jakemeh Posted February 12, 2014 ID:789918 Share Posted February 12, 2014 I'd like some help cleaning up my computer. The main issue I've had is that my computer does not send documents (with the exception of microsoft word documents) in a proper format to my printer. I've had the printer for over a year, and never experienced this. Additionally, this error occurs with other printers and does not occur with other computers on my printer. Specifically, the documents are printed with the proper spacing from the top left corner, but the content is enlarged so only part of each page is printed. Any help with this issue, and just cleaning up my computer in general, would be much appreciated.___________________________________________________________________________________________________________________________________ DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by Owner at 21:11:38 on 2014-02-11Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3983.2228 [GMT -7:00].AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\Webroot\WRSA.exeC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\ThinkPad\Bluetooth Software\btwdins.exeC:\Windows\system32\CxAudMsg64.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files\Lenovo\Communications Utility\CAMMUTE.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exeC:\Program Files\LENOVO\VIRTSCRL\lvvsst.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\PROGRA~2\PHAROS~1\Core\CTskMstr.exeC:\Windows\System32\svchost.exe -k HPZ12C:\Windows\SysWOW64\SAsrv.exeC:\Program Files (x86)\SafeConnect\scManager.sysC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exeC:\Windows\system32\rundll32.exeC:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXEC:\Windows\system32\taskhost.exeC:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXEC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Program Files (x86)\Webroot\WRSA.exeC:\Windows\system32\Dwm.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\System32\TpShocks.exeC:\Program Files\CONEXANT\ForteConfig\fmapp.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Lenovo\Communications Utility\TpKnrres.exeC:\Program Files\Lenovo\AutoLock\ALCKRESI.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Browny02\Brother\BrStMonW.exeC:\Program Files (x86)\SafeConnect\scClient.exeC:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exeC:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Browny02\BrYNSvc.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\ControlCenter4\BrCcUxSys.exeC:\Windows\explorer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files (x86)\Lenovo\System Update\SUService.exeC:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exeC:\Windows\servicing\TrustedInstaller.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Windows\System32\taskmgr.exeC:\Windows\splwow64.exeC:\Windows\system32\PrintIsolationHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -mURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dllBHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dllBHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dlluRun: [spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"mRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exemRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitormRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /bootmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [WRSVC] "C:\Program Files (x86)\Webroot\WRSA.exe" -ulmRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimizemRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorunmRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUNmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRun: [searchProtect] \SearchProtect\bin\cltmng.exeStartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exeuPolicies-Explorer: NoViewOnDrive = dword:0uPolicies-Explorer: NoDrives = dword:0uPolicies-Explorer: DisableLocalMachineRun = dword:0uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0uPolicies-Explorer: DisableCurrentUserRun = dword:0uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0uPolicies-Explorer: NoDriveTypeAutoRun = dword:0uPolicies-Explorer: NoFile = dword:0uPolicies-Explorer: HideClock = dword:0uPolicies-Explorer: NoDevMgrUpdate = dword:0uPolicies-Explorer: NoDFSTab = dword:0uPolicies-Explorer: NoWindowsUpdate = dword:0uPolicies-Explorer: NoEncryptOnMove = dword:0uPolicies-Explorer: NoRunasInstallPrompt = dword:0uPolicies-Explorer: NoResolveTrack = dword:0uPolicies-Explorer: NoStartMenuSubFolders = dword:0uPolicies-System: NoDispAppearancePage = dword:0uPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmTCP: NameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{2D53E0E9-E9F5-4CC1-88B8-787700DA7F0F} : DHCPNameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1} : DHCPNameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\0596F6E6565627E45647 : DHCPNameServer = 130.253.5.2 130.253.5.3TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\36865636B6562737 : DHCPNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\44550274575637470275962756C6563737 : DHCPNameServer = 130.253.5.2 130.253.5.3TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\45F686B6F6 : DHCPNameServer = 192.168.88.1 4.2.2.2 8.8.8.8TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405055726C69636143636563737 : DHCPNameServer = 192.168.88.1 4.2.2.1TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405F525163656 : DHCPNameServer = 192.168.1.19Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dllx64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dllx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [TpShocks] TpShocks.exex64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /tx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exex64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXEx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLLFF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}\plugins\npwidevinemediaoptimizer.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll.============= SERVICES / DRIVERS ===============.R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2013-5-9 31344]R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2013-5-9 115232]R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-12-13 15472]R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2013-5-9 198784]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2013-5-9 41320]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-12-13 101736]R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-5-9 59240]R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-12-13 133992]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-5-11 1907896]R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2013-5-9 101376]R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys [2012-11-19 176520]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-12-13 145256]R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-12-13 142696]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-9 2656280]R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-6-29 82544]R2 WRSVC;WRSVC;C:\Program Files (x86)\Webroot\WRSA.exe [2013-5-9 761464]R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-5-9 166016]R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-14 266240]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-9 317440]R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-5-9 1143912]R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-5-14 95344]S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-5-14 21872]S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2013-5-9 425000]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-5-9 39464]S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-5-9 478056]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2013-5-9 87400]S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2013-5-9 173416]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-9 1255736]S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1.=============== Created Last 30 ================.2014-02-12 01:12:23 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes2014-02-12 01:12:05 -------- d-----w- C:\ProgramData\Malwarebytes2014-02-12 01:12:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-02-12 01:12:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-02-12 00:51:42 596256 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp155.dll2014-02-12 00:51:00 757760 ----atw- C:\Windows\System32\PSR581F7.DLL2014-02-12 00:50:49 -------- d-----w- C:\Program Files (x86)\PharosSystems2014-02-12 00:50:45 -------- d-----w- C:\Program Files (x86)\Pharos2014-01-29 20:54:32 -------- d-----w- C:\Users\Owner\AppData\Local\lptmp12202494292014-01-28 21:17:30 -------- d-----w- C:\Users\Owner\AppData\Local\lptmp492716972014-01-15 12:20:56 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 12:20:56 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 12:20:56 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 12:20:56 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 12:20:56 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 12:20:56 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 12:20:56 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 12:20:54 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2014-01-15 12:20:54 3156480 ----a-w- C:\Windows\System32\win32k.sys.==================== Find3M ====================.2014-01-29 20:54:31 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe2014-01-16 05:27:59 154824 ----a-w- C:\Windows\SysWow64\WRusr.dll2014-01-16 05:27:59 115232 ----a-w- C:\Windows\System32\drivers\WRkrn.sys2014-01-16 05:27:59 104872 ----a-w- C:\Windows\System32\WRusr.dll2014-01-09 21:12:41 96168 ------w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2014-01-07 21:27:20 108968 ------w- C:\Windows\System32\WindowsAccessBridge-64.dll2013-11-26 10:19:07 2724864 ------w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ------w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ------w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ------w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ------w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ------w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ------w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ------w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ------w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ------w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ------w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ------w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ------w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ------w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ------w- C:\Windows\SysWow64\wininet.dll2013-11-23 18:26:20 417792 ------w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ------w- C:\Windows\System32\WMPhoto.dll.============= FINISH: 21:12:08.82 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 5/9/2013 2:46:05 PMSystem Uptime: 2/11/2014 8:57:12 PM (1 hours ago).Motherboard: LENOVO | | 4177CTOProcessor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU | 2501/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 281 GiB total, 118.032 GiB free.Q: is FIXED (NTFS) - 16 GiB total, 6.09 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP47: 1/7/2014 2:27:01 PM - Installed Java 7 Update 45 (64-bit)RP48: 1/7/2014 3:11:00 PM - Removed Java SE Development Kit 7 Update 45 (64-bit)RP49: 1/9/2014 2:12:18 PM - Installed Java 7 Update 45RP50: 1/16/2014 3:00:12 AM - Windows UpdateRP51: 1/23/2014 3:14:22 AM - Scheduled CheckpointRP52: 1/31/2014 1:24:38 AM - Scheduled CheckpointRP53: 2/8/2014 12:00:01 AM - Scheduled Checkpoint.==== Installed Programs ======================.µTorrent64 Bit HP CIO Components Installer7-Zip 9.20Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.02)Broadcom InConcert MaestroBrother MFL-Pro Suite MFC-J825DWBurn.Now 4.5calibreCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleConexant 20672 SmartAudio HDCorel Burn.Now Lenovo EditionCorel DVD MovieFactory 7Corel DVD MovieFactory Lenovo EditionCorel WinDVDCreate Recovery MediaD3DX10Direct DiscRecorderDropboxExact Audio Copy 1.0beta3foobar2000 v1.2.6Free Studio version 2013GIMP 2.8.4Google Update HelperIntegrated Camera Driver Installer Package Ver.1.1.0.1147Integrated Camera TWAINIntel® Control CenterIntel® Identity Protection Technology 1.1.2.0Intel® Management Engine ComponentsIntel® Processor GraphicsJava 7 Update 45Java 7 Update 45 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 45 (64-bit)Junk Mail filter updateLenovo Auto Scroll UtilityLenovo Patch UtilityLenovo Patch Utility 64 bitLenovo RegistrationLenovo SimpleTapLenovo Solution CenterLenovo System Interface DriverLenovo User GuideLenovo Warranty InformationLenovo WelcomeMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMessage Center PlusMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 365 Home Premium - en-usMicrosoft Office Korrekturhilfen 2013 - DeutschMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 26.0 (x86 en-US)Mozilla Maintenance ServiceMPC-HC 1.6.7.7114 (9eb64ec)MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOn Screen DisplayPharosRapidBootRegistry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7Rescue and RecoveryRICOH_Media_Driver_v2.13.18.02SafeConnectSearch ProtectionSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Skype Click to CallSkype™ 6.3SpotifySystem UpdateThinkPad Bluetooth with Enhanced Data Rate SoftwareThinkPad FullScreen MagnifierThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkPad Wireless LAN Adapter SoftwareThinkVantage Active Protection SystemThinkVantage AutoLockThinkVantage Communications UtilityUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)uTorrentControl_v6 ToolbarVIP AccessWebroot SecureAnywhereWindows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0)Windows Driver Package - Intel System (09/10/2010 9.2.0.1011)Windows Driver Package - Intel System (11/20/2010 9.2.0.1016)Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021)Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30)Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer Resources.==== Event Viewer Messages From Past Week ========.2/7/2014 9:02:32 AM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.40. The computer with the IP address 192.168.0.22 did not allow the name to be claimed by this computer.2/6/2014 5:02:49 PM, Error: NetBT [4320] - Another computer has sent a name release message to this computer, probably because a duplicate name has been detected on the TCP network. The IP address of the node that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state.2/6/2014 4:55:18 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1} because another computer on the network has the same name. The server could not start.2/6/2014 4:55:18 PM, Error: NetBT [4321] - The name "OWNER-THINK :20" could not be registered on the interface with IP address 10.8.7.175. The computer with the IP address 130.253.1.212 did not allow the name to be claimed by this computer.2/6/2014 4:55:18 PM, Error: NetBT [4321] - The name "OWNER-THINK :0" could not be registered on the interface with IP address 10.8.7.175. The computer with the IP address 130.253.1.212 did not allow the name to be claimed by this computer.2/11/2014 8:59:23 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.2/11/2014 8:58:55 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.2/11/2014 5:59:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.2/11/2014 5:58:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.2/11/2014 5:58:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.2/11/2014 3:55:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service.2/10/2014 9:22:10 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer BARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1}. The master browser is stopping or an election is being forced..==== End Of File =========================== Link to post Share on other sites More sharing options...
Andro1d Posted February 16, 2014 ID:792174 Share Posted February 16, 2014 Hi jakemeh, Are you still in need of assistance? Link to post Share on other sites More sharing options...
jakemeh Posted February 17, 2014 Author ID:792296 Share Posted February 17, 2014 Yes I am. Link to post Share on other sites More sharing options...
Andro1d Posted February 17, 2014 ID:792301 Share Posted February 17, 2014 Can you please re-run DDS for me and post and updated log. Link to post Share on other sites More sharing options...
jakemeh Posted February 17, 2014 Author ID:792370 Share Posted February 17, 2014 DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2Run by Owner at 1:26:25 on 2014-02-17Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3983.1570 [GMT -7:00].AV: Webroot SecureAnywhere *Enabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}SP: Webroot SecureAnywhere *Enabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\ThinkPad\Bluetooth Software\btwdins.exeC:\Windows\system32\CxAudMsg64.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files\Lenovo\Communications Utility\CAMMUTE.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exeC:\Program Files\LENOVO\VIRTSCRL\lvvsst.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\PROGRA~2\PHAROS~1\Core\CTskMstr.exeC:\Windows\SysWOW64\SAsrv.exeC:\Program Files (x86)\SafeConnect\scManager.sysC:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files (x86)\Lenovo\System Update\SUService.exeC:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exeC:\Windows\system32\rundll32.exeC:\PROGRA~1\Lenovo\Zoom\TPSCREX.EXEC:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXEC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskhost.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Windows\System32\TpShocks.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files\CONEXANT\ForteConfig\fmapp.exeC:\Windows\System32\hkcmd.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Lenovo\Communications Utility\TpKnrres.exeC:\Program Files\Lenovo\AutoLock\ALCKRESI.exeC:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Program Files (x86)\SafeConnect\scClient.exeC:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Windows\SysWOW64\RunDll32.exeC:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exeC:\Windows\SysWOW64\rundll32.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exeC:\Program Files (x86)\Browny02\Brother\BrStMonW.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exeC:\PROGRA~2\ThinkPad\UTILIT~1\SCHTASK.exeC:\Program Files (x86)\Browny02\BrYNSvc.exeC:\Program Files (x86)\ControlCenter4\BrCcUxSys.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\taskeng.exeC:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exeC:\Program Files (x86)\foobar2000\foobar2000.exeC:\Windows\system32\UI0Detect.exeC:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exeC:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exeC:\Windows\SysWow64\NOTEPAD.EXEC:\Windows\System32\taskmgr.exeC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exeC:\Program Files (x86)\Webroot\WRSA.exeC:\Program Files (x86)\Webroot\WRSA.exeC:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.uURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -mURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dllBHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dllBHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax86\wrflt.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} -TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dlluRun: [spotify Web Helper] "C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_Plugin.exe -update pluginmRun: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exemRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitormRun: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /bootmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [WRSVC] "C:\Program Files (x86)\Webroot\WRSA.exe" -ulmRun: [OtShot] C:\Program Files (x86)\OtShot\otshot.exe -minimizemRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorunmRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUNmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRun: [searchProtect] \SearchProtect\bin\cltmng.exeStartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SAFECO~1.LNK - C:\Program Files (x86)\SafeConnect\scClient.exeuPolicies-Explorer: NoViewOnDrive = dword:0uPolicies-Explorer: NoDrives = dword:0uPolicies-Explorer: DisableLocalMachineRun = dword:0uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0uPolicies-Explorer: DisableCurrentUserRun = dword:0uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0uPolicies-Explorer: NoDriveTypeAutoRun = dword:0uPolicies-Explorer: NoFile = dword:0uPolicies-Explorer: HideClock = dword:0uPolicies-Explorer: NoDevMgrUpdate = dword:0uPolicies-Explorer: NoDFSTab = dword:0uPolicies-Explorer: NoWindowsUpdate = dword:0uPolicies-Explorer: NoEncryptOnMove = dword:0uPolicies-Explorer: NoRunasInstallPrompt = dword:0uPolicies-Explorer: NoResolveTrack = dword:0uPolicies-Explorer: NoStartMenuSubFolders = dword:0uPolicies-System: NoDispAppearancePage = dword:0uPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0mPolicies-Explorer: NoViewOnDrive = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: DisableLocalMachineRun = dword:0mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0mPolicies-Explorer: DisableCurrentUserRun = dword:0mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0mPolicies-Explorer: NoDriveTypeAutoRun = dword:0mPolicies-Explorer: NoFile = dword:0mPolicies-Explorer: HideClock = dword:0mPolicies-Explorer: NoDevMgrUpdate = dword:0mPolicies-Explorer: NoDFSTab = dword:0mPolicies-Explorer: NoWindowsUpdate = dword:0mPolicies-Explorer: NoEncryptOnMove = dword:0mPolicies-Explorer: NoRunasInstallPrompt = dword:0mPolicies-Explorer: NoResolveTrack = dword:0mPolicies-Explorer: NoStartMenuSubFolders = dword:0mPolicies-System: NoDispAppearancePage = dword:0mPolicies-System: NoDispSettingsPage = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: Send image to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htmIE: Send page to &Bluetooth Device... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllIE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmTCP: NameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{2D53E0E9-E9F5-4CC1-88B8-787700DA7F0F} : DHCPNameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1} : DHCPNameServer = 192.168.0.1 205.171.2.25TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\0596F6E6565627E45647 : DHCPNameServer = 130.253.5.2 130.253.5.3TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\36865636B6562737 : DHCPNameServer = 75.75.75.75 75.75.76.76TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\44550274575637470275962756C6563737 : DHCPNameServer = 130.253.5.2 130.253.5.3TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\45F686B6F6 : DHCPNameServer = 192.168.88.1 4.2.2.2 8.8.8.8TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405055726C69636143636563737 : DHCPNameServer = 192.168.88.1 4.2.2.1TCP: Interfaces\{8DB8A3B9-E543-4976-B615-C8A99F231EB1}\B405F525163656 : DHCPNameServer = 192.168.1.19Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Symantec VIP Access Add-On: {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dllx64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Webroot\WRData\PKG\Vistax64\wrflt.dllx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [TpShocks] TpShocks.exex64-Run: [ForteConfig] C:\Program Files\Conexant\ForteConfig\fmapp.exex64-Run: [smartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /tx64-Run: [igfxTray] C:\Windows\System32\igfxtray.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [LENOVO.TPKNRRES] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exex64-Run: [ALCKRESI.EXE] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXEx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htmx64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLLFF - plugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}\plugins\npwidevinemediaoptimizer.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll.============= SERVICES / DRIVERS ===============.R0 DzHDD64;DzHDD64;C:\Windows\System32\drivers\DZHDD64.SYS [2013-5-9 31344]R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2010-12-15 23664]R0 WRkrn;WRkrn;C:\Windows\System32\drivers\WRkrn.sys [2013-5-9 113664]R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2011-12-13 15472]R1 PHCORE;PHCORE;C:\Program Files\Lenovo\RapidBoot\PHCORE64.sys [2011-7-8 32104]R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2013-5-9 198784]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]R2 LENOVO.CAMMUTE;Lenovo Camera Mute;C:\Program Files\Lenovo\Communications Utility\CamMute.exe [2013-5-9 41320]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2011-12-13 101736]R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2013-5-9 59240]R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe [2011-12-13 133992]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-5-11 1907896]R2 risdxc;risdxc;C:\Windows\System32\drivers\risdxc64.sys [2013-5-9 101376]R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SAsrv.exe --> C:\Windows\System32\SAsrv.exe [?]R2 SCManager;SafeConnect Manager;C:\Program Files (x86)\SafeConnect\scManager.sys [2012-11-19 176520]R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2011-12-13 145256]R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2011-12-13 142696]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-9 2656280]R2 VIPAppService;VIPAppService;C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-6-29 82544]R2 WRSVC;WRSVC;C:\Program Files (x86)\Webroot\WRSA.exe [2013-5-9 762488]R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2013-5-9 166016]R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-5-14 266240]R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-5-9 317440]R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2013-5-9 1143912]R3 TVTI2C;Lenovo SM bus driver;C:\Windows\System32\drivers\tvti2c.sys [2011-5-30 40248]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 HyperW7Svc;HyperW7 Service;C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2011-7-8 144232]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384]S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2013-5-14 95344]S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2013-5-14 21872]S3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2013-5-9 425000]S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2013-5-9 39464]S3 DozeSvc;Lenovo Doze Mode Service;C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2013-5-9 478056]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2013-5-9 87400]S3 PwmEWSvc;Cisco EnergyWise Enabler;C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.exe [2013-5-9 173416]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-5-9 1255736]S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== File Associations ===============.FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1.=============== Created Last 30 ================.2014-02-12 10:01:12 548864 ----a-w- C:\Windows\System32\vbscript.dll2014-02-12 10:01:12 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll2014-02-12 06:14:54 1882112 ----a-w- C:\Windows\System32\msxml3.dll2014-02-12 01:12:23 -------- d-----w- C:\Users\Owner\AppData\Roaming\Malwarebytes2014-02-12 01:12:05 -------- d-----w- C:\ProgramData\Malwarebytes2014-02-12 01:12:04 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2014-02-12 01:12:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-02-12 00:51:42 596256 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\hpcpp155.dll2014-02-12 00:51:00 757760 ----atw- C:\Windows\System32\PSR581F7.DLL2014-02-12 00:50:49 -------- d-----w- C:\Program Files (x86)\PharosSystems2014-02-12 00:50:45 -------- d-----w- C:\Program Files (x86)\Pharos2014-01-29 20:54:32 -------- d-----w- C:\Users\Owner\AppData\Local\lptmp12202494292014-01-28 21:17:30 -------- d-----w- C:\Users\Owner\AppData\Local\lptmp49271697.==================== Find3M ====================.2014-02-14 20:24:26 153256 ----a-w- C:\Windows\SysWow64\WRusr.dll2014-02-14 20:24:26 113664 ----a-w- C:\Windows\System32\drivers\WRkrn.sys2014-02-14 20:24:26 103304 ----a-w- C:\Windows\System32\WRusr.dll2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2014-01-29 20:54:31 10395072 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe2014-01-09 21:12:41 96168 ------w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2014-01-07 21:27:20 108968 ------w- C:\Windows\System32\WindowsAccessBridge-64.dll2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll2013-11-23 18:26:20 417792 ------w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ------w- C:\Windows\System32\WMPhoto.dll2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll.============= FINISH: 1:27:01.96 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home PremiumBoot Device: \Device\HarddiskVolume1Install Date: 5/9/2013 2:46:05 PMSystem Uptime: 2/12/2014 12:40:21 PM (109 hours ago).Motherboard: LENOVO | | 4177CTOProcessor: Intel® Core i5-2520M CPU @ 2.50GHz | CPU | 975/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 281 GiB total, 119.555 GiB free.Q: is FIXED (NTFS) - 16 GiB total, 6.09 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP50: 1/16/2014 3:00:12 AM - Windows UpdateRP51: 1/23/2014 3:14:22 AM - Scheduled CheckpointRP52: 1/31/2014 1:24:38 AM - Scheduled CheckpointRP53: 2/8/2014 12:00:01 AM - Scheduled CheckpointRP54: 2/12/2014 3:00:13 AM - Windows UpdateRP55: 2/16/2014 3:00:10 AM - Windows Update.==== Installed Programs ======================.µTorrent64 Bit HP CIO Components Installer7-Zip 9.20Adobe AIRAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader XI (11.0.02)Broadcom InConcert MaestroBrother MFL-Pro Suite MFC-J825DWBurn.Now 4.5calibreCisco EAP-FAST ModuleCisco LEAP ModuleCisco PEAP ModuleConexant 20672 SmartAudio HDCorel Burn.Now Lenovo EditionCorel DVD MovieFactory 7Corel DVD MovieFactory Lenovo EditionCorel WinDVDCreate Recovery MediaD3DX10Direct DiscRecorderDropboxExact Audio Copy 1.0beta3foobar2000 v1.2.6Free Studio version 2013GIMP 2.8.4Google Update HelperIntegrated Camera Driver Installer Package Ver.1.1.0.1147Integrated Camera TWAINIntel® Control CenterIntel® Identity Protection Technology 1.1.2.0Intel® Management Engine ComponentsIntel® Processor GraphicsJava 7 Update 45Java 7 Update 45 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 45 (64-bit)Junk Mail filter updateLenovo Auto Scroll UtilityLenovo Patch UtilityLenovo Patch Utility 64 bitLenovo RegistrationLenovo SimpleTapLenovo Solution CenterLenovo System Interface DriverLenovo User GuideLenovo Warranty InformationLenovo WelcomeMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMessage Center PlusMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Office 365 Home Premium - en-usMicrosoft Office Korrekturhilfen 2013 - DeutschMicrosoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Mozilla Firefox 26.0 (x86 en-US)Mozilla Maintenance ServiceMPC-HC 1.6.7.7114 (9eb64ec)MSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOn Screen DisplayPharosRapidBootRegistry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7Rescue and RecoveryRICOH_Media_Driver_v2.13.18.02SafeConnectSearch ProtectionSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)Skype Click to CallSkype™ 6.3SpotifySystem UpdateThinkPad Bluetooth with Enhanced Data Rate SoftwareThinkPad FullScreen MagnifierThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkPad Wireless LAN Adapter SoftwareThinkVantage Active Protection SystemThinkVantage AutoLockThinkVantage Communications UtilityUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)uTorrentControl_v6 ToolbarVIP AccessWebroot SecureAnywhereWindows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0)Windows Driver Package - Intel System (09/10/2010 9.2.0.1011)Windows Driver Package - Intel System (11/20/2010 9.2.0.1016)Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021)Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11)Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30)Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer Resources.==== Event Viewer Messages From Past Week ========.2/16/2014 10:40:48 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BARRY-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{8DB8A3B9-E543-4976-B615-C8A99F231EB1}. The master browser is stopping or an election is being forced.2/12/2014 3:30:51 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.2/12/2014 3:30:47 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.2/11/2014 5:59:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.2/11/2014 5:58:59 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.2/11/2014 5:58:29 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.2/11/2014 3:55:04 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LMS service..==== End Of File =========================== Link to post Share on other sites More sharing options...
Andro1d Posted February 17, 2014 ID:792703 Share Posted February 17, 2014 Hi jakemeh, P2P/Piracy Warning:If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.Please comply with the above and remove any software that breaks forum protocol. --------------------- Please go to Virus Total Note:You may need to enable Show Hidden Files, Folders, and Drives. See HERE for how to do so Click on Choose File and navigate to the following file to upload it. C:\Windows\System32\PSR581F7.DLL Click on the submit button. Please post the results of the scan in your next reply. --------------------- SCAN Please download AdwCleaner by Xplode onto your Desktop.Double click on AdwCleaner.exe to run the tool.Click on Scan.Please post the content of that logfile with your next answer.You can find the logfile at C:\AdwCleaner[R1].txt as well.--------------------- Please download Junkware Removal Tool to your desktop.Shutdown your antivirus to avoid any conflicts.Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.The tool will open and start scanning your system.Please be patient as this can take a while to complete.On completion, a log (JRT.txt) is saved to your desktop and will automatically open.Post the contents of JRT.txt into your next reply messageWhen completed make sure to re-enable your antivirus--------------------- In your next reply please postVirusTotal ResultsAdwCleaner[R1].txtJRT.txt Link to post Share on other sites More sharing options...
jakemeh Posted February 18, 2014 Author ID:793225 Share Posted February 18, 2014 Unfortunately I was unable to locate the file C:\Windows\System32\PSR581F7.DLL through the virus total upload. I could find the file myself, outside of the upload window, but it would not appear through their site. I tried to drag the file from windows explorer to the upload field, but that did not work as well. # AdwCleaner v3.019 - Report created 18/02/2014 at 12:39:23# Updated 17/02/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Owner - OWNER-THINK# Running from : C:\Users\Owner\Desktop\adwcleaner.exe# Option : Scan***** [ Services ] ********** [ Files / Folders ] *****File Found : C:\ENDFile Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\searchplugins\Conduit.xmlFolder Found : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}Folder Found C:\Program Files (x86)\ConduitFolder Found C:\Program Files (x86)\uTorrentControl_v6Folder Found C:\ProgramData\PartnerFolder Found C:\SearchprotectFolder Found C:\Users\Owner\AppData\Local\ConduitFolder Found C:\Users\Owner\AppData\LocalLow\ConduitFolder Found C:\Users\Owner\AppData\LocalLow\uTorrentControl_v6Folder Found C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\CT3289075Folder Found C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\StumbleUponFolder Found C:\Users\Owner\AppData\Roaming\Search ProtectionFolder Found C:\Users\Owner\AppData\Roaming\Searchprotect***** [ Shortcuts ] ********** [ Registry ] *****Key Found : HKCU\Software\AppDataLow\Software\ConduitKey Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopesKey Found : HKCU\Software\AppDataLow\Software\SmartBarKey Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v6Key Found : HKCU\Software\AppDataLow\ToolbarKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKCU\Software\ConduitKey Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Found : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3286042Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3289075Key Found : HKLM\Software\ConduitKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52C54A88-8E16-41C8-9693-5A33513BFEFD}Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{52D68F2C-EC33-4798-9C6B-FB7FBEEAA7C2}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v6 ToolbarKey Found : HKLM\Software\uTorrentControl_v6Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16518-\\ Mozilla Firefox v27.0.1 (en-US)[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\prefs.js ]Line Found : user_pref("CT3286042.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3286042%26octid%3DCT3286042%26SearchSource%3D15%26CUI%3DUN21660214792742131%26SSPV%[...]Line Found : user_pref("CT3286042_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1368304345499,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");Line Found : user_pref("CT3289075.FF19Solved", "true");Line Found : user_pref("CT3289075.UserID", "UN20487034312697512");Line Found : user_pref("CT3289075.fullUserID", "UN20487034312697512.IN.20130816140553");Line Found : user_pref("CT3289075.installDate", "16/08/2013 14:05:53");Line Found : user_pref("CT3289075.installSessionId", "-1");Line Found : user_pref("CT3289075.installSp", "TRUE");Line Found : user_pref("CT3289075.installerVersion", "1.5.4.4");Line Found : user_pref("CT3289075.searchRevert", "FALSE");Line Found : user_pref("CT3289075.searchUserMode", "2");Line Found : user_pref("CT3289075.versionFromInstaller", "10.16.70.7");Line Found : user_pref("CT3289075.xpeMode", "0");Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3286042");Line Found : user_pref("browser.search.defaultthis.engineName", "KeyBar 1.8 Customized Web Search");Line Found : user_pref("smartbar.machineId", "E6O24CQKXTPAW+R7KGQZAAF2DWZVMVEBCQJAILEFVIDPGPJNWUBJUGCJ2VIBHL7OIYPDF0IPPMUCRWKZGFVSEW");*************************AdwCleaner[R0].txt - [6725 octets] - [18/02/2014 12:28:25]AdwCleaner[R1].txt - [6625 octets] - [18/02/2014 12:39:23]########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [6685 octets] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.1 (02.04.2014:1)OS: Windows 7 Home Premium x64Ran by Owner on Tue 02/18/2014 at 12:42:29.70~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry KeysSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopesSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbarSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3286042Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289075Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96f454ea-9d38-474f-b504-56193e00c1a5}~~~ FilesSuccessfully deleted: [File] "C:\end"~~~ FoldersSuccessfully deleted: [Folder] "C:\ProgramData\partner"Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\search protection"Successfully deleted: [Folder] "C:\Users\Owner\AppData\Roaming\searchprotect"Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\conduit"Successfully deleted: [Folder] "C:\Users\Owner\appdata\local\cre"Successfully deleted: [Folder] "C:\Users\Owner\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{15190D71-879B-418F-B259-D5B0715F9E48}Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{909526C3-C626-4B3D-BF82-60B984141A1A}Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{9DE8B56A-F651-45CB-BB24-3D2EC45F38E6}Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{A0E9419E-3580-455E-A331-0390F3B1B793}Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{EBB09CB0-1B7D-45D2-AC09-46C5C666B437}Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{FBF7ED31-9354-4A55-95D0-5A86C29941F8}~~~ FireFoxSuccessfully deleted: [File] C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\searchplugins\conduit.xmlSuccessfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\prefs.jsuser_pref("CT3286042.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fsearch.conduit.com%2F%3Fctid%3DCT3286042%26octid%3DCT3286042%26SearchSource%3D15%26CUI%3DUNuser_pref("Smartbar.ConduitSearchEngineList", "");user_pref("Smartbar.ConduitSearchUrlList", "");user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");user_pref("Smartbar.keywordURLSelectedCTID", "CT3286042");user_pref("browser.search.defaultthis.engineName", "KeyBar 1.8 Customized Web Search");user_pref("smartbar.machineId", "E6O24CQKXTPAW+R7KGQZAAF2DWZVMVEBCQJAILEFVIDPGPJNWUBJUGCJ2VIBHL7OIYPDF0IPPMUCRWKZGFVSEW");Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\48epp7j8.default\minidumps [27 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Tue 02/18/2014 at 12:49:50.53End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites More sharing options...
Andro1d Posted February 19, 2014 ID:793403 Share Posted February 19, 2014 Unfortunately I was unable to locate the file C:\Windows\System32\PSR581F7.DLL through the virus total upload. I could find the file myself, outside of the upload window, but it would not appear through their site. I tried to drag the file from windows explorer to the upload field, but that did not work as well. What internet browser are you using? Link to post Share on other sites More sharing options...
jakemeh Posted February 19, 2014 Author ID:793415 Share Posted February 19, 2014 Firefox Link to post Share on other sites More sharing options...
Andro1d Posted February 19, 2014 ID:793416 Share Posted February 19, 2014 FirefoxCould you please download and install Chrome? I know in Chrome you can drag and drop files to upload; I use it all the time. See HERE for details. Link to post Share on other sites More sharing options...
jakemeh Posted February 19, 2014 Author ID:793423 Share Posted February 19, 2014 Just uploaded it with chrome. Here is the link to the results... https://www.virustotal.com/en/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/analysis/1392785288/ Link to post Share on other sites More sharing options...
Andro1d Posted February 19, 2014 ID:793649 Share Posted February 19, 2014 Hi jakemeh, Thanks for getting me those logs. Please download RogueKiller and save it to your desktop.RogueKiller 64-bitQuit all running programs.For Windows XP, double-click to start.For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.Read and accept the EULA (End User Licene Agreement)Click Scan to scan the system.When the scan completes Close the program > Don't Fix anything!Don't run any other options, they're not all bad!!Post back the report which should be located on your desktop.---------------------------------------- Please download the Farbar Recovery Scan Tool and save it to your desktop.Double-click to run it. When the tool opens click Yes to disclaimer.Press the Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.---------------------------------------- Please post the following in your next reply.RogueKiller logFRST.txtAddition.txt Link to post Share on other sites More sharing options...
jakemeh Posted February 20, 2014 Author ID:793950 Share Posted February 20, 2014 RogueKiller V8.8.8 _x64_ [Feb 19 2014] by Tigzymail : tigzyRK<at>gmail<dot>comFeedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.comOperating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Owner [Admin rights]Mode : Scan -- Date : 02/19/2014 19:34:03| ARK || FAK || MBR |¤¤¤ Bad processes : 0 ¤¤¤¤¤¤ Registry Entries : 12 ¤¤¤[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKCU\[...]\System : DisableCMD (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\System : DisableCMD (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableTaskMgr (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableCMD (0) -> FOUND[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Scheduled tasks : 0 ¤¤¤¤¤¤ Startup Entries : 0 ¤¤¤¤¤¤ Web browsers : 0 ¤¤¤¤¤¤ Browser Addons : 0 ¤¤¤¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤¤¤¤ External Hives: ¤¤¤¤¤¤ Infection : ¤¤¤¤¤¤ HOSTS File: ¤¤¤--> %SystemRoot%\System32\drivers\etc\hosts¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9320325AS +++++--- User ---[MBR] b8db0241310926a4f3b3ba2ef34a8970[bSP] ff976be311f2549de8b65f819206d63c : Lenovo MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 287743 Mo2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 592371712 | Size: 16000 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[0]_S_02192014_193403.txt >>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014Ran by Owner (administrator) on OWNER-THINK on 19-02-2014 19:36:01Running from C:\Users\Owner\DesktopWindows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)Internet Explorer Version 11Boot Mode: NormalThe only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(Lenovo.) C:\Windows\system32\ibmpmsvc.exe(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe(Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe(Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe(Pharos Systems International) C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe(Conexant Systems, Inc.) C:\Windows\SysWOW64\SAsrv.exe(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scManager.sys(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Lenovo.) C:\Windows\System32\TpShocks.exe() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Spotify Ltd) C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe(White Sky, Inc.) C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe(Impulse Point, LLC) C:\Program Files (x86)\SafeConnect\scClient.exe(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe(Lenovo) C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe(Microsoft Corporation) C:\Windows\System32\msdt.exe(Microsoft Corporation) C:\Windows\System32\msdt.exe(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe==================== Registry (Whitelisted) ==================HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)HKLM\...\Run: [ForteConfig] - C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-25] ()HKLM\...\Run: [smartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)HKLM\...\Run: [ALCKRESI.EXE] - C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)HKLM-x32\...\Run: [RotateImage] - C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)HKLM-x32\...\Run: [PWMTRV] - rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitorHKLM-x32\...\Run: [Lenovo Registration] - C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-18] (Adobe Systems Incorporated)HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)HKLM-x32\...\Run: [brStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)HKLM\...\Policies\Explorer: [NoFolderOptions] 0HKLM\...\Policies\Explorer: [NoViewOnDrive] 0HKLM\...\Policies\Explorer: [NoControlPanel] 0HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0HKLM\...\Policies\Explorer: [NoViewContextMenu] 0HKLM\...\Policies\Explorer: [NoShellSearchButton] 0HKLM\...\Policies\Explorer: [NoFind] 0HKLM\...\Policies\Explorer: [NoFile] 0HKLM\...\Policies\Explorer: [HideClock] 0HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0HKLM\...\Policies\Explorer: [NoSetFolders] 0HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0HKLM\...\Policies\Explorer: [NoSetTaskbar] 0HKLM\...\Policies\Explorer: [NoDeletePrinter] 0HKLM\...\Policies\Explorer: [NoDFSTab] 0HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0HKLM\...\Policies\Explorer: [NoLogoff] 0HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0HKLM\...\Policies\Explorer: [NoResolveSearch] 0HKLM\...\Policies\Explorer: [NoSaveSettings] 0HKLM\...\Policies\Explorer: [NoHardwareTab] 0HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0HKLM\...\Policies\Explorer: [NoDesktop] 0HKU\.DEFAULT\...\Run: [searchProtect] - \SearchProtect\bin\cltmng.exeHKU\.DEFAULT\...\Policies\system: [DisableCMD] 0HKU\.DEFAULT\...\Policies\system: [NoDispAppearancePage] 0HKU\.DEFAULT\...\Policies\system: [NoDispBackgroundPage] 0HKU\.DEFAULT\...\Policies\system: [NoDispSettingsPage] 0HKU\.DEFAULT\...\Policies\Explorer: [NoFolderOptions] 0HKU\.DEFAULT\...\Policies\Explorer: [NoViewOnDrive] 0HKU\.DEFAULT\...\Policies\Explorer: [NoControlPanel] 0HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0HKU\.DEFAULT\...\Policies\Explorer: [NoViewContextMenu] 0HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0HKU\.DEFAULT\...\Policies\Explorer: [NoFind] 0HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0HKU\.DEFAULT\...\Policies\Explorer: [NoTrayContextMenu] 0HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0HKU\.DEFAULT\...\Policies\Explorer: [NoWindowsUpdate] 0HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Run: [spotify Web Helper] - C:\Users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-02-03] (Spotify Ltd)HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Run: [Google Update] - C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-02-18] (Google Inc.)HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [DisableCMD] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispAppearancePage] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispBackgroundPage] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\system: [NoDispSettingsPage] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFolderOptions] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoViewOnDrive] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoControlPanel] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoViewContextMenu] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoShellSearchButton] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFind] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoFile] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [HideClock] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoTrayContextMenu] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSetFolders] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSetTaskbar] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDeletePrinter] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoDFSTab] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoLogoff] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoWindowsUpdate] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoEncryptOnMove] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoResolveSearch] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoSaveSettings] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoHardwareTab] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0HKU\S-1-5-21-3213193141-316356097-443572586-1000\...\MountPoints2: {bf377446-b8da-11e2-88c2-806e6f6e6963} - Q:\LenovoQDrive.exeSecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dllStartup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Lenovo Product Registration.lnkShortcutTarget: Lenovo Product Registration.lnk -> C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe (Lenovo, Inc.)Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnkShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)==================== Internet (Whitelisted) ====================HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/welcome/thinkpadHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENPHKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpadURLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileURLSearchHook: HKCU - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM-x32 - DefaultScope {D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88} URL =SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKCU - DefaultScope {4DF3A262-AC93-4D3F-B7DA-EA9B8231BCF5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}SearchScopes: HKCU - {4DF3A262-AC93-4D3F-B7DA-EA9B8231BCF5} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_enUS535US535BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)Toolbar: HKLM-x32 - No Name - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileToolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25FireFox:========FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.defaultFF SelectedSearchEngine: GoogleFF Homepage: hxxp://mail.aol.com/38306-111/aol-6/en-us/suite.aspx|https://blackboard.du.edu/webapps/portal/frameset.jsp?tab_tab_group_id=_1_1FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Owner\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\idvaultaddon@whitesky [2014-02-18]FF Extension: No Name - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\temp [2014-02-18]FF Extension: Widevine Media Optimizer - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2013-05-14]FF Extension: Webroot - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda}_deleted [2013-05-20]FF Extension: uTorrentControl_v6 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-09-14]FF Extension: StumbleUpon - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}.xpi [2013-05-13]FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-22]FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client\FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\ []FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFFFF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-02-18]FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []Chrome:=======CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-18]CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-18]CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-18]CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-18]CHR Extension: (Norton Identity Protection) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-02-18]CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-18]CHR HKCU\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Owner\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-02-18]CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\Owner\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2014-02-18]CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-02-18]==================== Services (Whitelisted) =================R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2011-08-31] (Lenovo.)R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)R2 Pharos Systems ComTaskMaster; C:\Program Files (x86)\PharosSystems\Core\CTskMstr.exe [339456 2013-07-30] (Pharos Systems International)R2 SCManager; C:\Program Files (x86)\SafeConnect\scManager.sys [176520 2012-11-19] (Impulse Point, LLC)R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [1028096 2010-08-31] (Lenovo Group Limited)S3 TVT Backup Service; C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe [1492280 2011-08-18] (Lenovo Group Limited)R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-06-29] (Symantec Corporation)==================== Drivers (Whitelisted) ====================R1 AntiLog32; C:\Windows\system32\drivers\AntiLog64.sys [49240 2014-02-18] (Zemana Ltd.)R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-02-18] (Symantec Corporation)U3 EraserUtilDrv11312; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11312.sys [137648 2014-02-18] (Symantec Corporation)R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140219.001\IDSvia64.sys [521944 2014-02-18] (Symantec Corporation)R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140219.018\ENG64.SYS [126040 2014-02-18] (Symantec Corporation)R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140219.018\EX64.SYS [2099288 2014-02-18] (Symantec Corporation)S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-02-18] (Symantec Corporation)R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-30] (Lenovo Information Product(ShenZhen China) Inc.)U0 SR;U2 srservice;==================== NetSvcs (Whitelisted) ======================================= One Month Created Files and Folders ========2014-02-19 19:36 - 2014-02-19 19:36 - 00034641 _____ () C:\Users\Owner\Desktop\FRST.txt2014-02-19 19:35 - 2014-02-19 19:36 - 00000000 ____D () C:\FRST2014-02-19 19:34 - 2014-02-19 19:34 - 00002324 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02192014_193403.txt2014-02-19 19:30 - 2014-02-19 19:34 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine2014-02-19 19:27 - 2014-02-19 19:27 - 04413952 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe2014-02-19 19:27 - 2014-02-19 19:27 - 02153472 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe2014-02-18 21:39 - 2014-02-18 21:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-02-18 21:34 - 2014-02-19 18:44 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job2014-02-18 21:34 - 2014-02-19 18:44 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-02-18 21:34 - 2014-02-18 21:39 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-02-18 21:34 - 2014-02-18 21:39 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job2014-02-18 21:34 - 2014-02-18 21:34 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-02-18 21:34 - 2014-02-18 21:34 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA2014-02-18 21:34 - 2014-02-18 21:34 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-02-18 21:34 - 2014-02-18 21:34 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core2014-02-18 21:33 - 2014-02-18 21:33 - 00847816 _____ (Google Inc.) C:\Users\Owner\Downloads\ChromeSetup.exe2014-02-18 14:13 - 2014-02-18 14:13 - 00000000 ____D () C:\Users\Owner\workspace2014-02-18 14:06 - 2014-02-18 14:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite2014-02-18 14:02 - 2014-02-18 14:02 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS2014-02-18 14:02 - 2014-02-18 14:02 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT2014-02-18 14:02 - 2014-02-18 14:02 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration2014-02-18 14:02 - 2014-02-18 14:02 - 00002523 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk2014-02-18 14:02 - 2014-02-18 14:02 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x642014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite2014-02-18 14:00 - 2014-02-18 14:00 - 00000000 ____D () C:\Users\Owner\Documents\Symantec2014-02-18 13:09 - 2014-02-18 14:05 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton2014-02-18 13:09 - 2014-02-18 13:09 - 01021632 _____ (Symantec Corporation) C:\Users\Owner\Downloads\Norton_Download_Manager.exe2014-02-18 13:09 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\White_Sky,_Inc2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage2014-02-18 13:04 - 2014-02-19 13:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ID Vault2014-02-18 13:04 - 2014-02-19 09:05 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite2014-02-18 13:04 - 2014-02-18 14:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\ID Vault2014-02-18 13:04 - 2014-02-18 13:04 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Windows\SysWOW64\ZALSDK_uninst2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Zemana2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\ProgramData\White Sky, Inc2014-02-18 13:04 - 2013-10-16 13:03 - 10674488 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll2014-02-18 13:02 - 2014-02-18 13:03 - 20609808 _____ (White Sky, Inc.) C:\Users\Owner\Downloads\constantguard.exe2014-02-18 12:49 - 2014-02-18 12:49 - 00004265 _____ () C:\Users\Owner\Desktop\JRT.txt2014-02-18 12:37 - 2014-02-18 12:37 - 00000000 ____D () C:\Windows\ERUNT2014-02-18 12:28 - 2014-02-18 12:39 - 00000000 ____D () C:\AdwCleaner2014-02-18 12:24 - 2014-02-18 12:24 - 01241834 _____ () C:\Users\Owner\Desktop\adwcleaner.exe2014-02-18 12:24 - 2014-02-18 12:24 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe2014-02-17 01:27 - 2014-02-17 01:27 - 00029802 _____ () C:\Users\Owner\Desktop\dds.txt2014-02-17 01:27 - 2014-02-17 01:27 - 00008568 _____ () C:\Users\Owner\Desktop\attach.txt2014-02-12 03:01 - 2013-12-21 02:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2014-02-12 03:01 - 2013-12-21 01:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll2014-02-12 03:00 - 2014-02-06 05:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-02-12 03:00 - 2014-02-06 04:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-02-12 03:00 - 2014-02-06 04:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-02-12 03:00 - 2014-02-06 04:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-02-12 03:00 - 2014-02-06 04:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-02-12 03:00 - 2014-02-06 04:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-02-12 03:00 - 2014-02-06 03:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-02-12 03:00 - 2014-02-06 03:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-02-12 03:00 - 2014-02-06 03:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-02-12 03:00 - 2014-02-06 03:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-02-12 03:00 - 2014-02-06 03:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-02-12 03:00 - 2014-02-06 03:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-02-12 03:00 - 2014-02-06 03:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-02-12 03:00 - 2014-02-06 03:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-02-12 03:00 - 2014-02-06 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-02-12 03:00 - 2014-02-06 03:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-02-12 03:00 - 2014-02-06 03:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-02-12 03:00 - 2014-02-06 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-02-12 03:00 - 2014-02-06 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-02-12 03:00 - 2014-02-06 02:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-02-12 03:00 - 2014-02-06 02:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-02-12 03:00 - 2014-02-06 02:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-02-12 03:00 - 2014-02-06 02:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-02-12 03:00 - 2014-02-06 02:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-02-12 03:00 - 2014-02-06 02:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-02-12 03:00 - 2014-02-06 02:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-02-12 03:00 - 2014-02-06 02:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-02-12 03:00 - 2014-02-06 02:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-02-12 03:00 - 2014-02-06 02:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-02-12 03:00 - 2014-02-06 02:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-02-12 03:00 - 2014-02-06 02:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-02-12 03:00 - 2014-02-06 02:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-02-12 03:00 - 2014-02-06 02:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-02-12 03:00 - 2014-02-06 02:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-02-12 03:00 - 2014-02-06 01:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-02-12 03:00 - 2014-02-06 01:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-02-12 03:00 - 2014-02-06 01:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-02-12 03:00 - 2014-02-06 01:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-02-12 03:00 - 2014-02-06 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-02-11 23:14 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls2014-02-11 23:14 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls2014-02-11 23:14 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll2014-02-11 23:14 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll2014-02-11 23:14 - 2013-12-05 19:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll2014-02-11 23:14 - 2013-12-05 19:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll2014-02-11 23:14 - 2013-12-05 19:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll2014-02-11 23:14 - 2013-12-05 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll2014-02-11 23:14 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll2014-02-11 23:14 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll2014-02-11 23:14 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll2014-02-11 23:14 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll2014-02-11 23:14 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll2014-02-11 23:14 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe2014-02-11 23:14 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe2014-02-11 23:14 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe2014-02-11 23:14 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe2014-02-11 23:14 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll2014-02-11 23:14 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll2014-02-11 23:14 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll2014-02-11 23:14 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll2014-02-11 23:14 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll2014-02-11 23:14 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe2014-02-11 23:14 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe2014-02-11 23:14 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe2014-02-11 23:14 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe2014-02-11 23:14 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll2014-02-11 23:14 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll2014-02-11 21:05 - 2014-02-11 21:06 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr2014-02-11 18:12 - 2014-02-11 18:12 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-02-11 18:12 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-02-11 18:10 - 2014-02-11 18:11 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe2014-02-11 17:55 - 2014-02-11 17:55 - 00000000 ____D () C:\Users\Public\Documents\Hewlett-Packard2014-02-11 17:52 - 2014-02-11 17:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard2014-02-11 17:51 - 2013-07-30 09:03 - 00757760 ____T (Pharos Systems International) C:\Windows\system32\PSR581F7.DLL2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\PharosSystems2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Pharos2014-02-11 17:49 - 2014-02-11 17:49 - 01347249 _____ () C:\Users\Owner\Downloads\!DUnetCD(3).exe2014-02-06 12:11 - 2014-02-06 12:11 - 00826470 _____ () C:\Users\Owner\Downloads\Jake.pptx2014-01-29 13:54 - 2014-02-11 20:59 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp12202494292014-01-28 14:17 - 2014-01-29 13:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp492716972014-01-28 14:12 - 2014-01-28 14:12 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(3).exe2014-01-28 14:11 - 2014-01-28 14:11 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(2).exe2014-01-28 14:09 - 2014-01-28 14:09 - 01344820 _____ () C:\Users\Owner\Downloads\!DUnetCD(2).exe2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller.exe2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(1).exe2014-01-20 19:17 - 2014-01-20 19:17 - 00003248 _____ () C:\Users\Owner\Downloads\MehlmanJakeLab02.zip==================== One Month Modified Files and Folders =======2014-02-19 19:36 - 2014-02-19 19:36 - 00034641 _____ () C:\Users\Owner\Desktop\FRST.txt2014-02-19 19:36 - 2014-02-19 19:35 - 00000000 ____D () C:\FRST2014-02-19 19:34 - 2014-02-19 19:34 - 00002324 _____ () C:\Users\Owner\Desktop\RKreport[0]_S_02192014_193403.txt2014-02-19 19:34 - 2014-02-19 19:30 - 00000000 ____D () C:\Users\Owner\Desktop\RK_Quarantine2014-02-19 19:31 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-02-19 19:31 - 2009-07-13 21:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-02-19 19:30 - 2013-05-11 13:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\foobar20002014-02-19 19:28 - 2013-05-09 12:21 - 01354108 _____ () C:\Windows\WindowsUpdate.log2014-02-19 19:27 - 2014-02-19 19:27 - 04413952 _____ () C:\Users\Owner\Desktop\RogueKillerX64.exe2014-02-19 19:27 - 2014-02-19 19:27 - 02153472 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe2014-02-19 19:25 - 2009-07-13 22:13 - 00726444 _____ () C:\Windows\system32\PerfStringBackup.INI2014-02-19 19:23 - 2009-07-13 21:51 - 00069468 _____ () C:\Windows\setupact.log2014-02-19 18:44 - 2014-02-18 21:34 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job2014-02-19 18:44 - 2014-02-18 21:34 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-02-19 16:37 - 2013-05-13 13:03 - 00000000 ____D () C:\Program Files (x86)\SafeConnect2014-02-19 13:59 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\ID Vault2014-02-19 12:36 - 2013-05-13 14:13 - 00000000 ____D () C:\Users\Owner\Documents\DU2014-02-19 09:05 - 2014-02-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Constant Guard Protection Suite2014-02-19 09:05 - 2013-05-14 23:26 - 00000000 ____D () C:\Program Files (x86)\ControlCenter42014-02-19 09:05 - 2013-05-14 23:26 - 00000000 ____D () C:\Program Files (x86)\Browny022014-02-18 21:39 - 2014-02-18 21:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome2014-02-18 21:39 - 2014-02-18 21:34 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-02-18 21:39 - 2014-02-18 21:34 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job2014-02-18 21:39 - 2013-05-09 13:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google2014-02-18 21:39 - 2013-05-09 12:24 - 00000000 ____D () C:\Program Files (x86)\Google2014-02-18 21:34 - 2014-02-18 21:34 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-02-18 21:34 - 2014-02-18 21:34 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA2014-02-18 21:34 - 2014-02-18 21:34 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-02-18 21:34 - 2014-02-18 21:34 - 00003482 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core2014-02-18 21:33 - 2014-02-18 21:33 - 00847816 _____ (Google Inc.) C:\Users\Owner\Downloads\ChromeSetup.exe2014-02-18 14:20 - 2013-06-13 23:27 - 00000000 ___RD () C:\Users\Owner\Dropbox2014-02-18 14:20 - 2013-06-13 23:26 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox2014-02-18 14:16 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-02-18 14:15 - 2013-05-11 13:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2014-02-18 14:15 - 2013-05-09 16:17 - 00000000 ____D () C:\Program Files (x86)\Webroot2014-02-18 14:15 - 2010-11-20 20:47 - 00570604 _____ () C:\Windows\PFRO.log2014-02-18 14:14 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\ID Vault2014-02-18 14:13 - 2014-02-18 14:13 - 00000000 ____D () C:\Users\Owner\workspace2014-02-18 14:13 - 2013-05-09 13:46 - 00000000 ____D () C:\Users\Owner2014-02-18 14:12 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF2014-02-18 14:06 - 2014-02-18 14:06 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite2014-02-18 14:05 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton2014-02-18 14:05 - 2013-05-09 12:29 - 00000000 ____D () C:\ProgramData\Norton2014-02-18 14:02 - 2014-02-18 14:02 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS2014-02-18 14:02 - 2014-02-18 14:02 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT2014-02-18 14:02 - 2014-02-18 14:02 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration2014-02-18 14:02 - 2014-02-18 14:02 - 00002523 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk2014-02-18 14:02 - 2014-02-18 14:02 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared2014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x642014-02-18 14:01 - 2014-02-18 14:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite2014-02-18 14:00 - 2014-02-18 14:00 - 00000000 ____D () C:\Users\Owner\Documents\Symantec2014-02-18 13:09 - 2014-02-18 13:09 - 01021632 _____ (Symantec Corporation) C:\Users\Owner\Downloads\Norton_Download_Manager.exe2014-02-18 13:09 - 2014-02-18 13:09 - 00000000 ____D () C:\Users\Public\Downloads\Norton2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\White_Sky,_Inc2014-02-18 13:05 - 2014-02-18 13:05 - 00000000 ____D () C:\ProgramData\IsolatedStorage2014-02-18 13:04 - 2014-02-18 13:04 - 00049240 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\AntiLog64.sys2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Windows\SysWOW64\ZALSDK_uninst2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Zemana2014-02-18 13:04 - 2014-02-18 13:04 - 00000000 ____D () C:\ProgramData\White Sky, Inc2014-02-18 13:03 - 2014-02-18 13:02 - 20609808 _____ (White Sky, Inc.) C:\Users\Owner\Downloads\constantguard.exe2014-02-18 12:49 - 2014-02-18 12:49 - 00004265 _____ () C:\Users\Owner\Desktop\JRT.txt2014-02-18 12:39 - 2014-02-18 12:28 - 00000000 ____D () C:\AdwCleaner2014-02-18 12:37 - 2014-02-18 12:37 - 00000000 ____D () C:\Windows\ERUNT2014-02-18 12:35 - 2013-07-17 06:04 - 00000000 ___RD () C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-02-18 12:24 - 2014-02-18 12:24 - 01241834 _____ () C:\Users\Owner\Desktop\adwcleaner.exe2014-02-18 12:24 - 2014-02-18 12:24 - 01037530 _____ (Thisisu) C:\Users\Owner\Desktop\JRT.exe2014-02-18 12:15 - 2013-05-11 13:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\uTorrent2014-02-17 14:28 - 2013-12-10 20:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-02-17 01:27 - 2014-02-17 01:27 - 00029802 _____ () C:\Users\Owner\Desktop\dds.txt2014-02-17 01:27 - 2014-02-17 01:27 - 00008568 _____ () C:\Users\Owner\Desktop\attach.txt2014-02-16 03:02 - 2013-07-16 00:00 - 00000000 ____D () C:\Windows\system32\MRT2014-02-16 03:00 - 2013-05-09 16:00 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe2014-02-13 03:30 - 2013-05-14 12:02 - 00000000 ___RD () C:\Program Files (x86)\Skype2014-02-13 03:30 - 2013-05-14 12:02 - 00000000 ____D () C:\ProgramData\Skype2014-02-12 04:57 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache2014-02-11 21:06 - 2014-02-11 21:05 - 00688992 ____R (Swearware) C:\Users\Owner\Desktop\dds.scr2014-02-11 21:03 - 2013-05-14 23:25 - 00000000 ____D () C:\Program Files (x86)\Brother2014-02-11 20:59 - 2014-01-29 13:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp12202494292014-02-11 18:12 - 2014-02-11 18:12 - 00001120 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Malwarebytes2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-02-11 18:12 - 2014-02-11 18:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware2014-02-11 18:11 - 2014-02-11 18:10 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Owner\Downloads\mbam-setup-1.75.0.1300.exe2014-02-11 17:55 - 2014-02-11 17:55 - 00000000 ____D () C:\Users\Public\Documents\Hewlett-Packard2014-02-11 17:53 - 2013-05-13 13:04 - 00000000 ____D () C:\DUnet2014-02-11 17:52 - 2014-02-11 17:52 - 00000000 ____D () C:\ProgramData\Hewlett-Packard2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\PharosSystems2014-02-11 17:50 - 2014-02-11 17:50 - 00000000 ____D () C:\Program Files (x86)\Pharos2014-02-11 17:49 - 2014-02-11 17:49 - 01347249 _____ () C:\Users\Owner\Downloads\!DUnetCD(3).exe2014-02-06 12:11 - 2014-02-06 12:11 - 00826470 _____ () C:\Users\Owner\Downloads\Jake.pptx2014-02-06 05:16 - 2014-02-12 03:00 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2014-02-06 04:30 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2014-02-06 04:30 - 2014-02-12 03:00 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2014-02-06 04:12 - 2014-02-12 03:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2014-02-06 04:07 - 2014-02-12 03:00 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2014-02-06 04:06 - 2014-02-12 03:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2014-02-06 03:57 - 2014-02-12 03:00 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2014-02-06 03:56 - 2014-02-12 03:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2014-02-06 03:52 - 2014-02-12 03:00 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2014-02-06 03:49 - 2014-02-12 03:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2014-02-06 03:48 - 2014-02-12 03:00 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2014-02-06 03:48 - 2014-02-12 03:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2014-02-06 03:38 - 2014-02-12 03:00 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll2014-02-06 03:32 - 2014-02-12 03:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2014-02-06 03:20 - 2014-02-12 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb2014-02-06 03:17 - 2014-02-12 03:00 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2014-02-06 03:11 - 2014-02-12 03:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2014-02-06 03:01 - 2014-02-12 03:00 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll2014-02-06 03:00 - 2014-02-12 03:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll2014-02-06 02:57 - 2014-02-12 03:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll2014-02-06 02:57 - 2014-02-12 03:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2014-02-06 02:52 - 2014-02-12 03:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll2014-02-06 02:52 - 2014-02-12 03:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll2014-02-06 02:50 - 2014-02-12 03:00 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2014-02-06 02:49 - 2014-02-12 03:00 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll2014-02-06 02:47 - 2014-02-12 03:00 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe2014-02-06 02:46 - 2014-02-12 03:00 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll2014-02-06 02:25 - 2014-02-12 03:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll2014-02-06 02:25 - 2014-02-12 03:00 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll2014-02-06 02:24 - 2014-02-12 03:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2014-02-06 02:22 - 2014-02-12 03:00 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2014-02-06 02:13 - 2014-02-12 03:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll2014-02-06 02:09 - 2014-02-12 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl2014-02-06 02:03 - 2014-02-12 03:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll2014-02-06 01:55 - 2014-02-12 03:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2014-02-06 01:41 - 2014-02-12 03:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll2014-02-06 01:40 - 2014-02-12 03:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2014-02-06 01:36 - 2014-02-12 03:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll2014-02-06 01:34 - 2014-02-12 03:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll2014-02-05 11:31 - 2013-12-10 21:44 - 00000000 ____D () C:\Users\Owner\Documents\Calibre Library2014-02-03 23:43 - 2013-10-01 13:31 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Spotify2014-02-03 22:59 - 2013-10-01 13:31 - 00000000 ____D () C:\Users\Owner\AppData\Local\Spotify2014-01-29 13:54 - 2014-01-28 14:17 - 00000000 ____D () C:\Users\Owner\AppData\Local\lptmp492716972014-01-28 14:19 - 2013-06-13 23:27 - 00001032 _____ () C:\Users\Owner\Desktop\Dropbox.lnk2014-01-28 14:19 - 2013-06-13 23:27 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2014-01-28 14:19 - 2013-05-09 13:49 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-01-28 14:12 - 2014-01-28 14:12 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(3).exe2014-01-28 14:11 - 2014-01-28 14:11 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(2).exe2014-01-28 14:09 - 2014-01-28 14:09 - 01344820 _____ () C:\Users\Owner\Downloads\!DUnetCD(2).exe2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller.exe2014-01-27 14:48 - 2014-01-27 14:48 - 01464136 _____ (Impulse Point, LLC) C:\Users\Owner\Downloads\ServiceInstaller(1).exe2014-01-20 19:17 - 2014-01-20 19:17 - 00003248 _____ () C:\Users\Owner\Downloads\MehlmanJakeLab02.zipSome content of TEMP:====================C:\Users\Owner\AppData\Local\Temp\ntdll_dump.dll==================== Bamital & volsnap Check =================C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legitLastRegBack: 2014-02-18 01:30==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014Ran by Owner at 2014-02-19 19:36:46Running from C:\Users\Owner\DesktopBoot Mode: Normal============================================================================== Security Center ========================AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}==================== Installed Programs ======================64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden7-Zip 9.20 (x32 Version: - )Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) HiddenAdobe Flash Player 11 ActiveX (x32 Version: 11.7.700.169 - Adobe Systems Incorporated)Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.202 - Adobe Systems Incorporated)Adobe Reader XI (11.0.02) (x32 Version: 11.0.02 - Adobe Systems Incorporated)AntiLogger SDK version 1.6.6.296 (x32 Version: 1.6.6.296 - Zemana Ltd.)Broadcom InConcert Maestro (Version: 1.0.1.1500 - Broadcom Corporation)Brother MFL-Pro Suite MFC-J825DW (x32 Version: 1.1.6.0 - Brother Industries, Ltd.)Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hiddencalibre (x32 Version: 1.14.0 - Kovid Goyal)Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)Conexant 20672 SmartAudio HD (Version: 8.32.23.0 - Conexant)Constant Guard Protection Suite (x32 Version: 1.14.110.3 - Comcast)Corel Burn.Now Lenovo Edition (x32 Version: 4.5.0 - Corel Corporation)Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) HiddenCorel DVD MovieFactory Lenovo Edition (x32 Version: 7.0.0 - Corel Corporation)Corel WinDVD (x32 Version: 10.0.5.890 - Corel Inc.)Create Recovery Media (x32 Version: 1.20.0.00 - Lenovo Group Limited)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDirect DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) HiddenDropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff)foobar2000 v1.2.6 (x32 Version: 1.2.6 - Peter Pawlowski)Free Studio version 2013 (x32 Version: 6.1.10.812 - DVDVideoSoft Ltd.)GIMP 2.8.4 (Version: 2.8.4 - The GIMP Team)Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) HiddenIntegrated Camera Driver Installer Package Ver.1.1.0.1147 (x32 Version: 1.1.0.1147 - RICOH)Integrated Camera TWAIN (x32 Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)Intel® Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)Intel® Identity Protection Technology 1.1.2.0 (x32 Version: 1.1.2.0 - Intel Corporation)Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)Intel® Processor Graphics (x32 Version: 8.15.10.2476 - Intel Corporation)Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenJava SE Development Kit 7 Update 45 (64-bit) (Version: 1.7.0.450 - Oracle)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenLenovo Auto Scroll Utility (Version: 1.11 - )Lenovo Patch Utility (x32 Version: 1.0.1.1 - Lenovo Group Limited)Lenovo Patch Utility 64 bit (Version: 1.2.0.1 - Lenovo Group Limited)Lenovo Registration (x32 Version: 1.0.4 - Lenovo Inc.)Lenovo SimpleTap (Version: 3.0.0010.00 - Lenovo Group Limited)Lenovo Solution Center (Version: 1.0.006.00 - Lenovo Group Limited)Lenovo System Interface Driver (Version: 1.05 - )Lenovo User Guide (x32 Version: 1.0.0008.00 - Lenovo)Lenovo Warranty Information (x32 Version: 1.0.0005.00 - Lenovo)Lenovo Welcome (x32 Version: 3.00.006.0 - Lenovo)Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) HiddenMessage Center Plus (x32 Version: 3.0.0011.00 - Lenovo Group Limited)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office 365 Home Premium - en-us (Version: 15.0.4551.1512 - Microsoft Corporation)Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4420.1017 - Microsoft Corporation)Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)Microsoft SkyDrive (HKCU Version: 17.0.2003.1112 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)Mozilla Firefox 27.0.1 (x86 en-US) (x32 Version: 27.0.1 - Mozilla)Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)MPC-HC 1.6.7.7114 (9eb64ec) (x32 Version: 1.6.7.7114 - MPC-HC Team)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)Norton Security Suite (x32 Version: 21.1.0.18 - Symantec Corporation)Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) HiddenOffice 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) HiddenOn Screen Display (Version: 6.60.03 - )Pharos (x32 Version: - )RapidBoot (Version: 1.11 - Lenovo)Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (Version: 1.00 - )Rescue and Recovery (x32 Version: 4.50.0025.00 - Lenovo Group Limited)RICOH_Media_Driver_v2.13.18.02 (x32 Version: 2.13.18.02 - RICOH)SafeConnect (Version: - )SafeConnect (x32 Version: - )Search Protection (HKCU Version: 7.5.0.1 - Spigot, Inc.)Skype Click to Call (x32 Version: 7.0.14735.1561 - Microsoft Corporation)Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)Spotify (HKCU Version: 0.9.6.72.ge389c074 - Spotify AB)System Update (x32 Version: 4.01.0015 - Lenovo)ThinkPad Bluetooth with Enhanced Data Rate Software (Version: 6.4.0.1500 - Broadcom Corporation)ThinkPad FullScreen Magnifier (Version: 2.40 - )ThinkPad Power Management Driver (Version: 1.61.00.11 - )ThinkPad Power Manager (x32 Version: 3.63 - )ThinkPad UltraNav Driver (Version: 15.3.8.0 - )ThinkPad UltraNav Utility (x32 Version: 2.13.0 - Lenovo)ThinkPad Wireless LAN Adapter Software (x32 Version: 1.00.0029.8 - REALTEK Semiconductor Corp.)ThinkVantage Active Protection System (Version: 1.73 - Lenovo)ThinkVantage AutoLock (Version: 1.03 - Lenovo)ThinkVantage Communications Utility (Version: 2.07 - Lenovo)Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)uTorrentControl_v6 Toolbar (x32 Version: 6.14.0.28 - uTorrentControl_v6) <==== ATTENTIONVIP Access (x32 Version: 2.0.2.140 - VeriSign)Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (Version: 12/21/2010 11.8.84.0 - Intel)Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (Version: 09/10/2010 9.2.0.1011 - Intel)Windows Driver Package - Intel System (11/20/2010 9.2.0.1016) (Version: 11/20/2010 9.2.0.1016 - Intel)Windows Driver Package - Intel USB (12/21/2010 9.2.0.1021) (Version: 12/21/2010 9.2.0.1021 - Intel)Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (Version: 11/11/2010 1.61.00.11 - Lenovo)Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)Windows Driver Package - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (Version: 05/19/2011 15.3.8.0 - Synaptics)Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) HiddenWindows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenWindows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden==================== Restore Points =========================16-01-2014 10:00:12 Windows Update23-01-2014 10:14:22 Scheduled Checkpoint31-01-2014 08:24:38 Scheduled Checkpoint08-02-2014 07:00:01 Scheduled Checkpoint12-02-2014 10:00:13 Windows Update16-02-2014 10:00:10 Windows Update==================== Hosts content: ==========================2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============Task: {21EF2635-736F-4A1E-87E5-D7EA7D6ED1BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)Task: {266E4017-A341-4D70-B878-01DBAD0B4BFC} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)Task: {2856F1E8-E8B0-47C8-B5A1-E356A52DBC52} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)Task: {28CC30A4-DB5F-4F33-9DC7-BE64D4FC0CAD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)Task: {292A8D21-9C30-408C-98A0-F650E06B1B8C} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for Owner-THINK.Owner => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)Task: {40AE01D3-5F0E-4D17-99BB-70A7B8EFE5E2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)Task: {47ACAA1D-C359-45B7-AB8E-B2C5A1F46F24} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-09] (Lenovo)Task: {593AB8FF-6C49-4A9C-816D-B181445EDB74} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)Task: {6134C8CA-7379-43A3-8501-AB7E491B30DD} - System32\Tasks\TVT\LaunchRnR => %RR%\rrcmd.exeTask: {62A23C58-FC63-4955-990E-799A469AC87A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)Task: {8C6F11E8-40D2-41F1-9579-B8227851D38F} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exeTask: {DB6E5842-2CE1-4E20-BC7E-44E27A0E5412} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)Task: {E7686939-2AA5-4675-900B-A00DA9E83FE7} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exeTask: {ECD13D70-6EA0-43DB-82A9-E3B70E39CB51} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-08-31] (Lenovo Group Limited)Task: {EE28A128-E20A-49BE-80F5-B429C2EB7000} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-16] (Microsoft Corporation)Task: {F06502B0-D3D7-4EC1-A460-7E0627958021} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()Task: {FA46AEDD-ED2A-4517-AC05-9D1E27D6F1C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-18] (Google Inc.)Task: {FD382818-6C3C-4526-AB2E-AC5E9EDCE174} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000Core.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3213193141-316356097-443572586-1000UA.job => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe==================== Loaded Modules (whitelisted) =============2013-05-11 12:10 - 2013-10-31 09:07 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll2013-05-11 12:10 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll2013-05-11 12:10 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll2013-05-14 23:26 - 2005-04-21 21:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll2013-05-09 11:46 - 2011-05-19 05:04 - 00057640 ____N () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll2013-05-09 12:10 - 2010-10-25 21:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe2013-05-09 12:11 - 2011-08-17 18:00 - 00094208 ____N () C:\Windows\System32\IccLibDll_x64.dll2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 ____N () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll2013-05-09 12:14 - 2011-08-31 11:03 - 00045568 ____N () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL2014-01-16 14:15 - 2014-01-16 14:15 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll2011-12-21 00:28 - 2012-01-11 07:25 - 00636216 ____N () C:\SWTOOLS\SimpleTap DeskBand\DeskBand64.dll2013-05-09 12:15 - 2010-04-06 09:05 - 02085888 ____N () C:\Program Files\Lenovo\AutoLock\cv210.dll2013-05-09 12:15 - 2010-04-06 09:04 - 02201088 ____N () C:\Program Files\Lenovo\AutoLock\cxcore210.dll2014-01-13 14:12 - 2014-01-13 14:13 - 00549272 _____ () C:\Program Files (x86)\Constant Guard Protection Suite\sqlite3.DLL2013-10-18 16:55 - 2013-10-18 16:55 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll2013-05-14 23:25 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll2013-12-10 20:56 - 2014-02-17 14:28 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll==================== Alternate Data Streams (whitelisted) ============================= Safe Mode (whitelisted) ===================HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"==================== Disabled items from MSCONFIG ================================== Faulty Device Manager Devices =============Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.Name: Bluetooth Peripheral DeviceDescription: Bluetooth Peripheral DeviceClass Guid:Manufacturer:Service:Problem: : The drivers for this device are not installed. (Code 28)Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.==================== Event log errors: =========================Application errors:==================Error: (02/19/2014 07:30:34 PM) (Source: Application Error) (User: )Description: Faulting application name: firefox.exe, version: 27.0.1.5156, time stamp: 0x52fc0faaFaulting module name: xul.dll, version: 27.0.1.5156, time stamp: 0x52fc0f79Exception code: 0xc0000005Fault offset: 0x001560c7Faulting process id: 0x1124Faulting application start time: 0xfirefox.exe0Faulting application path: firefox.exe1Faulting module path: firefox.exe2Report Id: firefox.exe3Error: (02/19/2014 03:19:25 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (02/19/2014 03:18:59 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (02/19/2014 02:29:28 AM) (Source: SideBySide) (User: )Description: Activation context generation failed for "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".Dependent Assembly Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.Please use sxstrace.exe for detailed diagnosis.Error: (02/18/2014 02:16:45 PM) (Source: WinMgmt) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003System errors:=============Error: (02/19/2014 00:31:55 PM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.Error: (02/19/2014 00:31:55 PM) (Source: Service Control Manager) (User: )Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IDVaultSvc service.Error: (02/19/2014 07:01:20 AM) (Source: Disk) (User: )Description: The driver detected a controller error on \Device\Harddisk1\DR1.Error: (02/18/2014 02:18:02 PM) (Source: Schannel) (User: Owner-THINK)Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.Error: (02/18/2014 02:18:02 PM) (Source: Schannel) (User: Owner-THINK)Description: The following fatal alert was generated: 48. The internal error state is 552.Error: (02/18/2014 02:17:41 PM) (Source: DCOM) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)Error: (02/18/2014 02:17:38 PM) (Source: Schannel) (User: Owner-THINK)Description: The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate.Error: (02/18/2014 02:17:38 PM) (Source: Schannel) (User: Owner-THINK)Description: The following fatal alert was generated: 48. The internal error state is 552.Error: (02/18/2014 02:17:29 PM) (Source: DCOM) (User: NT AUTHORITY)Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)Error: (02/18/2014 02:16:40 PM) (Source: Service Control Manager) (User: )Description: The Norton Security Suite service failed to start due to the following error:%%1053Microsoft Office Sessions:=========================Error: (02/19/2014 07:30:34 PM) (Source: Application Error)(User: )Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c7112401cf2ceeecd8074dC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllf969d3e3-99d6-11e3-95c3-0021cc66a83fError: (02/19/2014 03:19:25 AM) (Source: SideBySide)(User: )Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"c:\program files\Lenovo\lenovo solution center\App\diag\flex_comm_sample.exeError: (02/19/2014 03:18:59 AM) (Source: SideBySide)(User: )Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exeError: (02/19/2014 02:29:28 AM) (Source: SideBySide)(User: )Description: Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"C:\Program Files\Lenovo\Lenovo Solution Center\App\diag\flex_comm_sample.exeError: (02/18/2014 02:16:45 PM) (Source: WinMgmt)(User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003==================== Memory info ===========================Percentage of memory in use: 57%Total physical RAM: 3983.23 MBAvailable physical RAM: 1692.27 MBTotal Pagefile: 7964.65 MBAvailable Pagefile: 4962.13 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.81 MB==================== Drives ================================Drive c: (Windows7_OS) (Fixed) (Total:281 GB) (Free:116.84 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:6.09 GB) NTFS==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 298 GB) (Disk ID: 539E2D9C)Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)==================== End Of Log ============================ Link to post Share on other sites More sharing options...
Andro1d Posted February 21, 2014 ID:794445 Share Posted February 21, 2014 Hello,Do you recognize the following file?C:\Users\Owner\Downloads\!DUnetCD(3).exe -----------------------------------------Please go to Start > Control Panel > Add or Remove Programs and remove the following (if present):uTorrentControl_v6 ToolbarJava 7 Update 45Java 7 Update 45 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 45 (64-bit)-----------------------------------------Press the windows key + r on your keyboard at the same time. Type in notepad and press EnterPlease copy and paste the contents of the below code box into the open notepad and save it to your desktop as fixlist.txtHKU\.DEFAULT\...\Run: [SearchProtect] - \SearchProtect\bin\cltmng.exeURLSearchHook: HKLM-x32 - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileURLSearchHook: HKCU - (No Name) - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileSearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKLM-x32 - DefaultScope {D58CF5D4-7C57-4D35-AA4D-AEC1FBFE9B88} URL =SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =Toolbar: HKLM-x32 - No Name - {96f454ea-9d38-474f-b504-56193e00c1a5} - No FileToolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileFF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin-x32: @microsoft.com/GENUINE - disabled No FileFF Extension: uTorrentControl_v6 - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\48epp7j8.default\Extensions\{96f454ea-9d38-474f-b504-56193e00c1a5} [2013-09-14] NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system. Run FRST and press the Fix button just once and wait.If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply. Note: If the tool warned you about an outdated version please download and run the updated version.-----------------------------------------Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.Latest version is Java JRE 7u51 was released on Oct. 15. 2013.You can manually check your present version and update as recommended.https://www.java.com/en/download/installed.jsp-----------------------------------------Please scan your machine with ESET OnlineScanHold down Control and click on the following link to open ESET OnlineScan in a new window.ESET OnlineScanClick the button.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.Save it to your Desktop.Double click on the to download the ESET Smart Installer. icon on your Desktop.Check "YES, I accept the Terms of Use."Click the Start button.Accept any security warnings from your browser.Under scan settings, check "Scan Archives" and "Remove found threats" Click Advanced settings and select the following:Scan potentially unwanted applicationsScan for potentially unsafe applicationsEnable Anti-Stealth technologyESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.When the scan completes, click List ThreatsClick Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.Click the Back button.Click the Finish button.-----------------------------------------In your next reply, please post the followingResponse if you recognize that fileFixlog.txtESET Log Link to post Share on other sites More sharing options...
Staff gringo_pr Posted February 25, 2014 Staff ID:796287 Share Posted February 25, 2014 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts