Jump to content

Cleaning up my comuter


jakemeh
 Share

Recommended Posts

I'd like some help cleaning up my computer. The main issue I've had is that my computer does not send documents (with the exception of microsoft word documents) in a proper format to my printer. I've had the printer for over a year, and never experienced this. Additionally, this error occurs with other printers and does not occur with other computers on my printer. Specifically, the documents are printed with the proper spacing from the top left corner, but the content is enlarged so only part of each page is printed. Any help with this issue, and just cleaning up my computer in general, would be much appreciated.

___________________________________________________________________________________________________________________________________

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Owner at 21:11:38 on 2014-02-11
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3983.2228 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\WRSA.exe
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files (x86)\SafeConnect\scManager.sys
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\Windows\system32\taskhost.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Program Files (x86)\Webroot\WRSA.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\SafeConnect\scClient.exe
C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\System32\taskmgr.exe
C:\Windows\splwow64.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
mURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WRSVC] "C:\Program Files (x86)\Webroot\WRSA.exe" -ul
mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{2D53E0E9-E9F5-4CC1-88B8-787700DA7F0F} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\0596F6E6565627E45647 : DHCPNameServer = 130.253.5.2 130.253.5.3
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\36865636B6562737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\44550274575637470275962756C6563737 : DHCPNameServer = 130.253.5.2 130.253.5.3
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\45F686B6F6 : DHCPNameServer = 192.168.88.1 4.2.2.2 8.8.8.8
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405055726C69636143636563737 : DHCPNameServer = 192.168.88.1 4.2.2.1
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405F525163656 : DHCPNameServer = 192.168.1.19
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\

FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}\plugins\npwidevinemediaoptimizer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2013-5-9 31344]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2013-5-9 115232]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-12-13 15472]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2013-5-9 198784]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2013-5-9 41320]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-12-13 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-5-9 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-12-13 133992]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-5-11 1907896]
R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2013-5-9 101376]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]
R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys [2012-11-19 176520]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-12-13 145256]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-12-13 142696]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-9 2656280]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-6-29 82544]
R2 WRSVC;WRSVC;C:\Program Files (x86)\Webroot\WRSA.exe [2013-5-9 761464]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-5-9 166016]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-14 266240]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-9 317440]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-5-9 1143912]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-5-14 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-5-14 21872]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2013-5-9 425000]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-5-9 39464]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-5-9 478056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2013-5-9 87400]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2013-5-9 173416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-9 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-02-12 01:12:23    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-02-12 01:12:05    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-02-12 01:12:04    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-02-12 01:12:03    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 00:51:42    596256    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\hpcpp155.dll
2014-02-12 00:51:00    757760    ----atw-    C:\Windows\System32\PSR581F7.DLL
2014-02-12 00:50:49    --------    d-----w-    C:\Program Files (x86)\PharosSystems
2014-02-12 00:50:45    --------    d-----w-    C:\Program Files (x86)\Pharos
2014-01-29 20:54:32    --------    d-----w-    C:\Users\Owner\AppData\Local\lptmp1220249429
2014-01-28 21:17:30    --------    d-----w-    C:\Users\Owner\AppData\Local\lptmp49271697
2014-01-15 12:20:56    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 12:20:56    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2014-01-15 12:20:56    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2014-01-15 12:20:56    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2014-01-15 12:20:56    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2014-01-15 12:20:56    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 12:20:56    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2014-01-15 12:20:54    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-15 12:20:54    3156480    ----a-w-    C:\Windows\System32\win32k.sys
.
==================== Find3M  ====================
.
2014-01-29 20:54:31    10395072    ----a-w-    C:\Program Files (x86)\Common Files\wruninstall.exe
2014-01-16 05:27:59    154824    ----a-w-    C:\Windows\SysWow64\WRusr.dll
2014-01-16 05:27:59    115232    ----a-w-    C:\Windows\System32\drivers\WRkrn.sys
2014-01-16 05:27:59    104872    ----a-w-    C:\Windows\System32\WRusr.dll
2014-01-09 21:12:41    96168    ------w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-07 21:27:20    108968    ------w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-11-26 10:19:07    2724864    ------w-    C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23    4096    ------w-    C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07    66048    ------w-    C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25    48640    ------w-    C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02    2724864    ------w-    C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39    139264    ------w-    C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09    111616    ------w-    C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57    708608    ------w-    C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02    5769216    ------w-    C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16    553472    ------w-    C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12    4243968    ------w-    C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16    1995264    ------w-    C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06    1928192    ------w-    C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57    2334208    ------w-    C:\Windows\System32\wininet.dll
2013-11-26 06:33:33    1820160    ------w-    C:\Windows\SysWow64\wininet.dll
2013-11-23 18:26:20    417792    ------w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ------w-    C:\Windows\System32\WMPhoto.dll
.
============= FINISH: 21:12:08.82 ===============
 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/9/2013 2:46:05 PM
System Uptime: 2/11/2014 8:57:12 PM (1 hours ago)
.
Motherboard: LENOVO |  | 4177CTO
Processor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 118.032 GiB free.
Q: is FIXED (NTFS) - 16 GiB total, 6.09 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP47: 1/7/2014 2:27:01 PM - Installed Java 7 Update 45 (64-bit)
RP48: 1/7/2014 3:11:00 PM - Removed Java SE Development Kit 7 Update 45 (64-bit)
RP49: 1/9/2014 2:12:18 PM - Installed Java 7 Update 45
RP50: 1/16/2014 3:00:12 AM - Windows Update
RP51: 1/23/2014 3:14:22 AM - Scheduled Checkpoint
RP52: 1/31/2014 1:24:38 AM - Scheduled Checkpoint
RP53: 2/8/2014 12:00:01 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
7-Zip 9.20
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Broadcom InConcert Maestro
Brother MFL-Pro Suite MFC-J825DW
Burn.Now 4.5
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant 20672 SmartAudio HD
Corel Burn.Now Lenovo Edition
Corel DVD MovieFactory 7
Corel DVD MovieFactory Lenovo Edition
Corel WinDVD
Create Recovery Media
D3DX10
Direct DiscRecorder
Dropbox
Exact Audio Copy 1.0beta3
foobar2000 v1.2.6
Free Studio version 2013
GIMP 2.8.4
Google Update Helper
Integrated Camera Driver Installer Package Ver.1.1.0.1147
Integrated Camera TWAIN
Intel® Control Center
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Intel® Processor Graphics
Java 7 Update 45
Java 7 Update 45 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 45 (64-bit)
Junk Mail filter update
Lenovo Auto Scroll Utility
Lenovo Patch Utility
Lenovo Patch Utility 64 bit
Lenovo Registration
Lenovo SimpleTap
Lenovo Solution Center
Lenovo System Interface Driver
Lenovo User Guide
Lenovo Warranty Information
Lenovo Welcome
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Message Center Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 365 Home Premium - en-us
Microsoft Office Korrekturhilfen 2013 - Deutsch
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MPC-HC 1.6.7.7114 (9eb64ec)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
On Screen Display
Pharos
RapidBoot
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
Rescue and Recovery
RICOH_Media_Driver_v2.13.18.02
SafeConnect
Search Protection
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Skype Click to Call
Skype™ 6.3
Spotify
System Update
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad FullScreen Magnifier
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkPad Wireless LAN Adapter Software
ThinkVantage Active Protection System
ThinkVantage AutoLock
ThinkVantage Communications Utility
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
uTorrentControl_v6 Toolbar
VIP Access
Webroot SecureAnywhere
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System  (11/20/2010 9.2.0.1016)
Windows Driver Package - Intel USB  (12/21/2010 9.2.0.1021)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30)
Windows Driver Package - Synaptics (SynTP) Mouse  (05/19/2011 15.3.8.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
2/7/2014 9:02:32 AM, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.40. The computer with the IP address 192.168.0.22 did not allow the name to be claimed by this computer.
2/6/2014 5:02:49 PM, Error: NetBT [4320]  - Another computer has sent a name release message to this computer, probably because a duplicate name has been detected on the TCP network.  The IP address of the node that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.
2/6/2014 4:55:18 PM, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1} because another computer on the network has the same name.  The server could not start.
2/6/2014 4:55:18 PM, Error: NetBT [4321]  - The name "OWNER-THINK    :20" could not be registered on the interface with IP address 10.8.7.175. The computer with the IP address 130.253.1.212 did not allow the name to be claimed by this computer.
2/6/2014 4:55:18 PM, Error: NetBT [4321]  - The name "OWNER-THINK    :0" could not be registered on the interface with IP address 10.8.7.175. The computer with the IP address 130.253.1.212 did not allow the name to be claimed by this computer.
2/11/2014 8:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/11/2014 8:58:55 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/11/2014 5:59:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
2/11/2014 5:58:59 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
2/11/2014 5:58:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
2/11/2014 3:55:04 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service.
2/10/2014 9:22:10 AM, Error: bowser [8003]  - The master browser has received a server announcement from the computer BARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
 

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.45.2
Run by Owner at 1:26:25 on 2014-02-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3983.1570 [GMT -7:00]
.
AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
C:\Windows\SysWOW64\SAsrv.exe
C:\Program Files (x86)\SafeConnect\scManager.sys
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Lenovo\System Update\SUService.exe
C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXE
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\TpShocks.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files (x86)\SafeConnect\scClient.exe
C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\System32\taskmgr.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Program Files (x86)\Webroot\WRSA.exe
C:\Program Files (x86)\Webroot\WRSA.exe
C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe
C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.


uURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
mURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update plugin
mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
mRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
mRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [WRSVC] "C:\Program Files (x86)\Webroot\WRSA.exe" -ul
mRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimize
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [searchProtect] \SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{2D53E0E9-E9F5-4CC1-88B8-787700DA7F0F} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\0596F6E6565627E45647 : DHCPNameServer = 130.253.5.2 130.253.5.3
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\36865636B6562737 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\44550274575637470275962756C6563737 : DHCPNameServer = 130.253.5.2 130.253.5.3
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\45F686B6F6 : DHCPNameServer = 192.168.88.1 4.2.2.2 8.8.8.8
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405055726C69636143636563737 : DHCPNameServer = 192.168.88.1 4.2.2.1
TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405F525163656 : DHCPNameServer = 192.168.1.19
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [TpShocks] TpShocks.exe
x64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exe
x64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
x64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\

FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}\plugins\npwidevinemediaoptimizer.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
.
============= SERVICES / DRIVERS ===============
.
R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2013-5-9 31344]
R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]
R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2013-5-9 113664]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-12-13 15472]
R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2013-5-9 198784]
R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2013-5-9 41320]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-12-13 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-5-9 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-12-13 133992]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-5-11 1907896]
R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2013-5-9 101376]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]
R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys [2012-11-19 176520]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-12-13 145256]
R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-12-13 142696]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-9 2656280]
R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-6-29 82544]
R2 WRSVC;WRSVC;C:\Program Files (x86)\Webroot\WRSA.exe [2013-5-9 762488]
R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-5-9 166016]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-14 266240]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-9 317440]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-5-9 1143912]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-5-14 95344]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-5-14 21872]
S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2013-5-9 425000]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-5-9 39464]
S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-5-9 478056]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2013-5-9 87400]
S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2013-5-9 173416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-9 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2014-02-12 10:01:12    548864    ----a-w-    C:\Windows\System32\vbscript.dll
2014-02-12 10:01:12    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-02-12 06:14:54    1882112    ----a-w-    C:\Windows\System32\msxml3.dll
2014-02-12 01:12:23    --------    d-----w-    C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-02-12 01:12:05    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-02-12 01:12:04    25928    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-02-12 01:12:03    --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-12 00:51:42    596256    ----a-w-    C:\Windows\System32\Spool\prtprocs\x64\hpcpp155.dll
2014-02-12 00:51:00    757760    ----atw-    C:\Windows\System32\PSR581F7.DLL
2014-02-12 00:50:49    --------    d-----w-    C:\Program Files (x86)\PharosSystems
2014-02-12 00:50:45    --------    d-----w-    C:\Program Files (x86)\Pharos
2014-01-29 20:54:32    --------    d-----w-    C:\Users\Owner\AppData\Local\lptmp1220249429
2014-01-28 21:17:30    --------    d-----w-    C:\Users\Owner\AppData\Local\lptmp49271697
.
==================== Find3M  ====================
.
2014-02-14 20:24:26    153256    ----a-w-    C:\Windows\SysWow64\WRusr.dll
2014-02-14 20:24:26    113664    ----a-w-    C:\Windows\System32\drivers\WRkrn.sys
2014-02-14 20:24:26    103304    ----a-w-    C:\Windows\System32\WRusr.dll
2014-02-06 11:30:46    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11    708608    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37    5768704    ----a-w-    C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32    2041856    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27    553472    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36    4244480    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52    2334208    ----a-w-    C:\Windows\System32\wininet.dll
2014-02-06 09:09:30    1964032    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35    1820160    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-01-29 20:54:31    10395072    ----a-w-    C:\Program Files (x86)\Common Files\wruninstall.exe
2014-01-09 21:12:41    96168    ------w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-07 21:27:20    108968    ------w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2013-12-24 23:09:41    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2013-12-24 22:48:32    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2013-12-06 02:30:08    2048    ----a-w-    C:\Windows\System32\msxml3r.dll
2013-12-06 02:02:08    2048    ----a-w-    C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08    1237504    ----a-w-    C:\Windows\SysWow64\msxml3.dll
2013-12-04 02:27:33    485888    ----a-w-    C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33    123392    ----a-w-    C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16    488448    ----a-w-    C:\Windows\System32\secproc.dll
2013-12-04 02:26:32    528384    ----a-w-    C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51    658432    ----a-w-    C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51    626176    ----a-w-    C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50    552960    ----a-w-    C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48    553984    ----a-w-    C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20    87040    ----a-w-    C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20    423936    ----a-w-    C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08    428032    ----a-w-    C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06    390144    ----a-w-    C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14    510976    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10    594944    ----a-w-    C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09    572416    ----a-w-    C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06    508928    ----a-w-    C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-27 01:41:37    343040    ----a-w-    C:\Windows\System32\drivers\usbhub.sys
2013-11-27 01:41:15    99840    ----a-w-    C:\Windows\System32\drivers\usbccgp.sys
2013-11-27 01:41:11    53248    ----a-w-    C:\Windows\System32\drivers\usbehci.sys
2013-11-27 01:41:11    325120    ----a-w-    C:\Windows\System32\drivers\usbport.sys
2013-11-27 01:41:09    25600    ----a-w-    C:\Windows\System32\drivers\usbohci.sys
2013-11-27 01:41:06    30720    ----a-w-    C:\Windows\System32\drivers\usbuhci.sys
2013-11-27 01:41:03    7808    ----a-w-    C:\Windows\System32\drivers\usbd.sys
2013-11-26 11:40:00    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2013-11-26 10:32:56    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2013-11-26 08:16:50    3419136    ----a-w-    C:\Windows\SysWow64\d2d1.dll
2013-11-23 18:26:20    417792    ------w-    C:\Windows\SysWow64\WMPhoto.dll
2013-11-23 17:47:34    465920    ------w-    C:\Windows\System32\WMPhoto.dll
2013-11-22 22:48:21    3928064    ----a-w-    C:\Windows\System32\d2d1.dll
.
============= FINISH:  1:27:01.96 ===============
 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/9/2013 2:46:05 PM
System Uptime: 2/12/2014 12:40:21 PM (109 hours ago)
.
Motherboard: LENOVO |  | 4177CTO
Processor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU | 975/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 281 GiB total, 119.555 GiB free.
Q: is FIXED (NTFS) - 16 GiB total, 6.09 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP50: 1/16/2014 3:00:12 AM - Windows Update
RP51: 1/23/2014 3:14:22 AM - Scheduled Checkpoint
RP52: 1/31/2014 1:24:38 AM - Scheduled Checkpoint
RP53: 2/8/2014 12:00:01 AM - Scheduled Checkpoint
RP54: 2/12/2014 3:00:13 AM - Windows Update
RP55: 2/16/2014 3:00:10 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
64 Bit HP CIO Components Installer
7-Zip 9.20
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
Broadcom InConcert Maestro
Brother MFL-Pro Suite MFC-J825DW
Burn.Now 4.5
calibre
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Conexant 20672 SmartAudio HD
Corel Burn.Now Lenovo Edition
Corel DVD MovieFactory 7
Corel DVD MovieFactory Lenovo Edition
Corel WinDVD
Create Recovery Media
D3DX10
Direct DiscRecorder
Dropbox
Exact Audio Copy 1.0beta3
foobar2000 v1.2.6
Free Studio version 2013
GIMP 2.8.4
Google Update Helper
Integrated Camera Driver Installer Package Ver.1.1.0.1147
Integrated Camera TWAIN
Intel® Control Center
Intel® Identity Protection Technology 1.1.2.0
Intel® Management Engine Components
Intel® Processor Graphics
Java 7 Update 45
Java 7 Update 45 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 45 (64-bit)
Junk Mail filter update
Lenovo Auto Scroll Utility
Lenovo Patch Utility
Lenovo Patch Utility 64 bit
Lenovo Registration
Lenovo SimpleTap
Lenovo Solution Center
Lenovo System Interface Driver
Lenovo User Guide
Lenovo Warranty Information
Lenovo Welcome
Malwarebytes Anti-Malware version 1.75.0.1300
Mesh Runtime
Message Center Plus
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 365 Home Premium - en-us
Microsoft Office Korrekturhilfen 2013 - Deutsch
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MPC-HC 1.6.7.7114 (9eb64ec)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
On Screen Display
Pharos
RapidBoot
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7
Rescue and Recovery
RICOH_Media_Driver_v2.13.18.02
SafeConnect
Search Protection
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Skype Click to Call
Skype™ 6.3
Spotify
System Update
ThinkPad Bluetooth with Enhanced Data Rate Software
ThinkPad FullScreen Magnifier
ThinkPad Power Management Driver
ThinkPad Power Manager
ThinkPad UltraNav Driver
ThinkPad UltraNav Utility
ThinkPad Wireless LAN Adapter Software
ThinkVantage Active Protection System
ThinkVantage AutoLock
ThinkVantage Communications Utility
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
uTorrentControl_v6 Toolbar
VIP Access
Webroot SecureAnywhere
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011)
Windows Driver Package - Intel System  (11/20/2010 9.2.0.1016)
Windows Driver Package - Intel USB  (12/21/2010 9.2.0.1021)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30)
Windows Driver Package - Synaptics (SynTP) Mouse  (05/19/2011 15.3.8.0)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
2/16/2014 10:40:48 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer BARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1}. The master browser is stopping or an election is being forced.
2/12/2014 3:30:51 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/12/2014 3:30:47 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
2/11/2014 5:59:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
2/11/2014 5:58:59 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
2/11/2014 5:58:29 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
2/11/2014 3:55:04 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service.
.
==== End Of File ===========================
 

Link to post
Share on other sites

Hi jakemeh,

 

P2P/Piracy Warning:

  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Please comply with the above and remove any software that breaks forum protocol.

 

---------------------

 

Please go to Virus Total

 

Note:You may need to enable Show Hidden Files, Folders, and Drives. See HERE for how to do so

 

Click on Choose File and navigate to the following file to upload it.

C:\Windows\System32\PSR581F7.DLL

 

Click on the submit button.

 

Please post the results of the scan in your next reply.

 

---------------------

 

SCAN

 

Please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.
---------------------

 

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus
---------------------

 

In your next reply please post

  • VirusTotal Results
  • AdwCleaner[R1].txt
  • JRT.txt
Link to post
Share on other sites

Unfortunately I was unable to locate the file C:\Windows\System32\PSR581F7.DLL through the virus total upload. I could find the file myself, outside of the upload window, but it would not appear through their site. I tried to drag the file from windows explorer to the upload field, but that did not work as well.
 
 
# AdwCleaner v3.019 - Report created 18/02/2014 at 12:39:23
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-THINK
# Running from : C:\Users\Owner\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\searchplugins\Conduit.xml
Folder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\uTorrentControl_v6
Folder Found C:\ProgramData\Partner
Folder Found C:\Searchprotect
Folder Found C:\Users\Owner\AppData\Local\Conduit
Folder Found C:\Users\Owner\AppData\LocalLow\Conduit
Folder Found C:\Users\Owner\AppData\LocalLow\uTorrentControl_v6
Folder Found C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\CT3289075
Folder Found C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\StumbleUpon
Folder Found C:\Users\Owner\AppData\Roaming\Search Protection
Folder Found C:\Users\Owner\AppData\Roaming\Searchprotect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3286042
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52C54A88-8E16-41C8-9693-5A33513BFEFD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52D68F2C-EC33-4798-9C6B-FB7FBEEAA7C2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 Toolbar
Key Found : HKLM\Software\uTorrentControl_v6
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\prefs.js ]

Line Found : user_pref("CT3286042.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3286042%26octid%3DCT3286042%26SearchSource%3D15%26CUI%3DUN21660214792742131%26SSPV%[...]
Line Found : user_pref("CT3286042_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1368304345499,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT3289075.FF19Solved", "true");
Line Found : user_pref("CT3289075.UserID", "UN20487034312697512");
Line Found : user_pref("CT3289075.fullUserID", "UN20487034312697512.IN.20130816140553");
Line Found : user_pref("CT3289075.installDate", "16/08/2013 14:05:53");
Line Found : user_pref("CT3289075.installSessionId", "-1");
Line Found : user_pref("CT3289075.installSp", "TRUE");
Line Found : user_pref("CT3289075.installerVersion", "1.5.4.4");
Line Found : user_pref("CT3289075.searchRevert", "FALSE");
Line Found : user_pref("CT3289075.searchUserMode", "2");
Line Found : user_pref("CT3289075.versionFromInstaller", "10.16.70.7");
Line Found : user_pref("CT3289075.xpeMode", "0");

Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3286042");
Line Found : user_pref("browser.search.defaultthis.engineName", "KeyBar 1.8 Customized Web Search");

Line Found : user_pref("smartbar.machineId", "E6O24CQKXTPAW+R7KGQZAAF2DWZVMVEBCQJAILEFVIDPGPJNWUBJUGCJ2VIBHL7OIYPDF0IPPMUCRWKZGFVSEW");

*************************

AdwCleaner[R0].txt - [6725 octets] - [18/02/2014 12:28:25]
AdwCleaner[R1].txt - [6625 octets] - [18/02/2014 12:39:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [6685 octets] ##########
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Tue 02/18/2014 at 12:42:29.70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3286042
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289075
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96f454ea-9d38-474f-b504-56193e00c1a5}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\search protection"
Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{15190D71-879B-418F-B259-D5B0715F9E48}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{909526C3-C626-4B3D-BF82-60B984141A1A}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DE8B56A-F651-45CB-BB24-3D2EC45F38E6}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A0E9419E-3580-455E-A331-0390F3B1B793}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EBB09CB0-1B7D-45D2-AC09-46C5C666B437}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBF7ED31-9354-4A55-95D0-5A86C29941F8}



~~~ FireFox

Successfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\searchplugins\conduit.xml
Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\prefs.js

user_pref("CT3286042.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3286042%26octid%3DCT3286042%26SearchSource%3D15%26CUI%3DUN

user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("Smartbar.keywordURLSelectedCTID", "CT3286042");
user_pref("browser.search.defaultthis.engineName", "KeyBar 1.8 Customized Web Search");

user_pref("smartbar.machineId", "E6O24CQKXTPAW+R7KGQZAAF2DWZVMVEBCQJAILEFVIDPGPJNWUBJUGCJ2VIBHL7OIYPDF0IPPMUCRWKZGFVSEW");
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\minidumps [27 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/18/2014 at 12:49:50.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Link to post
Share on other sites

Unfortunately I was unable to locate the file C:\Windows\System32\PSR581F7.DLL through the virus total upload. I could find the file myself, outside of the upload window, but it would not appear through their site. I tried to drag the file from windows explorer to the upload field, but that did not work as well.

What internet browser are you using?

Link to post
Share on other sites

Hi jakemeh,

Thanks for getting me those logs.

Please download RogueKiller and save it to your desktop.

  • RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.
----------------------------------------

Please download the Farbar Recovery Scan Tool and save it to your desktop.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
----------------------------------------

Please post the following in your next reply.

  • RogueKiller log
  • FRST.txt
  • Addition.txt
Link to post
Share on other sites

RogueKiller V8.8.8 _x64_ [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Scan -- Date : 02/19/2014 19:34:03
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 12 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableCMD (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : DisableCMD (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableCMD (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++
--- User ---
[MBR] b8db0241310926a4f3b3ba2ef34a8970
[bSP] ff976be311f2549de8b65f819206d63c : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 287743 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 592371712 | Size: 16000 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02192014_193403.txt >>



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Owner (administrator) on OWNER-THINK on 19-02-2014 19:36:01
Running from C:\Users\Owner\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo.) C:\Windows\system32\ibmpmsvc.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scManager.sys
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scClient.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()
HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\.DEFAULT\...\Run: [searchProtect] - \SearchProtect\bin\cltmng.exe
HKU\.DEFAULT\...\Policies\system: [DisableCMD] 0
HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0
HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Run: [spotify Web Helper] - C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-02-03] (Spotify Ltd)
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Run: [Google Update] - C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-18] (Google Inc.)
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\MountPoints2: {bf377446-b8da-11e2-88c2-806e6f6e6963} - Q:\LenovoQDrive.exe
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lenovo Product Registration.lnk
ShortcutTarget: Lenovo Product Registration.lnk -> C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk
ShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpad
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
URLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No File
URLSearchHook: HKCU - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {4DF3A262-AC93-4D3F-B7DA-EA9B8231BCF5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {4DF3A262-AC93-4D3F-B7DA-EA9B8231BCF5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_enUS535US535
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {96f454ea-9d38-474f-b504-56193e00c1a5} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\idvaultaddon@whitesky [2014-02-18]
FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\temp [2014-02-18]
FF Extension: Widevine Media Optimizer - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2013-05-14]
FF Extension: Webroot - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}_deleted [2013-05-20]
FF Extension: uTorrentControl_v6  - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-09-14]
FF Extension: StumbleUpon - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-05-13]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-18]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-18]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-18]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-18]
CHR Extension: (Norton Identity Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-18]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-18]
CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Owner\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Owner\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-18]

==================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-07-30] (Pharos Systems International)
R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [176520 2012-11-19] (Impulse Point, LLC)
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited)
S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2011-08-18] (Lenovo Group Limited)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-06-29] (Symantec Corporation)

==================== Drivers (Whitelisted) ====================

R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2014-02-18] (Zemana Ltd.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-18] (Symantec Corporation)
U3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2014-02-18] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140219.001\IDSvia64.sys [521944 2014-02-18] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140219.018\ENG64.SYS [126040 2014-02-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140219.018\EX64.SYS [2099288 2014-02-18] (Symantec Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)
U0 SR;
U2 srservice;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-19 19:36 - 2014-02-19 19:36 - 00034641 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-02-19 19:35 - 2014-02-19 19:36 - 00000000 ____D () C:\FRST
2014-02-19 19:34 - 2014-02-19 19:34 - 00002324 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02192014_193403.txt
2014-02-19 19:30 - 2014-02-19 19:34 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-19 19:27 - 2014-02-19 19:27 - 04413952 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe
2014-02-19 19:27 - 2014-02-19 19:27 - 02153472 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-02-18 21:39 - 2014-02-18 21:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-18 21:34 - 2014-02-19 18:44 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job
2014-02-18 21:34 - 2014-02-19 18:44 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-18 21:34 - 2014-02-18 21:39 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 21:34 - 2014-02-18 21:39 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job
2014-02-18 21:34 - 2014-02-18 21:34 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-18 21:34 - 2014-02-18 21:34 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA
2014-02-18 21:34 - 2014-02-18 21:34 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-18 21:34 - 2014-02-18 21:34 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core
2014-02-18 21:33 - 2014-02-18 21:33 - 00847816 _____ (Google Inc.) C:\Users\Owner\Downloads\ChromeSetup.exe
2014-02-18 14:13 - 2014-02-18 14:13 - 00000000 ____D () C:\Users\Owner\workspace
2014-02-18 14:06 - 2014-02-18 14:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-02-18 14:02 - 2014-02-18 14:02 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 14:02 - 2014-02-18 14:02 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 14:02 - 2014-02-18 14:02 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-02-18 14:02 - 2014-02-18 14:02 - 00002523 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-02-18 14:02 - 2014-02-18 14:02 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-02-18 14:00 - 2014-02-18 14:00 - 00000000 ____D () C:\Users\Owner\Documents\Symantec
2014-02-18 13:09 - 2014-02-18 14:05 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-02-18 13:09 - 2014-02-18 13:09 - 01021632 _____ (Symantec Corporation) C:\Users\Owner\Downloads\Norton_Download_Manager.exe
2014-02-18 13:09 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\White_Sky,_Inc
2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-02-18 13:04 - 2014-02-19 13:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ID Vault
2014-02-18 13:04 - 2014-02-19 09:05 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-02-18 13:04 - 2014-02-18 14:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\ID Vault
2014-02-18 13:04 - 2014-02-18 13:04 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Windows\SysWOW64\ZALSDK_uninst
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Zemana
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-18 13:04 - 2013-10-16 13:03 - 10674488 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll
2014-02-18 13:02 - 2014-02-18 13:03 - 20609808 _____ (White Sky, Inc.) C:\Users\Owner\Downloads\constantguard.exe
2014-02-18 12:49 - 2014-02-18 12:49 - 00004265 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-02-18 12:37 - 2014-02-18 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 12:28 - 2014-02-18 12:39 - 00000000 ____D () C:\AdwCleaner
2014-02-18 12:24 - 2014-02-18 12:24 - 01241834 _____ () C:\Users\Owner\Desktop\adwcleaner.exe
2014-02-18 12:24 - 2014-02-18 12:24 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-02-17 01:27 - 2014-02-17 01:27 - 00029802 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-17 01:27 - 2014-02-17 01:27 - 00008568 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-12 03:01 - 2013-12-21 02:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 03:01 - 2013-12-21 01:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 03:00 - 2014-02-06 05:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 03:00 - 2014-02-06 04:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 03:00 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 03:00 - 2014-02-06 04:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 03:00 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 03:00 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 03:00 - 2014-02-06 03:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 03:00 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 03:00 - 2014-02-06 03:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 03:00 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 03:00 - 2014-02-06 03:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 03:00 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 03:00 - 2014-02-06 03:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 03:00 - 2014-02-06 03:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 03:00 - 2014-02-06 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 03:00 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 03:00 - 2014-02-06 03:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 03:00 - 2014-02-06 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 03:00 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 03:00 - 2014-02-06 02:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 03:00 - 2014-02-06 02:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 03:00 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 03:00 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 03:00 - 2014-02-06 02:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 03:00 - 2014-02-06 02:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 03:00 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 03:00 - 2014-02-06 02:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 03:00 - 2014-02-06 02:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 03:00 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 03:00 - 2014-02-06 02:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 03:00 - 2014-02-06 02:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 03:00 - 2014-02-06 02:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 03:00 - 2014-02-06 02:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 03:00 - 2014-02-06 02:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 03:00 - 2014-02-06 01:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 03:00 - 2014-02-06 01:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 03:00 - 2014-02-06 01:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 03:00 - 2014-02-06 01:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 03:00 - 2014-02-06 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-11 23:14 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-11 23:14 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-11 23:14 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-11 23:14 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-11 23:14 - 2013-12-05 19:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-11 23:14 - 2013-12-05 19:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-11 23:14 - 2013-12-05 19:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-11 23:14 - 2013-12-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-11 23:14 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-11 23:14 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-11 23:14 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-11 23:14 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-11 23:14 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-11 23:14 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-11 23:14 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-11 23:14 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-11 23:14 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-11 23:14 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-11 23:14 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-11 23:14 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-11 23:14 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-11 23:14 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-11 23:14 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-11 23:14 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-11 23:14 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-11 23:14 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-11 23:14 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-11 23:14 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 21:05 - 2014-02-11 21:06 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-02-11 18:12 - 2014-02-11 18:12 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-11 18:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-11 18:10 - 2014-02-11 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-11 17:55 - 2014-02-11 17:55 - 00000000 ____D () C:\Users\Public\Documents\Hewlett-Packard
2014-02-11 17:52 - 2014-02-11 17:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-11 17:51 - 2013-07-30 09:03 - 00757760 ____T (Pharos Systems International) C:\Windows\system32\PSR581F7.DLL
2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\PharosSystems
2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Pharos
2014-02-11 17:49 - 2014-02-11 17:49 - 01347249 _____ () C:\Users\Owner\Downloads\!DUnetCD(3).exe
2014-02-06 12:11 - 2014-02-06 12:11 - 00826470 _____ () C:\Users\Owner\Downloads\Jake.pptx
2014-01-29 13:54 - 2014-02-11 20:59 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp1220249429
2014-01-28 14:17 - 2014-01-29 13:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp49271697
2014-01-28 14:12 - 2014-01-28 14:12 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(3).exe
2014-01-28 14:11 - 2014-01-28 14:11 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(2).exe
2014-01-28 14:09 - 2014-01-28 14:09 - 01344820 _____ () C:\Users\Owner\Downloads\!DUnetCD(2).exe
2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller.exe
2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(1).exe
2014-01-20 19:17 - 2014-01-20 19:17 - 00003248 _____ () C:\Users\Owner\Downloads\MehlmanJakeLab02.zip

==================== One Month Modified Files and Folders =======

2014-02-19 19:36 - 2014-02-19 19:36 - 00034641 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-02-19 19:36 - 2014-02-19 19:35 - 00000000 ____D () C:\FRST
2014-02-19 19:34 - 2014-02-19 19:34 - 00002324 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02192014_193403.txt
2014-02-19 19:34 - 2014-02-19 19:30 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine
2014-02-19 19:31 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-19 19:31 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-19 19:30 - 2013-05-11 13:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\foobar2000
2014-02-19 19:28 - 2013-05-09 12:21 - 01354108 _____ () C:\Windows\WindowsUpdate.log
2014-02-19 19:27 - 2014-02-19 19:27 - 04413952 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe
2014-02-19 19:27 - 2014-02-19 19:27 - 02153472 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-02-19 19:25 - 2009-07-13 22:13 - 00726444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-19 19:23 - 2009-07-13 21:51 - 00069468 _____ () C:\Windows\setupact.log
2014-02-19 18:44 - 2014-02-18 21:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job
2014-02-19 18:44 - 2014-02-18 21:34 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-19 16:37 - 2013-05-13 13:03 - 00000000 ____D () C:\Program Files (x86)\SafeConnect
2014-02-19 13:59 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ID Vault
2014-02-19 12:36 - 2013-05-13 14:13 - 00000000 ____D () C:\Users\Owner\Documents\DU
2014-02-19 09:05 - 2014-02-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite
2014-02-19 09:05 - 2013-05-14 23:26 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
2014-02-19 09:05 - 2013-05-14 23:26 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-02-18 21:39 - 2014-02-18 21:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-18 21:39 - 2014-02-18 21:34 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 21:39 - 2014-02-18 21:34 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job
2014-02-18 21:39 - 2013-05-09 13:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-02-18 21:39 - 2013-05-09 12:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-18 21:34 - 2014-02-18 21:34 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-18 21:34 - 2014-02-18 21:34 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA
2014-02-18 21:34 - 2014-02-18 21:34 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-18 21:34 - 2014-02-18 21:34 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core
2014-02-18 21:33 - 2014-02-18 21:33 - 00847816 _____ (Google Inc.) C:\Users\Owner\Downloads\ChromeSetup.exe
2014-02-18 14:20 - 2013-06-13 23:27 - 00000000 ___RD () C:\Users\Owner\Dropbox
2014-02-18 14:20 - 2013-06-13 23:26 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox
2014-02-18 14:16 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-18 14:15 - 2013-05-11 13:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-18 14:15 - 2013-05-09 16:17 - 00000000 ____D () C:\Program Files (x86)\Webroot
2014-02-18 14:15 - 2010-11-20 20:47 - 00570604 _____ () C:\Windows\PFRO.log
2014-02-18 14:14 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\ID Vault
2014-02-18 14:13 - 2014-02-18 14:13 - 00000000 ____D () C:\Users\Owner\workspace
2014-02-18 14:13 - 2013-05-09 13:46 - 00000000 ____D () C:\Users\Owner
2014-02-18 14:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-18 14:06 - 2014-02-18 14:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-02-18 14:05 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-02-18 14:05 - 2013-05-09 12:29 - 00000000 ____D () C:\ProgramData\Norton
2014-02-18 14:02 - 2014-02-18 14:02 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-02-18 14:02 - 2014-02-18 14:02 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-02-18 14:02 - 2014-02-18 14:02 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-02-18 14:02 - 2014-02-18 14:02 - 00002523 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-02-18 14:02 - 2014-02-18 14:02 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-02-18 14:00 - 2014-02-18 14:00 - 00000000 ____D () C:\Users\Owner\Documents\Symantec
2014-02-18 13:09 - 2014-02-18 13:09 - 01021632 _____ (Symantec Corporation) C:\Users\Owner\Downloads\Norton_Download_Manager.exe
2014-02-18 13:09 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\White_Sky,_Inc
2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2014-02-18 13:04 - 2014-02-18 13:04 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Windows\SysWOW64\ZALSDK_uninst
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Zemana
2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\ProgramData\White Sky, Inc
2014-02-18 13:03 - 2014-02-18 13:02 - 20609808 _____ (White Sky, Inc.) C:\Users\Owner\Downloads\constantguard.exe
2014-02-18 12:49 - 2014-02-18 12:49 - 00004265 _____ () C:\Users\Owner\Desktop\JRT.txt
2014-02-18 12:39 - 2014-02-18 12:28 - 00000000 ____D () C:\AdwCleaner
2014-02-18 12:37 - 2014-02-18 12:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-18 12:35 - 2013-07-17 06:04 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-18 12:24 - 2014-02-18 12:24 - 01241834 _____ () C:\Users\Owner\Desktop\adwcleaner.exe
2014-02-18 12:24 - 2014-02-18 12:24 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe
2014-02-18 12:15 - 2013-05-11 13:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent
2014-02-17 14:28 - 2013-12-10 20:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-17 01:27 - 2014-02-17 01:27 - 00029802 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-17 01:27 - 2014-02-17 01:27 - 00008568 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-16 03:02 - 2013-07-16 00:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 03:00 - 2013-05-09 16:00 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 03:30 - 2013-05-14 12:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-13 03:30 - 2013-05-14 12:02 - 00000000 ____D () C:\ProgramData\Skype
2014-02-12 04:57 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-02-11 21:06 - 2014-02-11 21:05 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr
2014-02-11 21:03 - 2013-05-14 23:25 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-02-11 20:59 - 2014-01-29 13:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp1220249429
2014-02-11 18:12 - 2014-02-11 18:12 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-11 18:11 - 2014-02-11 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-11 17:55 - 2014-02-11 17:55 - 00000000 ____D () C:\Users\Public\Documents\Hewlett-Packard
2014-02-11 17:53 - 2013-05-13 13:04 - 00000000 ____D () C:\DUnet
2014-02-11 17:52 - 2014-02-11 17:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\PharosSystems
2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Pharos
2014-02-11 17:49 - 2014-02-11 17:49 - 01347249 _____ () C:\Users\Owner\Downloads\!DUnetCD(3).exe
2014-02-06 12:11 - 2014-02-06 12:11 - 00826470 _____ () C:\Users\Owner\Downloads\Jake.pptx
2014-02-06 05:16 - 2014-02-12 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 04:30 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 04:30 - 2014-02-12 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 04:12 - 2014-02-12 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 04:07 - 2014-02-12 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 04:06 - 2014-02-12 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 03:57 - 2014-02-12 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 03:56 - 2014-02-12 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 03:52 - 2014-02-12 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 03:49 - 2014-02-12 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 03:48 - 2014-02-12 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 03:48 - 2014-02-12 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 03:38 - 2014-02-12 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 03:32 - 2014-02-12 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 03:20 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 03:17 - 2014-02-12 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 03:11 - 2014-02-12 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 03:01 - 2014-02-12 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 03:00 - 2014-02-12 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 02:57 - 2014-02-12 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 02:57 - 2014-02-12 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 02:52 - 2014-02-12 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 02:52 - 2014-02-12 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 02:50 - 2014-02-12 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 02:49 - 2014-02-12 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 02:47 - 2014-02-12 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 02:46 - 2014-02-12 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 02:25 - 2014-02-12 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 02:25 - 2014-02-12 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 02:24 - 2014-02-12 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 02:22 - 2014-02-12 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 02:13 - 2014-02-12 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 02:09 - 2014-02-12 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 02:03 - 2014-02-12 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 01:55 - 2014-02-12 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 01:41 - 2014-02-12 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 01:40 - 2014-02-12 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 01:36 - 2014-02-12 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 01:34 - 2014-02-12 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 11:31 - 2013-12-10 21:44 - 00000000 ____D () C:\Users\Owner\Documents\Calibre Library
2014-02-03 23:43 - 2013-10-01 13:31 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify
2014-02-03 22:59 - 2013-10-01 13:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify
2014-01-29 13:54 - 2014-01-28 14:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp49271697
2014-01-28 14:19 - 2013-06-13 23:27 - 00001032 _____ () C:\Users\Owner\Desktop\Dropbox.lnk
2014-01-28 14:19 - 2013-06-13 23:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-28 14:19 - 2013-05-09 13:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-28 14:12 - 2014-01-28 14:12 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(3).exe
2014-01-28 14:11 - 2014-01-28 14:11 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(2).exe
2014-01-28 14:09 - 2014-01-28 14:09 - 01344820 _____ () C:\Users\Owner\Downloads\!DUnetCD(2).exe
2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller.exe
2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(1).exe
2014-01-20 19:17 - 2014-01-20 19:17 - 00003248 _____ () C:\Users\Owner\Downloads\MehlmanJakeLab02.zip

Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-18 01:30

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by Owner at 2014-02-19 19:36:46
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x32 Version:  - )
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) (x32 Version: 11.0.02 - Adobe Systems Incorporated)
AntiLogger SDK version 1.6.6.296 (x32 Version: 1.6.6.296 - Zemana Ltd.)
Broadcom InConcert Maestro (Version: 1.0.1.1500 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J825DW (x32 Version: 1.1.6.0 - Brother Industries, Ltd.)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
calibre (x32 Version: 1.14.0 - Kovid Goyal)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Conexant 20672 SmartAudio HD (Version: 8.32.23.0 - Conexant)
Constant Guard Protection Suite (x32 Version: 1.14.110.3 - Comcast)
Corel Burn.Now Lenovo Edition (x32 Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (x32 Version: 7.0.0 - Corel Corporation)
Corel WinDVD (x32 Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (x32 Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff)
foobar2000 v1.2.6 (x32 Version: 1.2.6 - Peter Pawlowski)
Free Studio version 2013 (x32 Version: 6.1.10.812 - DVDVideoSoft Ltd.)
GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (x32 Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (x32 Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 8.15.10.2476 - Intel Corporation)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (Version: 1.7.0.450 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (Version: 1.11 - )
Lenovo Patch Utility (x32 Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Registration (x32 Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (Version: 3.0.0010.00 - Lenovo Group Limited)
Lenovo Solution Center (Version: 1.0.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (Version: 1.05 - )
Lenovo User Guide (x32 Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (x32 Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (x32 Version: 3.00.006.0 - Lenovo)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (x32 Version: 3.0.0011.00 - Lenovo Group Limited)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 en-US) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
MPC-HC 1.6.7.7114 (9eb64ec) (x32 Version: 1.6.7.7114 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security Suite (x32 Version: 21.1.0.18 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
On Screen Display (Version: 6.60.03 - )
Pharos (x32 Version:  - )
RapidBoot (Version: 1.11 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00 - )
Rescue and Recovery (x32 Version: 4.50.0025.00 - Lenovo Group Limited)
RICOH_Media_Driver_v2.13.18.02 (x32 Version: 2.13.18.02 - RICOH)
SafeConnect (Version:  - )
SafeConnect (x32 Version:  - )
Search Protection (HKCU Version: 7.5.0.1 - Spigot, Inc.)
Skype Click to Call (x32 Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.72.ge389c074 - Spotify AB)
System Update (x32 Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (Version: 2.40 - )
ThinkPad Power Management Driver (Version: 1.61.00.11 - )
ThinkPad Power Manager (x32 Version: 3.63 - )
ThinkPad UltraNav Driver (Version: 15.3.8.0 - )
ThinkPad UltraNav Utility (x32 Version: 2.13.0 - Lenovo)
ThinkPad Wireless LAN Adapter Software (x32 Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)
ThinkVantage Active Protection System (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (Version: 2.07 - Lenovo)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
uTorrentControl_v6 Toolbar (x32 Version: 6.14.0.28 - uTorrentControl_v6) <==== ATTENTION
VIP Access (x32 Version: 2.0.2.140 - VeriSign)
Windows Driver Package - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel System  (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System  (11/20/2010 9.2.0.1016) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows Driver Package - Intel USB  (12/21/2010 9.2.0.1021) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows Driver Package - Synaptics (SynTP) Mouse  (05/19/2011 15.3.8.0) (Version: 05/19/2011 15.3.8.0 - Synaptics)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

16-01-2014 10:00:12 Windows Update
23-01-2014 10:14:22 Scheduled Checkpoint
31-01-2014 08:24:38 Scheduled Checkpoint
08-02-2014 07:00:01 Scheduled Checkpoint
12-02-2014 10:00:13 Windows Update
16-02-2014 10:00:10 Windows Update

==================== Hosts content: ==========================

2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {21EF2635-736F-4A1E-87E5-D7EA7D6ED1BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {266E4017-A341-4D70-B878-01DBAD0B4BFC} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)
Task: {2856F1E8-E8B0-47C8-B5A1-E356A52DBC52} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {28CC30A4-DB5F-4F33-9DC7-BE64D4FC0CAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {292A8D21-9C30-408C-98A0-F650E06B1B8C} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Owner-THINK.Owner => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)
Task: {40AE01D3-5F0E-4D17-99BB-70A7B8EFE5E2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {47ACAA1D-C359-45B7-AB8E-B2C5A1F46F24} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-09] (Lenovo)
Task: {593AB8FF-6C49-4A9C-816D-B181445EDB74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {6134C8CA-7379-43A3-8501-AB7E491B30DD} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exe
Task: {62A23C58-FC63-4955-990E-799A469AC87A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {8C6F11E8-40D2-41F1-9579-B8227851D38F} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {DB6E5842-2CE1-4E20-BC7E-44E27A0E5412} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)
Task: {E7686939-2AA5-4675-900B-A00DA9E83FE7} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {ECD13D70-6EA0-43DB-82A9-E3B70E39CB51} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)
Task: {EE28A128-E20A-49BE-80F5-B429C2EB7000} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-16] (Microsoft Corporation)
Task: {F06502B0-D3D7-4EC1-A460-7E0627958021} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()
Task: {FA46AEDD-ED2A-4517-AC05-9D1E27D6F1C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)
Task: {FD382818-6C3C-4526-AB2E-AC5E9EDCE174} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-11 12:10 - 2013-10-31 09:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-05-11 12:10 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-05-11 12:10 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-05-14 23:26 - 2005-04-21 21:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-05-09 11:46 - 2011-05-19 05:04 - 00057640 ____N () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2013-05-09 12:10 - 2010-10-25 21:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2013-05-09 12:11 - 2011-08-17 18:00 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 ____N () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2013-05-09 12:14 - 2011-08-31 11:03 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2014-01-16 14:15 - 2014-01-16 14:15 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-12-21 00:28 - 2012-01-11 07:25 - 00636216 ____N () C:\SWTOOLS\SimpleTap DeskBand\DeskBand64.dll
2013-05-09 12:15 - 2010-04-06 09:05 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll
2013-05-09 12:15 - 2010-04-06 09:04 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2014-01-13 14:12 - 2014-01-13 14:13 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL
2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll
2013-05-14 23:25 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2013-12-10 20:56 - 2014-02-17 14:28 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/19/2014 07:30:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 27.0.1.5156, time stamp: 0x52fc0faa
Faulting module name: xul.dll, version: 27.0.1.5156, time stamp: 0x52fc0f79
Exception code: 0xc0000005
Fault offset: 0x001560c7
Faulting process id: 0x1124
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3

Error: (02/19/2014 03:19:25 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/19/2014 03:18:59 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/19/2014 02:29:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/18/2014 02:16:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (02/19/2014 00:31:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (02/19/2014 00:31:55 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IDVaultSvc service.

Error: (02/19/2014 07:01:20 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (02/18/2014 02:18:02 PM) (Source: Schannel) (User: Owner-THINK)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (02/18/2014 02:18:02 PM) (Source: Schannel) (User: Owner-THINK)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (02/18/2014 02:17:41 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

Error: (02/18/2014 02:17:38 PM) (Source: Schannel) (User: Owner-THINK)
Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.

Error: (02/18/2014 02:17:38 PM) (Source: Schannel) (User: Owner-THINK)
Description: The following fatal alert was generated: 48. The internal error state is 552.

Error: (02/18/2014 02:17:29 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (02/18/2014 02:16:40 PM) (Source: Service Control Manager) (User: )
Description: The Norton Security Suite service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================
Error: (02/19/2014 07:30:34 PM) (Source: Application Error)(User: )
Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c7112401cf2ceeecd8074dC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllf969d3e3-99d6-11e3-95c3-0021cc66a83f

Error: (02/19/2014 03:19:25 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Lenovo\lenovo solution center\App\diag\flex_comm_sample.exe

Error: (02/19/2014 03:18:59 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exe

Error: (02/19/2014 02:29:28 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exe

Error: (02/18/2014 02:16:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 3983.23 MB
Available physical RAM: 1692.27 MB
Total Pagefile: 7964.65 MB
Available Pagefile: 4962.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:281 GB) (Free:116.84 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 539E2D9C)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Hello,

Do you recognize the following file?

C:\Users\Owner\Downloads\!DUnetCD(3).exe

 

-----------------------------------------

Please go to Start > Control Panel > Add or Remove Programs and remove the following (if present):

uTorrentControl_v6 Toolbar

Java 7 Update 45

Java 7 Update 45 (64-bit)

Java Auto Updater

Java SE Development Kit 7 Update 45 (64-bit)

-----------------------------------------

  • Press the windows keyWindows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop as fixlist.txt
HKU\.DEFAULT\...\Run: [SearchProtect] - \SearchProtect\bin\cltmng.exeURLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileURLSearchHook: HKCU - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM-x32 - DefaultScope {D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88} URL =SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =Toolbar: HKLM-x32 - No Name - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileToolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileFF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Extension: uTorrentControl_v6 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-09-14]
 

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

 

Run FRST  and press the Fix button just once and wait.

If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

 

Note: If the tool warned you about an outdated version please download and run the updated version.

-----------------------------------------

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Latest version is Java JRE 7u51 was released on Oct. 15. 2013.

You can manually check your present version and update as recommended.

https://www.java.com/en/download/installed.jsp

-----------------------------------------

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
-----------------------------------------

In your next reply, please post the following

  • Response if you recognize that file
  • Fixlog.txt
  • ESET Log
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.