1mj3i4.default\ FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml?ptb=F0BF6072-0440-411F-94FD-A4875D58E778&n=77fcbba9&p2=^YK^xdm133^YY^us FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F0BF6072-0440-411F-94FD-A4875D58E778&n=77fcbba9&ind=2013051817&p2=^YK^xdm133^YY^us&searchfor= FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\llane.THECATERCO\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll FF - plugin: C:\windows\SysWOW64\npdeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J1G1I1N&cr=310358382&ir= FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Funmoods FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J1G1I1N&cr=310358382&ir= FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=adknlg&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtAtA0E0EtD0F0C0D0BtBtN0D0Tzu0CtAzztBtN1L2XzutN1L1Czu1T1Q1J1G1I1N&cr=310358382&ir=&q= FF - user.js: extensions.funmoods.id - DC0EA133EE0FCDB2 FF - user.js: extensions.funmoods.instlDay - 15721 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:39:3 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - adknlg FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2011-3-23 36992] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784] R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\windows\System32\drivers\tos_sps64.sys [2011-12-27 482384] R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-12-7 376168] R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928] R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\windows\System32\drivers\LMIRfsDriver.sys [2011-12-27 72216] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-23 418376] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-23 701512] R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 130008] R2 QBVSS;QBIDPService;C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-8-19 1248256] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-5-19 1103392] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-5-19 1369624] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-5-19 168384] R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-14 994360] R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-14 399416] R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-5-24 294848] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-27 2656280] R3 CeKbFilter;CeKbFilter;C:\windows\System32\drivers\CeKbFilter.sys [2011-12-27 20592] R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2010-10-15 317440] R3 JMCR;JMCR;C:\windows\System32\drivers\jmcr.sys [2011-5-26 174680] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-1-23 25928] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760] R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-12-27 38096] R3 PSI;PSI;C:\windows\System32\drivers\psi_mf.sys [2010-9-1 17976] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2011-6-10 539240] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\System32\drivers\rtl8192ce.sys [2011-12-27 1109096] R3 SSCBFS3;SugarSync CallBack File System driver v3;C:\windows\System32\drivers\sscbfs3.sys [2013-5-11 347904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2012-12-4 19456] S3 StorSvc;Storage Service;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2011-7-27 27648] S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-12-27 57216] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-6-10 138152] S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-7-1 828856] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-12-4 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2012-12-4 30208] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-13 54784] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-12-28 1255736] S4 QuickBooksDB22;QuickBooksDB22;C:\PROGRA~2\Intuit\QUICKB~2\QBDBMgrN.exe -hvQuickBooksDB22 --> C:\PROGRA~2\Intuit\QUICKB~2\QBDBMgrN.exe -hvQuickBooksDB22 [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2013-05-19 20:59:07 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-05-19 20:58:57 17272 ----a-w- C:\windows\System32\sdnclean64.exe 2013-05-19 20:58:52 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-05-19 06:52:55 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{12BF887F-F632-4F04-82EC-2A23D316D3FE}\mpengine.dll 2013-05-19 05:39:00 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-05-18 22:51:58 48640 ----a-w- C:\windows\System32\wwanprotdim.dll 2013-05-18 22:51:58 230400 ----a-w- C:\windows\System32\wwansvc.dll 2013-05-17 16:44:09 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2013-05-16 08:13:29 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys 2013-05-16 08:13:29 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys 2013-05-16 08:13:29 144384 ----a-w- C:\windows\System32\cdd.dll 2013-05-16 08:11:45 111448 ----a-w- C:\windows\System32\consent.exe 2013-05-16 08:11:29 70144 ----a-w- C:\windows\System32\appinfo.dll 2013-05-16 08:11:22 1930752 ----a-w- C:\windows\System32\authui.dll 2013-05-16 08:11:22 1796096 ----a-w- C:\windows\SysWow64\authui.dll 2013-05-16 08:10:48 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-05-11 20:27:39 192256 ----a-w- C:\windows\System32\SSCbFsMntNtf3.dll 2013-05-11 20:27:38 159488 ----a-w- C:\windows\SysWow64\SSCbFsMntNtf3.dll 2013-05-11 20:27:38 143104 ----a-w- C:\windows\System32\SSCbFsNetRdr3.dll 2013-05-11 20:27:37 225024 ----a-w- C:\windows\SysWow64\SSCbFsNetRdr3.dll 2013-05-11 20:26:41 347904 ----a-w- C:\windows\System32\drivers\sscbfs3.sys 2013-05-11 19:27:43 223752 ----a-w- C:\windows\System32\drivers\fvevol.sys 2013-05-11 19:12:31 -------- d-----w- C:\windows\Migration 2013-05-11 18:56:28 74240 ----a-w- C:\windows\System32\wbem\NCProv.dll 2013-05-11 18:56:28 58368 ----a-w- C:\windows\System32\ncobjapi.dll 2013-05-11 18:56:28 46080 ----a-w- C:\windows\SysWow64\ncobjapi.dll 2013-05-11 18:54:59 223232 ----a-w- C:\windows\System32\miutils.dll 2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll 2013-04-24 19:06:10 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys 2013-04-23 19:18:27 905296 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0B7D9B0C-44EE-4FAC-AD56-F6E0A43ED20B}\gapaengine.dll 2013-04-23 18:09:35 -------- d-----w- C:\Users\llane.THECATERCO\AppData\Local\IAC . ==================== Find3M ==================== . 2013-05-15 17:37:25 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-05-15 17:37:24 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-13 06:17:15 88448 ----a-w- C:\windows\System32\LMIRfsClientNP.dll 2013-05-13 06:17:12 35688 ----a-w- C:\windows\System32\LMIport.dll 2013-05-13 06:17:11 84328 ----a-w- C:\windows\System32\LMIinit.dll 2013-05-02 15:29:56 278800 ------w- C:\windows\System32\MpSigStub.exe 2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll 2013-04-04 19:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-04-02 14:09:52 4550656 ----a-w- C:\windows\SysWow64\GPhotos.scr 2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe . ============= FINISH: 17:25:20.73 =============== attach.txt . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 12/27/2011 10:07:21 PM System Uptime: 5/19/2013 5:16:23 PM (0 hours ago) . Motherboard: TOSHIBA | | PEQAA Processor: Intel® Core i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/400mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 682 GiB total, 623.49 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP246: 5/19/2013 1:07:33 AM - Scheduled Checkpoint . ==== Installed Programs ====================== . 64 Bit HP CIO Components Installer Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.03) Apple Application Support Apple Mobile Device Support Apple Software Update Bejeweled 3 Bonjour CCleaner Chuzzle Deluxe D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox FATE - The Traitor Soul Fishdom 2 Google Chrome Google Update Helper GoToMeeting 5.3.0.1009 HP Color LaserJet 3600 (02/27/2007 61.063.461.41) HP Officejet Pro 8500 A910 Basic Device Software HP Officejet Pro 8500 A910 Help HP Officejet Pro 8500 A910 Product Improvement Study HP Update I.R.I.S. OCR iCloud Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology iTunes JMicron Flash Media Controller Driver Junk Mail filter update LogMeIn Malwarebytes Anti-Malware version 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Business 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2721691) MSXML 4.0 SP3 Parser (KB2758694) Penguins! Picasa 3 Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Polar Bowler QuickBooks QuickBooks Connection Diagnostic Tool QuickBooks Pro 2002 QuickBooks Pro 2012 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek WLAN Driver Renesas Electronics USB 3.0 Host Controller Driver Revo Uninstaller 1.93 Safari Secunia PSI (2.0.0.4003) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Skype™ 6.3 Spybot - Search & Destroy SpywareBlaster 5.0 SugarSync Synaptics Pointing Device Driver SyncBackPro Tom Clancy's Splinter Cell Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD Protection TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA PC Health Monitor TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA VIDEO PLAYER TOSHIBA Web Camera Application TOSHIBA Wireless LAN Indicator TOSHIBARegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition Update Installer for WildTangent Games App Utility Common Driver Virtual Villagers 5 - New Believers WildTangent Games WildTangent Games App (Toshiba Games) WinDirStat 1.1.2 Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Small Business Server 2011 Standard ClientAgent Windows Small Business Server 2011 Standard WMI Provider WinRAR 4.00 (64-bit) Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar Zuma's Revenge . ==== Event Viewer Messages From Past Week ======== . 5/19/2013 5:16:53 PM, Error: Microsoft-Windows-GroupPolicy [1055] - The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller). 5/19/2013 5:16:52 PM, Error: NETLOGON [5719] - This computer was not able to set up a secure session with a domain controller in domain THECATERCO due to the following: There are currently no logon servers available to service the logon request. This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. 5/18/2013 7:55:35 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 5/18/2013 6:07:45 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/18/2013 6:07:45 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 5/17/2013 9:55:02 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D3DCB472-7261-43CE-924B-0704BD730D5F} and APPID {D3DCB472-7261-43CE-924B-0704BD730D5F} to the user THECATERCO\llane SID (S-1-5-21-773119264-4087772427-2915903831-1138) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 5/17/2013 9:55:02 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {145B4335-FE2A-4927-A040-7C35AD3180EF} and APPID {145B4335-FE2A-4927-A040-7C35AD3180EF} to the user THECATERCO\llane SID (S-1-5-21-773119264-4087772427-2915903831-1138) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 5/17/2013 7:45:13 AM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period. 5/16/2013 10:30:58 AM, Error: Microsoft-Windows-GroupPolicy [1129] - The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. 5/15/2013 7:03:29 PM, Error: Microsoft-Windows-GroupPolicy [1054] - The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly. 5/14/2013 8:42:56 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.