Jump to content

Runtime Error --Visual C++ Runtime Library


Recommended Posts

 I keep getting this error and I have tried a multitude of options to clear it up.  I have uninstalled & reinstalled Malware Bytes twice, cleared all the files, Ran CC Cleaner, reinstalled, reboots, the whole 9 yards.  I came across this forum & saw another thread where it was suggested to download Farbar Recovery, which I did.  I copied the logs per the instructions but it won't let me reply back to that post so here is another one.

 

I have the logs but didn't want to post them yet.  I ran the one for my system, (32 bit) so now I am at a stumbling block.  Please help!

 

Incidentally, I also have errors in accessing my docs from gmail to attach to emails and something upon startup that my PC Fax (which I forgot was even on computers anymore) has issues.  Also, I sign in using Credant Shield and it's been telling me for a month now that I am an unmanaged user.

 

Below is the pic of the error.

 

Ideas?? 

Runtime Error pic.bmp

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014

Ran by A7AS (administrator) on AFLACA7AS on 02-07-2014 08:50:09

Running from C:\Documents and Settings\A7AS\My Documents\Downloads

Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)

Internet Explorer Version 8

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(Credant Technologies, Inc.) C:\WINDOWS\system32\Credant.exe

(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

(Agere Systems) C:\Program Files\LSI SoftModem\agrsmsvc.exe

(Symantec Corporation) C:\Program Files\Symantec AntiVirus\DefWatch.exe

(Juniper Networks) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe

(Seiko Epson Corporation) C:\WINDOWS\system32\escsvc.exe

(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe

(Lexmark International, Inc.) C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdqserv.exe

( ) C:\WINDOWS\system32\lxdqcoms.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe

(CyberAngel Security Solutions) C:\WINDOWS\system32\Mschksvc.exe

() C:\WINDOWS\system32\mswnetchk.exe

(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe

() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

(Symantec Corporation) C:\Program Files\Symantec AntiVirus\Rtvscan.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Skyhook Wireless) C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Motorola Mobility LLC) C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe

(Agere Systems) C:\WINDOWS\AGRSMMSG.exe

(AFLAC) C:\Program Files\AFLAC\Common\WSPPurge.exe

(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe

(Symantec Corporation) C:\PROGRA~1\SYMANT~1\VPTray.exe

(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe

(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe

(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe

(Credant Technologies, Inc.) C:\WINDOWS\system32\CredUI.exe

(Sybase, Inc.) C:\Program Files\AClient\Bin\XCDiffCache.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe

() C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe

(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe

() C:\Program Files\Lexmark Z2400 Series\lxdqmsdmon.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe

(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe

() C:\WINDOWS\system32\MsChkPrompt.exe

(Microsoft Corporation) C:\Program Files\Messenger\msmsgs.exe

(Google) C:\Program Files\Google\Drive\googledrivesync.exe

(Google) C:\Program Files\Google\Drive\googledrivesync.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

() C:\WINDOWS\Dll32Agent.Exe

(Intuit Inc.) C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe

(Dropbox, Inc.) C:\Documents and Settings\A7AS\Application Data\Dropbox\bin\Dropbox.exe

(Intuit Inc. All rights reserved.) C:\Documents and Settings\A7AS\Local Settings\Application Data\Intuit\SyncManager\Current\IntuitSyncManager.exe

(Intuit, Inc.) C:\PROGRA~1\Intuit\QUICKB~1\QBDBMgr.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88209 2005-04-13] (Agere Systems)

HKLM\...\Run: [synTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-15] (Synaptics, Inc.)

HKLM\...\Run: [WSPPurge] => C:\Program Files\Aflac\Common\WSPPurge.exe [20480 2007-12-26] (AFLAC)

HKLM\...\Run: [Aflac_Do_Not_Remove] => C:\Aflac2000\WSPInfo.exe [45056 2006-09-12] (AFLAC)

HKLM\...\Run: [soundMAX] => C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [888832 2008-07-25] (Analog Devices, Inc.)

HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [52896 2006-07-19] (Symantec Corporation)

HKLM\...\Run: [vptray] => C:\Program Files\Symantec AntiVirus\VPTray.exe [125168 2006-09-27] (Symantec Corporation)

HKLM\...\Run: [soundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1044480 2009-01-16] (Analog Devices, Inc.)

HKLM\...\Run: [WatchDog] => C:\Program Files\InterVideo\DVD8SESD\DVDCheck.exe [200848 2009-03-04] (InterVideo Inc.)

HKLM\...\Run: [CMGCredUI] => C:\WINDOWS\system32\CredUI.exe [204878 2007-05-08] (Credant Technologies, Inc.)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k

HKLM\...\Run: [Afaria Client File Differencing] => C:\Program Files\AClient\Bin\XCDiffCache.exe [179712 2011-06-16] (Sybase, Inc.)

HKLM\...\Run: [Afaria Client Event Monitor] => C:\Program Files\AClient\Bin\XCMonitor.exe [819712 2010-09-02] (Sybase, Inc.)

HKLM\...\Run: [intuit SyncManager] => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe [2829624 2013-11-15] (Intuit Inc. All rights reserved.)

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2014-04-14] (RealNetworks, Inc.)

HKLM\...\Run: [lxdqmon.exe] => C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe [672424 2010-02-04] ()

HKLM\...\Run: [lxdqamon] => C:\Program Files\Lexmark Z2400 Series\lxdqamon.exe [16040 2010-02-04] ()

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)

HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)

HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)

HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM\...\Run: [!SysInit] => c:\windows\system32\mschkprompt.exe [28672 2008-11-07] ()

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

Winlogon\Notify\NavLogon: C:\WINDOWS\system32\NavLogon.dll (Symantec Corporation)

HKU\S-1-5-21-1757981266-1482476501-839522115-1006\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-13] (Microsoft Corporation)

HKU\S-1-5-21-1757981266-1482476501-839522115-1006\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)

HKU\S-1-5-21-1757981266-1482476501-839522115-1006\...\MountPoints2: {9c0213ab-6a3c-11e2-a4de-0026c600b60a} - F:\IronKey.exe

HKU\S-1-5-21-1757981266-1482476501-839522115-1006\...\MountPoints2: {e98527bc-8967-11dd-8553-806d6172696f} - D:\SWSETUP\APPINSTL\setup.exe

HKU\S-1-5-21-1757981266-1482476501-839522115-1006\...\MountPoints2: {f75b546e-6780-11e2-a4db-0026c600b60a} - E:\MotorolaDeviceManagerSetup.exe -a

Startup: C:\Documents and Settings\A7AS\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\A7AS\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Intuit Data Protect.lnk

ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk

ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7069B605936FCF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.aflac.com/?ReturnURL=https://my.aflac.com/portal/sso/SSOLogin.aspx

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)

BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)

Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)

Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File

Toolbar: HKCU - Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll ()

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab


DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Handler: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)

Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 68.105.28.16 68.105.29.16 192.168.1.1

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: anvisoft.com/AdblockPlugin - C:\Documents and Settings\All Users\Application Data\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll No File

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-16]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-14]

FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2013-01-29]

FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on

FF Extension: E-Web Print - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2014-02-10]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-14]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com/"

CHR StartupUrls: "hxxp://www.google.com"

CHR DefaultSearchKeyword: trovi.search

CHR DefaultSearchProvider: Trovi search

CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.57\pdf.dll No File

CHR Plugin: (ActiveTouch General Plugin Container) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\Application\plugins\npatgpc.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)

CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)

CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))

CHR Plugin: (Google Update) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (Java Platform SE 6 U35) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll No File

CHR Plugin: (Java Deployment Toolkit 6.0.350.10) - C:\WINDOWS\system32\npdeployJava1.dll No File

CHR Plugin: (Bing Bar) - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll No File

CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Angry Birds) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-10-01]

CHR Extension: (YouTube) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-01]

CHR Extension: (Google Search) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-01]

CHR Extension: (saVE net) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\djiifepnjfbngpaealckfiecfjflcejk [2014-05-05]

CHR Extension: (DiscountExttensi) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gehhgpjdfdephlpmkjddgogkadbgmjom [2014-05-13]

CHR Extension: (RealDownloader) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-13]

CHR Extension: (YoutubeAdblocker) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\niegbpppafijmgfnldekbljmfnlhmjdj [2014-05-05]

CHR Extension: (HTML Saver) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\oiicpdkmeclmgmlmbajefnkalcfageek [2014-05-05]

CHR Extension: (Evernote Web Clipper) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2012-10-01]

CHR Extension: (Gmail) - C:\Documents and Settings\A7AS\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-01]

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [lhmiofmipcpmhgihiecmpiekcacigpgb] - C:\Documents and Settings\All Users\Application Data\Anvisoft\Anvi Smart Defender 2\extensions\chrome.crx [2013-08-14]

CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\A7AS\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-03-14]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

========================== Services (Whitelisted) =================

 

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2008-08-26] (Agere Systems) [File not signed]

R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [192160 2006-07-19] (Symantec Corporation)

R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [169632 2006-07-19] (Symantec Corporation)

R2 CMGShield; C:\WINDOWS\system32\Credant.exe [1040463 2007-05-08] (Credant Technologies, Inc.) [File not signed]

R2 DefWatch; C:\Program Files\Symantec AntiVirus\DefWatch.exe [31472 2006-09-27] (Symantec Corporation)

R2 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [671848 2013-05-20] (Juniper Networks)

R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION)

R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)

R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-06-25] (Oracle Corporation)

S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_1.EXE [2528960 2006-08-25] (Symantec Corporation)

R2 lxdqCATSCustConnectService; C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdqserv.exe [94208 2009-04-28] (Lexmark International, Inc.)

R2 lxdq_device; C:\WINDOWS\system32\lxdqcoms.exe [589824 2007-11-28] ( )

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)

R2 MsChkSvc; C:\WINDOWS\system32\MsChkSvc.exe [32768 2008-11-07] (CyberAngel Security Solutions) [File not signed]

R2 MsWnetChk; C:\WINDOWS\system32\MsWnetChk.exe [122880 2008-11-07] () [File not signed]

R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]

R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]

R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2013-11-15] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-08-18] (Intuit Inc.) [File not signed]

R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-08-18] (Intuit Inc.) [File not signed]

R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

S3 ReflectService; C:\Program Files\NCH Software\Reflect\reflect.exe [1039364 2012-11-17] (NCH Software) [File not signed]

S3 SavRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [116464 2006-09-27] (symantec)

S3 SNDSrvc; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [214720 2006-08-07] (Symantec Corporation)

R2 SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [1160848 2006-04-11] (Symantec Corporation)

R2 Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [1813232 2006-09-27] (Symantec Corporation)

R2 WPSScannerSvc; C:\Program Files\Skyhook Wireless\Wi-Fi Service\WPSScannerSvc.exe [126976 2010-01-21] (Skyhook Wireless) [File not signed]

 

==================== Drivers (Whitelisted) ====================

 

R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1204128 2008-10-29] (Agere Systems) [File not signed]

S3 BrScnUsb; C:\WINDOWS\System32\DRIVERS\BrScnUsb.sys [15295 2010-03-25] (Brother Industries Ltd.)

R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [991656 2009-01-14] (Broadcom Corporation.)

R0 CredCEF; C:\WINDOWS\System32\Drivers\CredCEF.sys [214095 2007-05-08] (Credant Technologies, Inc.) [File not signed]

S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5220 2003-05-01] (Cisco Systems, Inc.)

R3 DNE; C:\WINDOWS\System32\DRIVERS\dne2000.sys [138916 2002-08-26] (Deterministic Networks, Inc.)

R3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [26624 2013-05-20] (Juniper Networks)

R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-09-17] (Symantec Corporation)

R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [106656 2013-06-17] (Symantec Corporation)

S3 GTIPCI21; C:\WINDOWS\System32\DRIVERS\gtipci21.sys [88192 2006-04-06] (Texas Instruments) [File not signed]

S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2010-02-01] (HP)

S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2010-02-01] (HP)

S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2010-02-01] (HP)

S3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [41216 2008-08-19] (Infineon Technologies AG) [File not signed]

R3 Iviaspi; C:\WINDOWS\System32\drivers\Iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [53208 2014-06-26] (Malwarebytes Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-02] (Malwarebytes Corporation)

S3 motandroidusb; C:\WINDOWS\System32\Drivers\motoandroid.sys [26240 2013-03-26] (Motorola)

R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20130706.003\NAVENG.SYS [93272 2013-06-17] (Symantec Corporation)

R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20130706.003\NAVEX15.SYS [1611992 2013-06-17] (Symantec Corporation)

R3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3630336 2009-09-14] (Intel Corporation)

R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)

R1 SafDskNT; C:\WINDOWS\system32\Drivers\SafDskNT.sys [77824 2010-01-21] (PC Dynamics, Inc.) [File not signed]

R1 SAVRT; C:\Program Files\Symantec AntiVirus\savrt.sys [337592 2006-09-06] (Symantec Corporation)

R1 SAVRTPEL; C:\Program Files\Symantec AntiVirus\Savrtpel.sys [54968 2006-09-06] (Symantec Corporation)

R0 SFAUDIO; C:\WINDOWS\System32\drivers\sfaudio.sys [24064 2008-03-28] (Sonic Focus, Inc)

S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-08-17] (SMC)

R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [389776 2006-04-11] (Symantec Corporation)

R3 SymEvent; C:\Program Files\Symantec\SYMEVENT.SYS [109744 2006-09-18] (Symantec Corporation)

R3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [24768 2006-08-07] (Symantec Corporation)

R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [195776 2006-08-07] (Symantec Corporation)

S3 tifm21; C:\WINDOWS\System32\drivers\tifm21.sys [168448 2006-07-06] (Texas Instruments) [File not signed]

S3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [2210048 2007-07-25] (Intel® Corporation)

R3 Wpsnuio; C:\WINDOWS\System32\DRIVERS\wpsnuio.sys [12416 2010-01-21] (Skyhook Wireless) [File not signed]

R3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [296320 2009-09-14] (Marvell)

S3 asdids; system32\DRIVERS\asdids.sys [X]

S3 asdidsmp; system32\DRIVERS\asdids.sys [X]

S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]

S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]

U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

U1 WS2IFSL; 

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-02 08:50 - 2014-07-02 08:50 - 00000000 ____D () C:\FRST

2014-06-30 09:24 - 2014-06-30 09:24 - 00001819 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2014-06-30 09:24 - 2014-06-30 09:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome

2014-06-26 09:47 - 2014-06-26 09:51 - 00000000 ____D () C:\Program Files\Advanced Fix 2013

2014-06-26 09:47 - 2014-06-26 09:47 - 00000766 _____ () C:\Documents and Settings\All Users\Desktop\Advanced Fix 2013.lnk

2014-06-26 09:47 - 2014-06-26 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Advanced Fix 2013

2014-06-26 09:44 - 2014-07-02 08:37 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-06-26 09:44 - 2014-06-26 10:45 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-06-26 09:44 - 2014-06-26 09:44 - 00000783 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-26 09:44 - 2014-06-26 09:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-06-26 09:44 - 2014-06-26 09:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-26 09:44 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-06-26 08:46 - 2014-06-26 08:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf

2014-06-26 08:45 - 2014-06-26 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-06-25 09:32 - 2014-06-25 09:32 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-06-25 09:31 - 2014-06-25 09:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java

2014-06-25 09:31 - 2014-06-25 09:30 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe

2014-06-25 09:31 - 2014-06-25 09:30 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe

2014-06-25 09:31 - 2014-06-25 09:30 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

2014-06-25 09:31 - 2014-06-25 09:30 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl

2014-06-25 09:31 - 2014-06-25 09:30 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll

2014-06-25 08:56 - 2014-06-25 08:56 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1403704746625

2014-06-25 08:56 - 2014-06-25 08:56 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1403704746625

2014-06-25 08:54 - 2014-06-26 09:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software

2014-06-25 08:38 - 2014-06-25 08:38 - 00000000 ____D () C:\Documents and Settings\A7AS\My Documents\Simply Super Software

2014-06-25 08:38 - 2012-06-15 16:39 - 00169744 _____ () C:\WINDOWS\system32\ztvunrar36.dll

2014-06-25 08:38 - 2012-06-15 16:35 - 00185616 _____ () C:\WINDOWS\system32\ztvunrar39.dll

2014-06-25 08:38 - 2012-06-15 16:33 - 00605968 _____ (Igor Pavlov) C:\WINDOWS\system32\ztv7z.dll

2014-06-25 08:38 - 2012-06-15 16:33 - 00077072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztvcabinet.dll

2014-06-25 08:38 - 2005-08-26 01:50 - 00077312 _____ () C:\WINDOWS\system32\ztvunace26.dll

2014-06-25 08:38 - 2003-02-02 20:06 - 00153088 _____ () C:\WINDOWS\system32\unrar3.dll

2014-06-25 08:38 - 2002-03-06 01:00 - 00075264 _____ () C:\WINDOWS\system32\unacev2.dll

2014-06-25 08:37 - 2014-06-25 08:38 - 00000000 ____D () C:\Documents and Settings\A7AS\Application Data\Simply Super Software

2014-06-25 08:37 - 2014-06-25 08:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software

2014-06-19 13:16 - 2014-06-19 13:16 - 00000842 _____ () C:\Documents and Settings\A7AS\Desktop\Shortcut to ACC injury claim form.pdf.lnk

2014-06-19 13:16 - 2014-06-19 13:16 - 00000837 _____ () C:\Documents and Settings\A7AS\Desktop\Shortcut to ACC Wellness Benefit.pdf.lnk

2014-06-16 13:14 - 2014-06-16 13:14 - 00005605 _____ () C:\Documents and Settings\A7AS\My Documents\BB823B8755.csv

2014-06-16 07:36 - 2014-06-16 07:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-16 07:36 - 2014-06-16 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus

2014-06-10 12:36 - 2014-06-11 12:23 - 00096767 _____ () C:\WINDOWS\8JVFLKZC.INV

2014-06-05 11:45 - 2014-06-05 11:45 - 00012023 _____ () C:\Documents and Settings\A7AS\My Documents\SEAHP Svcin Copy  RENFROES OFFICE.xlsx

2014-06-04 10:35 - 2014-06-04 10:55 - 00000248 _____ () C:\Documents and Settings\All Users\lxdqDiagnostics.log

2014-06-04 10:35 - 2014-06-04 10:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lexmark Z2400 Series

2014-06-02 09:14 - 2014-06-11 14:59 - 00258310 ____S () C:\WINDOWS\8JVFLKZC.RTY

 

==================== One Month Modified Files and Folders =======

 

2014-07-02 08:51 - 2008-01-21 12:13 - 00000000 ____D () C:\Documents and Settings\A7AS\Local Settings\Temp

2014-07-02 08:50 - 2014-07-02 08:50 - 00000000 ____D () C:\FRST

2014-07-02 08:42 - 2012-11-02 07:27 - 00424488 _____ () C:\WinTab.log

2014-07-02 08:40 - 2014-01-08 14:17 - 00000000 ____D () C:\Documents and Settings\A7AS\Application Data\Dropbox

2014-07-02 08:39 - 2014-01-08 14:25 - 00000000 ___RD () C:\Documents and Settings\A7AS\My Documents\Dropbox

2014-07-02 08:39 - 2014-01-08 14:23 - 00000000 ____D () C:\Documents and Settings\A7AS\Application Data\DropboxMaster

2014-07-02 08:37 - 2014-06-26 09:44 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-07-02 08:37 - 2014-05-05 11:18 - 00000626 ____H () C:\WINDOWS\Tasks\SN.Booster-S-469265631.job

2014-07-02 08:37 - 2014-04-14 10:45 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1757981266-1482476501-839522115-1006.job

2014-07-02 08:37 - 2013-03-14 16:27 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-02 08:37 - 2013-02-05 21:33 - 00000298 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1757981266-1482476501-839522115-1006.job

2014-07-02 08:37 - 2012-12-13 10:03 - 00000284 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job

2014-07-02 08:37 - 2012-11-07 10:43 - 00000000 ____D () C:\Temp

2014-07-02 08:37 - 2008-01-21 12:57 - 00000256 ___SH () C:\WINDOWS\system32\CredSys.cdb

2014-07-02 08:31 - 2009-09-17 15:42 - 00000000 ____D () C:\Program Files\Symantec AntiVirus

2014-07-02 08:30 - 2009-09-16 11:16 - 01662659 ____N () C:\WINDOWS\WindowsUpdate.log

2014-07-02 08:29 - 2009-09-16 11:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-07-02 08:29 - 2009-09-16 07:10 - 00000159 ____N () C:\WINDOWS\wiadebug.log

2014-07-02 08:29 - 2009-09-16 07:10 - 00000048 ____N () C:\WINDOWS\wiaservc.log

2014-07-01 15:01 - 2009-09-16 11:23 - 00032552 ____N () C:\WINDOWS\SchedLgU.Txt

2014-07-01 15:01 - 2008-01-21 12:13 - 00000278 ___SH () C:\Documents and Settings\A7AS\ntuser.ini

2014-07-01 15:01 - 2008-01-21 12:13 - 00000000 ____D () C:\Documents and Settings\A7AS

2014-07-01 14:27 - 2013-03-14 16:27 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-01 14:22 - 2013-01-06 11:50 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-07-01 14:00 - 2013-01-29 12:58 - 00000452 _____ () C:\WINDOWS\Tasks\At4.job

2014-07-01 12:53 - 2014-03-10 12:53 - 00000460 _____ () C:\WINDOWS\Tasks\Motorola Device Manager Engine.job

2014-07-01 11:58 - 2013-01-29 12:58 - 00000452 _____ () C:\WINDOWS\Tasks\At3.job

2014-07-01 10:50 - 2013-05-30 14:29 - 00000000 ____D () C:\Documents and Settings\All Users\Lx_cats

2014-07-01 10:10 - 2013-01-29 12:58 - 00000452 _____ () C:\WINDOWS\Tasks\At1.job

2014-07-01 08:44 - 2012-10-01 16:48 - 00000000 ____D () C:\Documents and Settings\A7AS\Local Settings\Application Data\Google

2014-07-01 08:37 - 2013-02-05 21:33 - 00000306 _____ () C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job

2014-06-30 13:00 - 2013-08-10 16:59 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2014-06-30 09:24 - 2014-06-30 09:24 - 00001819 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

2014-06-30 09:24 - 2014-06-30 09:24 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome

2014-06-30 09:23 - 2013-03-14 16:27 - 00000000 ____D () C:\Program Files\Google

2014-06-29 20:40 - 2013-01-29 12:58 - 00000452 _____ () C:\WINDOWS\Tasks\At2.job

2014-06-26 16:50 - 2009-09-16 14:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968816_WM9$

2014-06-26 16:30 - 2014-05-05 11:17 - 00000000 ____D () C:\Program Files\save nett

2014-06-26 10:45 - 2014-06-26 09:44 - 00053208 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-06-26 10:28 - 2012-10-10 22:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$

2014-06-26 09:51 - 2014-06-26 09:47 - 00000000 ____D () C:\Program Files\Advanced Fix 2013

2014-06-26 09:47 - 2014-06-26 09:47 - 00000766 _____ () C:\Documents and Settings\All Users\Desktop\Advanced Fix 2013.lnk

2014-06-26 09:47 - 2014-06-26 09:47 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Advanced Fix 2013

2014-06-26 09:44 - 2014-06-26 09:44 - 00000783 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-26 09:44 - 2014-06-26 09:44 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-06-26 09:44 - 2014-06-26 09:44 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-26 09:36 - 2009-09-18 12:57 - 00000000 ____D () C:\WINDOWS\pss

2014-06-26 09:36 - 2009-09-16 07:04 - 00000211 __RSH () C:\boot.ini

2014-06-26 09:36 - 2006-02-28 06:00 - 00000921 _____ () C:\WINDOWS\win.ini

2014-06-26 09:36 - 2006-02-28 06:00 - 00000227 _____ () C:\WINDOWS\system.ini

2014-06-26 09:17 - 2014-06-25 08:54 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software

2014-06-26 08:46 - 2014-06-26 08:46 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf

2014-06-26 08:45 - 2014-06-26 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallwinusb0200$

2014-06-26 08:43 - 2012-10-01 13:41 - 00000000 __SHD () C:\WINDOWS\CSC

2014-06-25 09:32 - 2014-06-25 09:32 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-06-25 09:31 - 2014-06-25 09:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java

2014-06-25 09:30 - 2014-06-25 09:31 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe

2014-06-25 09:30 - 2014-06-25 09:31 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe

2014-06-25 09:30 - 2014-06-25 09:31 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

2014-06-25 09:30 - 2014-06-25 09:31 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl

2014-06-25 09:30 - 2014-06-25 09:31 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll

2014-06-25 09:11 - 2014-05-05 11:20 - 00000000 ____D () C:\Documents and Settings\A7AS\Local Settings\Application Data\Temp

2014-06-25 08:56 - 2014-06-25 08:56 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys.1403704746625

2014-06-25 08:56 - 2014-06-25 08:56 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswrdr.sys.1403704746625

2014-06-25 08:38 - 2014-06-25 08:38 - 00000000 ____D () C:\Documents and Settings\A7AS\My Documents\Simply Super Software

2014-06-25 08:38 - 2014-06-25 08:37 - 00000000 ____D () C:\Documents and Settings\A7AS\Application Data\Simply Super Software

2014-06-25 08:37 - 2014-06-25 08:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Simply Super Software

2014-06-23 08:04 - 2006-02-28 06:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl

2014-06-19 13:16 - 2014-06-19 13:16 - 00000842 _____ () C:\Documents and Settings\A7AS\Desktop\Shortcut to ACC injury claim form.pdf.lnk

2014-06-19 13:16 - 2014-06-19 13:16 - 00000837 _____ () C:\Documents and Settings\A7AS\Desktop\Shortcut to ACC Wellness Benefit.pdf.lnk

2014-06-16 13:14 - 2014-06-16 13:14 - 00005605 _____ () C:\Documents and Settings\A7AS\My Documents\BB823B8755.csv

2014-06-16 08:01 - 2013-11-07 08:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive

2014-06-16 07:36 - 2014-06-16 07:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-16 07:36 - 2014-06-16 07:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus

2014-06-16 07:36 - 2013-02-02 15:54 - 00001781 _____ () C:\Documents and Settings\All Users\Desktop\McAfee Security Scan Plus.lnk

2014-06-16 07:36 - 2012-11-02 09:36 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\McAfee Security Scan

2014-06-12 09:36 - 2014-03-27 12:58 - 00000000 ____D () C:\Documents and Settings\A7AS\Desktop\AFLAC logos

2014-06-11 14:59 - 2014-06-02 09:14 - 00258310 ____S () C:\WINDOWS\8JVFLKZC.RTY

2014-06-11 12:23 - 2014-06-10 12:36 - 00096767 _____ () C:\WINDOWS\8JVFLKZC.INV

2014-06-11 12:23 - 2008-01-21 12:57 - 00000000 ____S () C:\WINDOWS\8JVFLKZC.DDP

2014-06-10 20:33 - 2013-02-05 21:33 - 00000324 _____ () C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job

2014-06-08 12:53 - 2014-03-10 12:53 - 00000476 _____ () C:\WINDOWS\Tasks\Motorola Device Manager Update.job

2014-06-05 13:57 - 2009-09-16 07:07 - 00634624 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-06-05 11:45 - 2014-06-05 11:45 - 00012023 _____ () C:\Documents and Settings\A7AS\My Documents\SEAHP Svcin Copy  RENFROES OFFICE.xlsx

2014-06-04 10:55 - 2014-06-04 10:35 - 00000248 _____ () C:\Documents and Settings\All Users\lxdqDiagnostics.log

2014-06-04 10:35 - 2014-06-04 10:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Lexmark Z2400 Series

2014-06-02 09:10 - 2009-09-17 12:04 - 00000000 ____D () C:\Program Files\WorksitePro

 

Files to move or delete:

====================

C:\Windows\Tasks\At1.job

C:\Windows\Tasks\At2.job

C:\Windows\Tasks\At3.job

C:\Windows\Tasks\At4.job

 

 

Some content of TEMP:

====================

C:\Documents and Settings\1000\Local Settings\Temp\_is1DE.exe

C:\Documents and Settings\A7AS\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqjhqyh.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014

Ran by A7AS at 2014-07-02 08:51:36

Running from C:\Documents and Settings\A7AS\My Documents\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: Symantec AntiVirus Corporate Edition (Disabled - Up to date) {FB06448E-52B8-493A-90F3-E43226D3305C}

 

==================== Installed Programs ======================

 

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.7.186 - Adobe Systems Incorporated)

Acrobat.com (Version: 1.7.186 - Adobe Systems Incorporated) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)

Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Fix 2013 version 2.1.3.80 (HKLM\...\{0094D07C-1FFB-4450-8D10-AD7E05A318DF}_is1) (Version: 2.1.3.80 - Advanced Fix, Inc.)

Afaria Client (HKLM\...\Afaria Client) (Version: 6.60 - Sybase, Inc.)

Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)

Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)

Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.1.0 - Business Objects)

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

EncryptionByCredant (HKLM\...\InstallShield_{EE267D8A-CC91-4DB4-A389-89776359046D}) (Version: 1.04.0002 - AFLAC)

EncryptionByCredant (Version: 1.04.0002 - AFLAC) Hidden

Epson Connect (HKLM\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version:  - )

Epson Connect Printer Setup (HKLM\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION)

EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)

Epson E-Web Print (HKLM\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)

Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)

Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )

EPSON Printer Finder (HKLM\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)

EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON WF-2530 Series Printer Uninstall (HKLM\...\EPSON WF-2530 Series) (Version:  - SEIKO EPSON Corporation)

EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Drive (HKLM\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Integrated Module with Bluetooth wireless technology (HKLM\...\{84814E6B-2581-46EC-926A-823BD1C670F6}) (Version: 5.5.0.5800 - HP)

HP Officejet Pro 8600 Help (HKLM\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)

HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{669B49D6-BCA8-4F7C-9248-CE5677750285}) (Version: 25.0.619.0 - Hewlett-Packard Co.)

HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)

InterVideo WinDVD 8 (HKLM\...\InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}) (Version: 8.5-B0.143 - InterVideo Inc.)

InterVideo WinDVD 8 (Version: 8.5-B0.143 - InterVideo Inc.) Hidden

Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden

Juniper Networks Network Connect 6.0.0 (HKLM\...\Juniper Network Connect 6.0.0) (Version: 6.0.0.12507 - Juniper Networks)

Juniper Networks Network Connect 6.3.0 (HKLM\...\Juniper Network Connect 6.3.0) (Version: 6.3.0.13725 - Juniper Networks)

Juniper Networks Network Connect 6.5.0 (HKLM\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.16789 - Juniper Networks)

Juniper Networks Network Connect 7.1.15 (HKLM\...\Juniper Network Connect 7.1.15) (Version: 7.1.15.25271 - Juniper Networks)

Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)

Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.15.36013 - Juniper Networks, Inc.)

Lexmark Toolbar (HKLM\...\{1017A80C-6F09-4548-A84D-EDD6AC9525F0}) (Version: 4.0.53.0 - )

Lexmark Tools for Office (HKLM\...\{10812DE7-2E57-4740-B226-6B3BE34AF9D7}) (Version: 1.24.0.0 - )

Lexmark Z2400 Series (HKLM\...\Lexmark Z2400 Series) (Version:  - Lexmark International, Inc.)

LiveUpdate 3.1 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.1.0.90 - Symantec Corporation)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version:  - )

Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)

Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version:  - Microsoft Corporation) Hidden

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden

Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)

Microsoft Report Viewer Redistributable 2005 (Version: 8.0.50727.42 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)

Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden

Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)

Midland LifeSolutions (Version: 18.4 - Midland National) Hidden

Midland LifeSolutions (Version: 18.5 - Midland National) Hidden

Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)

Motorola Device Software Update (Version: 13.09.3001 - Motorola Mobility) Hidden

Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

Premium Quote (HKLM\...\Premium Quote) (Version:  - )

QuickBooks (Version: 23.0.4011.2305 - Intuit Inc.) Hidden

QuickBooks Pro 2013 (HKLM\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4001.2305 - Intuit Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Reflect Customer Database (HKLM\...\Reflect) (Version:  - NCH Software)

Rosetta Stone Version 3 (HKLM\...\{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}) (Version: 3.3.7.0 - Rosetta Stone Ltd.)

save nett (HKLM\...\{7DD5E91C-3864-77EC-7635-D14910C2A03E}) (Version: 4.3.0.1667 - siavve, nnet) <==== ATTENTION

SmartApp Next Generation (HKLM\...\{CB462BC7-4D16-44E9-AA8F-F8BB3A39DF60}) (Version: 1.03.4000 - AFLAC)

SmartPremium (HKLM\...\InstallShield_{391651FA-D9B3-476E-AE37-6E0A22A27735}) (Version: 1.00.0000 - AFLAC)

SmartPremium (Version: 1.00.0000 - AFLAC) Hidden

SN.Sustainer 1.80 (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{916e5338}) (Version:  - Certified Publisher) <==== ATTENTION

SNG Prerequisites (HKLM\...\{F5AD8A16-56B5-4D92-AD8A-6DD7058D081B}) (Version: 1.00.1000 - AFLAC)

SNGCoreUpgrade (HKLM\...\InstallShield_{9D02381C-397E-4FDE-B127-BE6B78202CB4}) (Version: 35.11.2012 - AFLAC)

SNGCoreUpgrade (Version: 35.11.2012 - AFLAC) Hidden

Software Updater (HKLM\...\{B9802DDC-53FD-4D44-A81D-49DC80448614}) (Version: 4.2.6 - SEIKO EPSON CORPORATION)

SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.10.01.7240 - Analog Devices)

Symantec AntiVirus (HKLM\...\{33CFCF98-F8D6-4549-B469-6F4295676D83}) (Version: 10.1.5000.5 - Symantec Corporation)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.13.2 - Synaptics)

Topaz 4X5  WinTab Driver v2.16 (HKLM\...\Topaz 4X5  WinTab Driver v2.16) (Version: 2.16 - Topaz Systems, Inc.)

Topaz e-Signatures SigPlus 3.55 (HKLM\...\Topaz e-Signatures SigPlus 3.55) (Version: 3.55 - Topaz Systems, Inc.)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)

Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB943729) (HKLM\...\KB943729) (Version:  - Microsoft Corporation)

Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden

Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)

Update for Windows XP (KB978207) (Version: 1 - Microsoft Corporation) Hidden

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)

Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)

Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)

Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)

Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )

Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden

Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )

Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden

Windows PowerShell 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

Windows PowerShell 1.0 MUI pack (HKLM\...\KB926141) (Version: 2 - Microsoft Corporation)

Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)

Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

WinZip (HKLM\...\WinZip) (Version:  - )

WorksitePro (HKLM\...\{2C6F48C2-0A1D-478B-8AED-B5DB2ABD14FB}) (Version: 2.51.0344 - ETI Benefits)

 

==================== Restore Points  =========================

 

01-04-2014 20:44:34 System Checkpoint

03-04-2014 17:54:58 System Checkpoint

15-04-2014 14:08:02 Installed Windows XP Wdf01009.

16-04-2014 17:28:53 System Checkpoint

17-04-2014 20:29:32 System Checkpoint

18-04-2014 21:38:06 System Checkpoint

19-04-2014 23:08:05 System Checkpoint

21-04-2014 00:38:05 System Checkpoint

22-04-2014 02:03:28 System Checkpoint

23-04-2014 02:07:23 System Checkpoint

24-04-2014 03:14:04 System Checkpoint

28-04-2014 20:28:18 System Checkpoint

29-04-2014 20:29:29 System Checkpoint

30-04-2014 21:38:38 System Checkpoint

01-05-2014 23:08:56 System Checkpoint

03-05-2014 00:38:38 System Checkpoint

04-05-2014 02:08:37 System Checkpoint

05-05-2014 03:38:38 System Checkpoint

05-05-2014 16:34:52 Removed Ask Toolbar.

05-05-2014 17:21:13 Software Distribution Service 3.0

05-05-2014 19:35:50 Installed Windows Internet Explorer 8.

05-05-2014 19:39:00 Software Distribution Service 3.0

06-05-2014 16:18:55 Installed Java 7 Update 55

07-05-2014 20:30:16 System Checkpoint

08-05-2014 21:29:35 System Checkpoint

09-05-2014 22:59:47 System Checkpoint

11-05-2014 00:29:35 System Checkpoint

12-05-2014 01:59:34 System Checkpoint

13-05-2014 03:29:34 System Checkpoint

14-05-2014 04:36:39 System Checkpoint

14-05-2014 16:51:05 Removed Maxload Pro Demo

14-05-2014 16:55:34 Removed HP Officejet Pro 8600 Basic Device Software

15-05-2014 14:04:29 Installed Microsoft Office Enterprise 2007

15-05-2014 14:51:27 Printer Driver Send To Microsoft OneNote Driver Installed

15-05-2014 15:59:52 Configured Microsoft Office Enterprise 2007

16-05-2014 17:06:08 System Checkpoint

17-05-2014 18:36:00 System Checkpoint

18-05-2014 20:06:00 System Checkpoint

19-05-2014 20:16:35 System Checkpoint

20-05-2014 23:06:44 Installed Rosetta Stone Version 3

21-05-2014 23:07:32 System Checkpoint

23-05-2014 00:37:41 System Checkpoint

24-05-2014 02:07:32 System Checkpoint

25-05-2014 03:37:32 System Checkpoint

26-05-2014 05:07:32 System Checkpoint

27-05-2014 06:37:32 System Checkpoint

28-05-2014 08:07:46 System Checkpoint

29-05-2014 09:37:40 System Checkpoint

02-06-2014 20:33:45 System Checkpoint

03-06-2014 21:43:44 System Checkpoint

04-06-2014 23:13:48 System Checkpoint

06-06-2014 00:43:55 System Checkpoint

07-06-2014 02:13:43 System Checkpoint

08-06-2014 03:43:43 System Checkpoint

09-06-2014 05:13:43 System Checkpoint

10-06-2014 06:43:44 System Checkpoint

11-06-2014 08:13:49 System Checkpoint

12-06-2014 09:38:49 System Checkpoint

16-06-2014 15:39:18 System Checkpoint

17-06-2014 20:30:24 System Checkpoint

23-06-2014 13:45:30 System Checkpoint

25-06-2014 13:55:17 avast! antivirus system restore point

26-06-2014 13:46:03 Installed Windows XP winusb0200.

26-06-2014 14:14:20 avast! antivirus system restore point

27-06-2014 14:26:30 System Checkpoint

28-06-2014 15:56:28 System Checkpoint

29-06-2014 17:26:28 System Checkpoint

30-06-2014 17:36:05 System Checkpoint

 

==================== Hosts content: ==========================

 

2006-02-28 06:00 - 2014-03-11 16:52 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe

Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe

Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe

Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Motorola Device Manager Engine.job => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe

Task: C:\WINDOWS\Tasks\Motorola Device Manager Update.job => C:\Program Files\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe

Task: C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1757981266-1482476501-839522115-1006.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1757981266-1482476501-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1757981266-1482476501-839522115-1006.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\ReclaimerResumeInstall_A7AS.job => C:\Documents and Settings\A7AS\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe

Task: C:\WINDOWS\Tasks\SN.Booster-S-469265631.job => c:\documents and settings\all users\application data\appready software\sn.booster\SN.Booster.exe <==== ATTENTION

 

==================== Loaded Modules (whitelisted) =============

 

2008-01-21 12:55 - 2007-05-08 11:57 - 00159822 _____ () C:\WINDOWS\system32\CredNP.dll

2013-05-30 14:28 - 2009-08-13 07:02 - 00147968 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxdqdrpp.dll

2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll

2010-01-21 12:37 - 2008-11-07 14:38 - 00122880 _____ () C:\WINDOWS\system32\MsWnetChk.exe

2010-01-21 12:37 - 2006-02-22 19:22 - 00110592 _____ () C:\WINDOWS\system32\WPSScanner.dll

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

2013-05-30 14:27 - 2010-02-04 04:17 - 00672424 _____ () C:\Program Files\Lexmark Z2400 Series\lxdqmon.exe

2013-05-30 14:27 - 2010-02-04 04:17 - 00025256 _____ () C:\Program Files\Lexmark Z2400 Series\lxdqMsdMon.exe

2013-05-30 14:27 - 2010-02-03 05:21 - 00028672 _____ () C:\Program Files\Lexmark Z2400 Series\App4R.Monitor.Common.dll

2013-05-30 14:27 - 2010-02-03 05:21 - 00036864 _____ () C:\Program Files\Lexmark Z2400 Series\App4R.Monitor.Core.dll

2013-05-30 14:27 - 2010-02-03 05:20 - 00065536 _____ () C:\Program Files\Lexmark Z2400 Series\app4r.devmons.mcmdevmon.dll

2013-05-30 14:27 - 2009-06-26 08:17 - 00012288 _____ () C:\Program Files\Lexmark Z2400 Series\app4r.devmons.mcmdevmon.autoplayutil.dll

2010-01-21 12:37 - 2008-11-07 14:38 - 00028672 _____ () C:\windows\system32\mschkprompt.exe

2010-01-21 12:37 - 2008-11-07 14:38 - 00032768 _____ () C:\windows\system32\MsSupCa.dll

2014-07-02 08:38 - 2014-07-02 08:38 - 00098816 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32api.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00110080 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\pywintypes27.dll

2014-07-02 08:38 - 2014-07-02 08:38 - 00364544 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\pythoncom27.dll

2014-07-02 08:38 - 2014-07-02 08:38 - 00045568 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_socket.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 01160704 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_ssl.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00320512 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32com.shell.shell.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00713216 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_hashlib.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 01175040 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._core_.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00805888 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._gdi_.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00811008 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._windows_.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 01062400 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._controls_.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00735232 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._misc_.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00128512 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_elementtree.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00127488 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\pyexpat.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00557056 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\pysqlite2._sqlite.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00007168 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\hashobjs_ext.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00087552 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_ctypes.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00119808 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32file.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00108544 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32security.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00018432 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32event.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00038912 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32inet.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00070656 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._html2.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00167936 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32gui.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00011264 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32crypt.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00027136 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\_multiprocessing.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00122368 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._wizard.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00010240 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\select.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00024064 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32pipe.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00686080 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\unicodedata.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00025600 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32pdh.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00525640 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\windows._lib_cacheinvalidation.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00035840 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32process.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00017408 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32profile.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00022528 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\win32ts.pyd

2014-07-02 08:38 - 2014-07-02 08:38 - 00078336 _____ () C:\Documents and Settings\A7AS\Local Settings\Temp\_MEI26122\wx._animate.pyd

2008-12-11 13:22 - 2008-12-11 13:22 - 02854976 _____ () C:\WINDOWS\system32\btwicons.dll

2008-12-11 13:20 - 2008-12-11 13:20 - 00069697 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll

2008-01-21 12:42 - 2010-01-21 12:37 - 00290816 ____N () C:\WINDOWS\Dll32Agent.Exe

2010-01-21 12:37 - 2010-01-21 12:37 - 00200704 __RSH () C:\WINDOWS\MSCAE32.dll

2010-01-21 12:37 - 2010-01-21 12:37 - 00172032 __RSH () C:\WINDOWS\system32\MSCHKSYS.DLL

2014-07-02 08:39 - 2014-07-02 08:39 - 00043008 _____ () c:\Documents and Settings\A7AS\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqjhqyh.dll

2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Documents and Settings\A7AS\Application Data\Dropbox\bin\libcef.dll

2013-11-15 18:45 - 2013-11-15 18:45 - 00269128 _____ () C:\PROGRAM FILES\INTUIT\QUICKBOOKS 2013\boost_regex-vc90-mt-p-1_33.dll

2006-02-28 06:00 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll

2006-02-28 06:00 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2014-06-30 09:24 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-30 09:24 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-30 09:24 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2014-06-30 09:24 - 2014-06-05 08:58 - 14612296 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CMGShield => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

MSCONFIG\startupreg: EPLTarget => 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/02/2014 08:41:38 AM) (Source: QuickBooks) (EventID: 4) (User: )

Description: An unexpected error has occured in "x; 2013":

DB error -739 ErrorMessage:'DBLib not initialized: error -739'

 

Error: (07/01/2014 08:44:23 AM) (Source: QuickBooks) (EventID: 4) (User: )

Description: An unexpected error has occured in "x; 2013":

DB error -739 ErrorMessage:'DBLib not initialized: error -739'

 

Error: (07/01/2014 08:40:04 AM) (Source: crypt32) (EventID: 8) (User: )

Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

 

Error: (06/26/2014 08:45:38 AM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\RECENT\DESKTOP.INI> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

Error: (06/25/2014 02:29:51 PM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\RECENT\DESKTOP.INI> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

Error: (06/25/2014 01:22:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\RECENT\DESKTOP.INI> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

Error: (06/25/2014 11:17:35 AM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\RECENT\DESKTOP.INI> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

Error: (06/25/2014 10:28:07 AM) (Source: Symantec AntiVirus) (EventID: 45) (User: AFLACA7AS)

Description: Risk: C:\WINDOWS\system32\taskmgr.exe in File: C:\Program Files\Symantec AntiVirus\Rtvscan.exe by: Tamper Protection scan.  Action: Blocked.  Action Description:

 

Error: (06/25/2014 09:58:02 AM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\RECENT\DESKTOP.INI> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

Error: (06/11/2014 01:03:17 PM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\DOCUMENTS AND SETTINGS\A7AS\MY DOCUMENTS\MY PICTURES\$$$$$$$$.$$$> in the hash map cannot be updated.

 

Context:  Application, SystemIndex Catalog

 

 

Details:

A device attached to the system is not functioning.   (0x8007001f)

 

 

System errors:

=============

Error: (07/02/2014 08:29:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Parallel port driver service failed to start due to the following error: 

%%1058

 

Error: (07/02/2014 08:29:03 AM) (Source: SCardSvr) (EventID: 602) (User: )

Description: WDM Reader driver initialization cannot open reader device:  The system cannot find the path specified.

 

Error: (07/01/2014 08:38:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

 

Error: (07/01/2014 08:37:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

 

Error: (07/01/2014 08:37:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Parallel port driver service failed to start due to the following error: 

%%1058

 

Error: (07/01/2014 08:36:11 AM) (Source: SCardSvr) (EventID: 602) (User: )

Description: WDM Reader driver initialization cannot open reader device:  The system cannot find the path specified.

 

Error: (06/26/2014 04:53:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

atapi

IntelIde

PCIIde

Pcmcia

 

Error: (06/26/2014 04:53:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Parallel port driver service failed to start due to the following error: 

%%1058

 

Error: (06/26/2014 04:52:12 PM) (Source: SCardSvr) (EventID: 602) (User: )

Description: WDM Reader driver initialization cannot open reader device:  The system cannot find the path specified.

 

Error: (06/26/2014 00:38:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for Description with the following error: 

%%5

 

 

Microsoft Office Sessions:

=========================

Error: (05/15/2014 11:06:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 434 seconds with 0 seconds of active time.  This session ended with a crash.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 87%

Total physical RAM: 1976.19 MB

Available physical RAM: 249.83 MB

Total Pagefile: 3868.28 MB

Available Pagefile: 2444.66 MB

Total Virtual: 2047.88 MB

Available Virtual: 1938.01 MB

 

==================== Drives ================================

 

Drive c: (OSdisk) (Fixed) (Total:134.04 GB) (Free:95.61 GB) NTFS ==>[Drive with boot components (Windows XP)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 2BD2C32A)

Partition 1: (Not Active) - (Size=15 GB) - (Type=17)

Partition 2: (Active) - (Size=134 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,CarpetDweller, and :welcome:

 

In scanning your logs, it looks like there may be some sort of infection on your system.  I would suggest that you read the topic https://forums.malwarebytes.org/index.php?/topic/119858-available-assistance-for-possibly-infected-computers/ and pick a method to have your system examined and follow the appropriate link inside.

 

HTH

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.