honeybee

Members

View Profile See their activity

Posts
3
Joined
April 16, 2014
Last visited
April 30, 2014

Reputation

0 Neutral

Need help removing pup. UTorrent

honeybee replied to honeybee's topic in Resolved Malware Removal Logs

Sorry for the late reply, hope I can still continue. I was not able to generate a second (Additions) file. Here's the (FRST) Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014 Ran by Poopie (administrator) on POOPIE-PC on 29-04-2014 21:27:40 Running from C:\Users\Poopie\Downloads Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe (Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE (Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Seiko Epson Corporation) C:\windows\system32\EscSvc64.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe (Spotify Ltd) C:\Users\Poopie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] => [X] HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\Run: [PPS Accelerator] => C:\PROGRA~2\PPStream\ppsap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\Run: [spotify Web Helper] => C:\Users\Poopie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-13] (Spotify Ltd) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-13] (Adobe Systems Incorporated) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: E - E:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {00e9a748-4adc-11e3-979a-1c750871e79d} - E:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {38e69de5-097b-11e0-bcce-1c750871e79d} - E:\LaunchU3.exe -a HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {3cc6547a-5bdb-11e2-a37b-1c750871e79d} - E:\LaunchU3.exe -a HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {5f3817c1-1d58-11e1-baf6-1c750871e79d} - E:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {662750ea-ced2-11e1-ba6a-1c750871e79d} - F:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {ce8f0a02-450f-11e1-b9b5-1c750871e79d} - E:\ToolLauncher-Bootstrap.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSND&bmod=TSND HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {E944FACD-91A1-494D-BD48-500FC4CBFF09} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM - {E944FACD-91A1-494D-BD48-500FC4CBFF09} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - DefaultScope {0F0DA93B-C132-46A9-99C1-0C9C96AC8F0C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - {0F0DA93B-C132-46A9-99C1-0C9C96AC8F0C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - {4F4D7286-87E2-48F0-98A2-5C65A4F70548} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND_enUS410US410 SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=US&ver=6 BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D00365CD-4CC2-4CA3-A864-A81453FE95D4}: [NameServer]0.0.0.0 FireFox: ======== FF ProfilePath: C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default FF SearchEngineOrder.3: Bing FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\windows\system32\TVUAx\npTVUAx.dll No File FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Poopie\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Poopie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Poopie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Poopie\AppData\Roaming\CATALI~2\NPBCSK~1.DLL No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\searchplugins\bingp.xml FF SearchPlugin: C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\searchplugins\safesearch.xml FF Extension: FT DeepDark - C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-04-16] FF Extension: WOT - C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-16] FF Extension: Bluhell Firewall - C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\Extensions\{6BB5760D-F97E-421B-AF5B-8457A90C3CED}.xpi [2014-04-16] FF Extension: QuickJava - C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-04-16] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-28] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-28] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-22] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-13] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-03-10] FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-16] CHR Extension: (Google Drive) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-16] CHR Extension: (YouTube) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-16] CHR Extension: (Google Search) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-16] CHR Extension: (Skype Click to Call) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-16] CHR Extension: (Norton Identity Protection) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-16] CHR Extension: (Google Wallet) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-03-16] CHR Extension: (Gmail) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-16] CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2014-03-16] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06] ==================== Services (Whitelisted) ================= R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.) R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] () R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-09-15] (Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-03-30] (Trusteer Ltd.) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-11] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-14] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140429.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140429.008\ENG64.SYS [126040 2014-03-07] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140429.008\EX64.SYS [2099288 2014-03-07] (Symantec Corporation) R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-11-09] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282968 2014-03-30] (Trusteer Ltd.) S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-03-30] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-03-30] (Trusteer Ltd.) R2 regi; C:\windows\SysWOW64\drivers\regi.sys [11032 2007-04-18] (InterVideo) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-12] (Symantec Corporation) R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-29 21:27 - 2014-04-29 21:27 - 00026346 _____ () C:\Users\Poopie\Downloads\FRST.txt 2014-04-29 21:27 - 2014-04-29 21:27 - 00000000 ____D () C:\Users\Poopie\Downloads\FRST-OlderVersion 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\DUMP_DICOM 2014-04-24 13:59 - 2014-04-24 13:59 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-04-24 13:59 - 2014-04-24 13:59 - 00001061 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-04-22 19:29 - 2014-04-22 19:29 - 00000000 ____D () C:\Users\dub_cm_auto 2014-04-15 22:35 - 2014-04-29 21:27 - 00000000 ____D () C:\FRST 2014-04-15 22:34 - 2014-04-29 21:27 - 02061824 _____ (Farbar) C:\Users\Poopie\Downloads\FRST64.exe 2014-04-15 22:12 - 2014-04-15 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-15 22:12 - 2014-03-17 22:11 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-15 22:12 - 2014-03-17 22:02 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe 2014-04-15 22:12 - 2014-03-17 22:02 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe 2014-04-15 22:12 - 2014-03-17 22:02 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe 2014-04-15 22:10 - 2014-04-15 22:12 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b13.log 2014-04-11 19:23 - 2014-04-11 19:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360 2014-04-11 19:15 - 2014-04-29 21:26 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Apple Computer 2014-04-11 19:15 - 2013-09-09 22:47 - 00078936 ____R (Symantec Corporation) C:\windows\system32\Drivers\SymIMV.sys 2014-04-11 19:14 - 2014-04-11 19:14 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Intel 2014-04-11 19:07 - 2014-04-11 19:07 - 00003132 _____ () C:\windows\System32\Tasks\{CCEEB00E-6AA5-49F8-8BAE-B8267021156D} 2014-04-11 06:38 - 2014-04-26 09:59 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-11 06:19 - 2014-04-11 06:19 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-11 06:19 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-11 06:19 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-04-04 06:31 - 2014-04-04 06:31 - 00000000 ____D () C:\Users\Poopie\AppData\Local\SoulseekQt 2014-04-04 06:04 - 2014-04-04 06:04 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\PC-Gizmos 2014-04-04 06:01 - 2014-04-29 21:10 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\uTorrent 2014-04-04 06:00 - 2014-04-04 06:00 - 00930952 _____ (CNET Download.com) C:\Users\Poopie\Downloads\cbsidlm-cbsi183-Soundcloud_Downloader-SEO-75738300.exe 2014-04-03 22:15 - 2014-04-03 22:15 - 00611320 _____ () C:\Users\Poopie\Downloads\RingtoneMakerSetup.exe ==================== One Month Modified Files and Folders ======= 2014-04-29 21:27 - 2014-04-29 21:27 - 00026346 _____ () C:\Users\Poopie\Downloads\FRST.txt 2014-04-29 21:27 - 2014-04-29 21:27 - 00000000 ____D () C:\Users\Poopie\Downloads\FRST-OlderVersion 2014-04-29 21:27 - 2014-04-15 22:35 - 00000000 ____D () C:\FRST 2014-04-29 21:27 - 2014-04-15 22:34 - 02061824 _____ (Farbar) C:\Users\Poopie\Downloads\FRST64.exe 2014-04-29 21:26 - 2014-04-11 19:15 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Apple Computer 2014-04-29 21:24 - 2014-03-16 13:33 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-29 21:23 - 2011-11-28 16:54 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA.job 2014-04-29 21:17 - 2010-12-07 21:01 - 01222981 _____ () C:\windows\WindowsUpdate.log 2014-04-29 21:15 - 2011-11-28 16:54 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core.job 2014-04-29 21:12 - 2011-08-22 19:42 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Spotify 2014-04-29 21:10 - 2014-04-04 06:01 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\uTorrent 2014-04-29 21:10 - 2011-08-22 19:42 - 00000000 ____D () C:\Program Files (x86)\Spotify 2014-04-29 21:06 - 2012-04-07 15:21 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-04-29 11:55 - 2014-03-16 13:33 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-29 11:51 - 2012-04-07 15:21 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 11:50 - 2012-04-07 15:21 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 11:50 - 2011-05-17 07:43 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-28 16:41 - 2014-04-28 16:41 - 00000000 ____D () C:\DUMP_DICOM 2014-04-27 16:31 - 2014-03-15 11:24 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\.minecraft 2014-04-26 15:37 - 2014-03-16 13:34 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-26 09:59 - 2014-04-11 06:38 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-24 13:59 - 2014-04-24 13:59 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-04-24 13:59 - 2014-04-24 13:59 - 00001061 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-04-22 19:29 - 2014-04-22 19:29 - 00000000 ____D () C:\Users\dub_cm_auto 2014-04-20 13:23 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-20 13:23 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-16 05:16 - 2009-07-14 01:13 - 00006222 _____ () C:\windows\system32\PerfStringBackup.INI 2014-04-16 05:10 - 2012-11-17 21:38 - 00109572 _____ () C:\windows\setupact.log 2014-04-16 05:10 - 2010-12-07 21:28 - 00000050 _____ () C:\windows\system32\SupplicantTest.log 2014-04-16 05:10 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-04-16 05:09 - 2010-08-30 01:00 - 01131126 _____ () C:\windows\PFRO.log 2014-04-16 05:09 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Branding 2014-04-15 22:35 - 2011-03-07 01:57 - 00000000 ____D () C:\Users\Poopie\AppData\Local\CrashDumps 2014-04-15 22:13 - 2014-01-24 23:52 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-15 22:12 - 2014-04-15 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-15 22:12 - 2014-04-15 22:10 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b13.log 2014-04-15 22:12 - 2014-03-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-11 19:23 - 2014-04-11 19:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360 2014-04-11 19:17 - 2013-09-17 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection 2014-04-11 19:16 - 2012-03-07 23:35 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration 2014-04-11 19:16 - 2012-03-07 23:33 - 00000000 ____D () C:\windows\system32\Drivers\N360x64 2014-04-11 19:14 - 2014-04-11 19:14 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Intel 2014-04-11 19:14 - 2014-01-12 22:24 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-04-11 19:14 - 2012-03-07 23:35 - 00002290 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-04-11 19:13 - 2014-01-22 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-11 19:12 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\IME 2014-04-11 19:07 - 2014-04-11 19:07 - 00003132 _____ () C:\windows\System32\Tasks\{CCEEB00E-6AA5-49F8-8BAE-B8267021156D} 2014-04-11 18:56 - 2012-08-19 23:08 - 00000000 ____D () C:\Program Files (x86)\PC Checkup 2014-04-11 06:19 - 2014-04-11 06:19 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-03-09 23:59 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Malwarebytes 2014-04-11 06:19 - 2012-08-07 02:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-09 05:27 - 2010-12-13 11:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 05:23 - 2013-07-23 06:29 - 00000000 ____D () C:\windows\system32\MRT 2014-04-09 05:12 - 2010-12-15 22:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-05 22:54 - 2012-08-19 23:09 - 00003966 _____ () C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan 2014-04-04 06:31 - 2014-04-04 06:31 - 00000000 ____D () C:\Users\Poopie\AppData\Local\SoulseekQt 2014-04-04 06:04 - 2014-04-04 06:04 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\PC-Gizmos 2014-04-04 06:00 - 2014-04-04 06:00 - 00930952 _____ (CNET Download.com) C:\Users\Poopie\Downloads\cbsidlm-cbsi183-Soundcloud_Downloader-SEO-75738300.exe 2014-04-04 00:29 - 2014-03-16 21:09 - 00021278 _____ () C:\Users\Poopie\Documents\Medical_2013.xlsx 2014-04-03 22:15 - 2014-04-03 22:15 - 00611320 _____ () C:\Users\Poopie\Downloads\RingtoneMakerSetup.exe 2014-04-03 09:51 - 2014-04-11 06:19 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-11 06:19 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-11 06:19 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-03-31 20:18 - 2011-11-28 16:54 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA 2014-03-31 20:18 - 2011-11-28 16:54 - 00003488 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core 2014-03-31 05:19 - 2014-03-16 13:33 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 05:19 - 2014-03-16 13:33 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-30 20:30 - 2011-11-22 07:14 - 00316312 _____ (Trusteer Ltd.) C:\windows\system32\Drivers\RapportKE64.sys ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-05 22:53 ==================== End Of Log ============================
- April 30, 2014
- 6 replies
Need help removing pup. UTorrent

honeybee replied to honeybee's topic in Resolved Malware Removal Logs

Hi Borislav! Thank you. Here's the (FRST.txt) Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014 Ran by Poopie (administrator) on POOPIE-PC on 15-04-2014 22:36:05 Running from C:\Users\Poopie\Downloads Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Microsoft Corporation) C:\windows\system32\WLANExt.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe (SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe (Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE (Symantec Corporation) C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe (Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TOSHIBA Corporation) C:\windows\system32\ThpSrv.exe (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Seiko Epson Corporation) C:\windows\system32\EscSvc64.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe (Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Spotify Ltd) C:\Users\Poopie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe (InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] => [X] HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-13] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475072 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\Run: [PPS Accelerator] => C:\PROGRA~2\PPStream\ppsap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\Run: [spotify Web Helper] => C:\Users\Poopie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-13] (Spotify Ltd) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-13] (Adobe Systems Incorporated) HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: E - E:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {00e9a748-4adc-11e3-979a-1c750871e79d} - E:\VZW_Software_upgrade_assistant.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {38e69de5-097b-11e0-bcce-1c750871e79d} - E:\LaunchU3.exe -a HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {3cc6547a-5bdb-11e2-a37b-1c750871e79d} - E:\LaunchU3.exe -a HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {5f3817c1-1d58-11e1-baf6-1c750871e79d} - E:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {662750ea-ced2-11e1-ba6a-1c750871e79d} - F:\ToolLauncher-Bootstrap.exe HKU\S-1-5-21-4248216778-1706330581-3612761400-1000\...\MountPoints2: {ce8f0a02-450f-11e1-b9b5-1c750871e79d} - E:\ToolLauncher-Bootstrap.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig?brand=TSND&bmod=TSND HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/ HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://start.toshiba.com/g/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/ URLSearchHook: HKCU - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {E944FACD-91A1-494D-BD48-500FC4CBFF09} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM - {E944FACD-91A1-494D-BD48-500FC4CBFF09} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - DefaultScope {0F0DA93B-C132-46A9-99C1-0C9C96AC8F0C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - {0F0DA93B-C132-46A9-99C1-0C9C96AC8F0C} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 SearchScopes: HKCU - {4F4D7286-87E2-48F0-98A2-5C65A4F70548} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSND_enUS410US410 SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=360&chn=retail&geo=US&ver=6 BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Toolbar: HKCU - No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D00365CD-4CC2-4CA3-A864-A81453FE95D4}: [NameServer]0.0.0.0 FireFox: ======== FF ProfilePath: C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default FF SearchEngineOrder.3: Bing FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\windows\system32\TVUAx\npTVUAx.dll No File FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Poopie\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Poopie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Poopie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Poopie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: CouponNetwork.com/CMDUniversalCouponPrintActivator - C:\Users\Poopie\AppData\Roaming\CATALI~2\NPBCSK~1.DLL No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol500.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Poopie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\Poopie\AppData\Roaming\Mozilla\Firefox\Profiles\xpmmyie4.default\searchplugins\bingp.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-28] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-28] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-22] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-01-13] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-03-10] FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-16] CHR Extension: (Google Drive) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-16] CHR Extension: (YouTube) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-16] CHR Extension: (Google Search) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-16] CHR Extension: (Skype Click to Call) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-16] CHR Extension: (Norton Identity Protection) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-16] CHR Extension: (Google Wallet) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16] CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-03-16] CHR Extension: (uTorrentControl2) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc [2014-03-16] CHR Extension: (Gmail) - C:\Users\Poopie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-16] CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Poopie\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17] CHR HKLM-x32\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files (x86)\Coupons.com CouponBar\chrome\Coupons.com.crx [2012-04-17] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06] CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Poopie\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17] ==================== Services (Whitelisted) ================= R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [176624 2014-02-13] (Coupons.com Inc.) R2 EpsonScanSvc; C:\windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] () R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation) R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe [132504 2013-09-15] (Symantec Corporation) R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [126392 2009-08-24] (Symantec Corporation) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120 2014-03-30] (Trusteer Ltd.) ==================== Drivers (Whitelisted) ==================== R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-18] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-11] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-14] (Symantec Corporation) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140414.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-15] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140415.005\ENG64.SYS [126040 2014-03-07] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140415.005\EX64.SYS [2099288 2014-03-07] (Symantec Corporation) R1 RapportCerberus_59849; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys [606672 2013-11-09] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [282968 2014-03-30] (Trusteer Ltd.) S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [316312 2014-03-30] (Trusteer Ltd.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [397848 2014-03-30] (Trusteer Ltd.) R2 regi; C:\windows\SysWOW64\drivers\regi.sys [11032 2007-04-18] (InterVideo) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-12] (Symantec Corporation) R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation) S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.) S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.) S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-15 22:36 - 2014-04-15 22:36 - 00026667 _____ () C:\Users\Poopie\Downloads\FRST.txt 2014-04-15 22:35 - 2014-04-15 22:36 - 00000000 ____D () C:\FRST 2014-04-15 22:34 - 2014-04-15 22:34 - 02054144 _____ (Farbar) C:\Users\Poopie\Downloads\FRST64.exe 2014-04-15 22:12 - 2014-03-17 22:11 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-15 22:12 - 2014-03-17 22:02 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe 2014-04-15 22:12 - 2014-03-17 22:02 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe 2014-04-15 22:12 - 2014-03-17 22:02 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe 2014-04-15 22:10 - 2014-04-15 22:12 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b13.log 2014-04-11 19:23 - 2014-04-11 19:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360 2014-04-11 19:15 - 2014-04-11 19:15 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Apple Computer 2014-04-11 19:15 - 2013-09-09 22:47 - 00078936 ____R (Symantec Corporation) C:\windows\system32\Drivers\SymIMV.sys 2014-04-11 19:14 - 2014-04-11 19:14 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Intel 2014-04-11 19:07 - 2014-04-11 19:07 - 00003132 _____ () C:\windows\System32\Tasks\{CCEEB00E-6AA5-49F8-8BAE-B8267021156D} 2014-04-11 06:38 - 2014-04-15 22:36 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-11 06:19 - 2014-04-11 06:19 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-11 06:19 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-11 06:19 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-04-04 06:31 - 2014-04-04 06:31 - 00000000 ____D () C:\Users\Poopie\AppData\Local\SoulseekQt 2014-04-04 06:04 - 2014-04-04 06:04 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\PC-Gizmos 2014-04-04 06:01 - 2014-04-11 19:07 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\uTorrent 2014-04-04 06:00 - 2014-04-04 06:00 - 00930952 _____ (CNET Download.com) C:\Users\Poopie\Downloads\cbsidlm-cbsi183-Soundcloud_Downloader-SEO-75738300.exe 2014-04-04 05:58 - 2014-04-04 05:58 - 00000000 ____D () C:\Program Files (x86)\SoulseekQt 2014-04-04 05:57 - 2014-04-04 05:57 - 06161634 _____ () C:\Users\Poopie\Downloads\SoulseekQt-2014-2-14.exe 2014-04-04 05:16 - 2014-04-04 05:16 - 01671248 _____ (BitTorrent Inc.) C:\Users\Poopie\Downloads\uTorrent.exe 2014-04-03 22:20 - 2014-04-03 22:20 - 00001049 _____ () C:\Users\Poopie\Desktop\Ringtone Maker.lnk 2014-04-03 22:20 - 2014-04-03 22:20 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ringtone Maker 2014-04-03 22:20 - 2014-04-03 22:20 - 00000000 ____D () C:\Program Files (x86)\Ringtone Maker 2014-04-03 22:15 - 2014-04-03 22:15 - 00611320 _____ () C:\Users\Poopie\Downloads\RingtoneMakerSetup.exe 2014-03-29 10:09 - 2014-03-29 10:09 - 00001061 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-03-29 09:28 - 2014-03-29 09:28 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\EPSON 2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\TeamViewer 2014-03-28 23:30 - 2014-03-28 23:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-22 12:44 - 2014-03-22 12:44 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2014-03-22 12:43 - 2014-03-22 12:43 - 38157960 _____ (Amazon.com) C:\Users\Poopie\Downloads\KindleForPC-installer.exe 2014-03-16 21:09 - 2014-04-04 00:29 - 00021278 _____ () C:\Users\Poopie\Documents\Medical_2013.xlsx 2014-03-16 13:51 - 2014-03-16 13:51 - 02021384 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\couponprinter (1).exe 2014-03-16 13:49 - 2014-03-16 13:49 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinter.exe 2014-03-16 13:34 - 2014-04-11 05:14 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-16 13:34 - 2014-03-16 13:34 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Oracle 2014-03-16 13:33 - 2014-04-15 22:24 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-16 13:33 - 2014-04-15 05:24 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-16 13:33 - 2014-03-31 05:19 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-16 13:33 - 2014-03-31 05:19 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-16 13:31 - 2014-04-15 22:12 - 00000000 ____D () C:\Program Files (x86)\Java 2014-03-16 13:27 - 2014-03-16 13:27 - 00921000 _____ (Oracle Corporation) C:\Users\Poopie\Downloads\jxpiinstall.exe 2014-03-16 12:55 - 2014-03-16 12:55 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinterCPS(1).exe 2014-03-16 12:54 - 2014-03-16 12:54 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinterCPS.exe ==================== One Month Modified Files and Folders ======= 2014-04-15 22:36 - 2014-04-15 22:36 - 00026667 _____ () C:\Users\Poopie\Downloads\FRST.txt 2014-04-15 22:36 - 2014-04-15 22:35 - 00000000 ____D () C:\FRST 2014-04-15 22:36 - 2014-04-11 06:38 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-15 22:35 - 2011-03-07 01:57 - 00000000 ____D () C:\Users\Poopie\AppData\Local\CrashDumps 2014-04-15 22:34 - 2014-04-15 22:34 - 02054144 _____ (Farbar) C:\Users\Poopie\Downloads\FRST64.exe 2014-04-15 22:32 - 2012-04-07 15:21 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-04-15 22:24 - 2014-03-16 13:33 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-15 22:23 - 2011-11-28 16:54 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA.job 2014-04-15 22:13 - 2014-01-24 23:52 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-15 22:12 - 2014-04-15 22:10 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b13.log 2014-04-15 22:12 - 2014-03-16 13:31 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-15 22:04 - 2010-12-07 21:01 - 01068729 _____ () C:\windows\WindowsUpdate.log 2014-04-15 20:41 - 2011-11-28 16:54 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core.job 2014-04-15 05:24 - 2014-03-16 13:33 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-14 22:04 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-14 22:04 - 2009-07-14 00:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-14 22:02 - 2009-07-14 01:13 - 00006222 _____ () C:\windows\system32\PerfStringBackup.INI 2014-04-14 21:56 - 2012-11-17 21:38 - 00109516 _____ () C:\windows\setupact.log 2014-04-14 21:56 - 2010-12-07 21:28 - 00000050 _____ () C:\windows\system32\SupplicantTest.log 2014-04-14 21:56 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-04-11 19:23 - 2014-04-11 19:23 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360 2014-04-11 19:16 - 2012-03-07 23:35 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration 2014-04-11 19:16 - 2012-03-07 23:33 - 00000000 ____D () C:\windows\system32\Drivers\N360x64 2014-04-11 19:15 - 2014-04-11 19:15 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Apple Computer 2014-04-11 19:14 - 2014-04-11 19:14 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Intel 2014-04-11 19:14 - 2012-03-07 23:35 - 00002290 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-04-11 19:13 - 2014-01-22 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-11 19:13 - 2010-08-30 01:00 - 00828736 _____ () C:\windows\PFRO.log 2014-04-11 19:12 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\IME 2014-04-11 19:07 - 2014-04-11 19:07 - 00003132 _____ () C:\windows\System32\Tasks\{CCEEB00E-6AA5-49F8-8BAE-B8267021156D} 2014-04-11 19:07 - 2014-04-04 06:01 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\uTorrent 2014-04-11 18:56 - 2012-08-19 23:08 - 00000000 ____D () C:\Program Files (x86)\PC Checkup 2014-04-11 06:19 - 2014-04-11 06:19 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-04-11 06:19 - 2014-04-11 06:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-04-11 06:19 - 2014-03-09 23:59 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Malwarebytes 2014-04-11 06:19 - 2012-08-07 02:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-11 05:14 - 2014-03-16 13:34 - 00002154 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-09 05:27 - 2010-12-13 11:57 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 05:23 - 2013-07-23 06:29 - 00000000 ____D () C:\windows\system32\MRT 2014-04-09 05:12 - 2010-12-15 22:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-04-08 07:32 - 2011-08-22 19:42 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Spotify 2014-04-08 05:58 - 2011-08-22 19:42 - 00000000 ____D () C:\Users\Poopie\AppData\Local\Spotify 2014-04-05 22:54 - 2012-08-19 23:09 - 00003966 _____ () C:\windows\System32\Tasks\PC Checkup 3 Weekly Scan 2014-04-04 06:31 - 2014-04-04 06:31 - 00000000 ____D () C:\Users\Poopie\AppData\Local\SoulseekQt 2014-04-04 06:04 - 2014-04-04 06:04 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\PC-Gizmos 2014-04-04 06:00 - 2014-04-04 06:00 - 00930952 _____ (CNET Download.com) C:\Users\Poopie\Downloads\cbsidlm-cbsi183-Soundcloud_Downloader-SEO-75738300.exe 2014-04-04 05:58 - 2014-04-04 05:58 - 00000000 ____D () C:\Program Files (x86)\SoulseekQt 2014-04-04 05:57 - 2014-04-04 05:57 - 06161634 _____ () C:\Users\Poopie\Downloads\SoulseekQt-2014-2-14.exe 2014-04-04 05:16 - 2014-04-04 05:16 - 01671248 _____ (BitTorrent Inc.) C:\Users\Poopie\Downloads\uTorrent.exe 2014-04-04 00:29 - 2014-03-16 21:09 - 00021278 _____ () C:\Users\Poopie\Documents\Medical_2013.xlsx 2014-04-03 22:20 - 2014-04-03 22:20 - 00001049 _____ () C:\Users\Poopie\Desktop\Ringtone Maker.lnk 2014-04-03 22:20 - 2014-04-03 22:20 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ringtone Maker 2014-04-03 22:20 - 2014-04-03 22:20 - 00000000 ____D () C:\Program Files (x86)\Ringtone Maker 2014-04-03 22:15 - 2014-04-03 22:15 - 00611320 _____ () C:\Users\Poopie\Downloads\RingtoneMakerSetup.exe 2014-04-03 09:51 - 2014-04-11 06:19 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-11 06:19 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-11 06:19 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-03-31 20:18 - 2011-11-28 16:54 - 00003884 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA 2014-03-31 20:18 - 2011-11-28 16:54 - 00003488 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core 2014-03-31 05:19 - 2014-03-16 13:33 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-31 05:19 - 2014-03-16 13:33 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-30 20:30 - 2011-11-22 07:14 - 00316312 _____ (Trusteer Ltd.) C:\windows\system32\Drivers\RapportKE64.sys 2014-03-29 10:09 - 2014-03-29 10:09 - 00001061 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-03-29 09:31 - 2014-03-10 00:03 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Adobe 2014-03-29 09:28 - 2014-03-29 09:28 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\EPSON 2014-03-29 01:33 - 2014-03-29 01:33 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\TeamViewer 2014-03-28 23:30 - 2014-03-28 23:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-22 22:13 - 2012-02-07 09:31 - 00000000 ____D () C:\Users\Poopie\Documents\My Kindle Content 2014-03-22 12:44 - 2014-03-22 12:44 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2014-03-22 12:44 - 2013-08-04 21:23 - 00002249 _____ () C:\Users\Poopie\Desktop\Kindle.lnk 2014-03-22 12:43 - 2014-03-22 12:43 - 38157960 _____ (Amazon.com) C:\Users\Poopie\Downloads\KindleForPC-installer.exe 2014-03-22 09:50 - 2014-03-15 11:24 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\.minecraft 2014-03-18 17:21 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF 2014-03-17 22:11 - 2014-04-15 22:12 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll 2014-03-17 22:02 - 2014-04-15 22:12 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe 2014-03-17 22:02 - 2014-04-15 22:12 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe 2014-03-17 22:02 - 2014-04-15 22:12 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe 2014-03-16 13:51 - 2014-03-16 13:51 - 02021384 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\couponprinter (1).exe 2014-03-16 13:50 - 2011-03-03 22:31 - 00000000 ____D () C:\Program Files (x86)\Coupons 2014-03-16 13:49 - 2014-03-16 13:49 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinter.exe 2014-03-16 13:34 - 2014-03-16 13:34 - 00000000 ____D () C:\Users\Poopie\AppData\Roaming\Oracle 2014-03-16 13:34 - 2010-12-13 12:08 - 00000000 ____D () C:\Users\Poopie\AppData\Local\Google 2014-03-16 13:33 - 2010-08-30 00:43 - 00000000 ____D () C:\Program Files (x86)\Google 2014-03-16 13:27 - 2014-03-16 13:27 - 00921000 _____ (Oracle Corporation) C:\Users\Poopie\Downloads\jxpiinstall.exe 2014-03-16 12:55 - 2014-03-16 12:55 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinterCPS(1).exe 2014-03-16 12:54 - 2014-03-16 12:54 - 02021104 _____ (Coupons.com Incorporated) C:\Users\Poopie\Downloads\CouponPrinterCPS.exe Some content of TEMP: ==================== C:\Users\Poopie\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-05 22:53 ==================== End Of Log ============================ Here's the (Addition.txt) Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014 Ran by Poopie at 2014-04-15 22:36:59 Running from C:\Users\Poopie\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.) 136528 (HKLM-x32\...\PC Gizmos 136528) (Version: 83 - PC Gizmos LTD) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.1 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.) Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1995387008.48.56.12848498 - Audible, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.110 - Corel Inc.) Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.7) (Version: 5.0.0.7 - Coupons.com Incorporated) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft) Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version: - ) Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.41 - DivX, LLC) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) DVD MovieFactory for TOSHIBA (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) DVD MovieFactory for TOSHIBA (x32 Version: 7.0.0 - Corel Corporation) Hidden Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.2.0 - SEIKO EPSON CORPORATION) EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WF-3540 Series Printer Uninstall (HKLM\...\EPSON WF-3540 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION) Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{15CC861C-C69E-3758-8961-CE304C2595B6}) (Version: 4.4.2.14502 - Google) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden HDMI Control Manager (HKLM-x32\...\InstallShield_{63DA1F6A-2E65-4367-99B9-9E39FADEC446}) (Version: 2.0 - TOSHIBA CORPORATION) HDMI Control Manager (Version: 2.0 - TOSHIBA CORPORATION) Hidden HDMI Control Manager (x32 Version: 2.0 - TOSHIBA CORPORATION) Hidden HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel PROSet Wireless (Version: - ) Hidden Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.4.0 - Intel Corporation) Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation) Intel® PROSet/Wireless WiMAX Software (HKLM\...\{6548B189-BEA4-4041-80E0-AEB60548E046}) (Version: 2.03.0005 - Intel Corporation) Intel® Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - ) Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation) Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 6.0.0.74 - Symantec Corporation) Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.90.0 - NortonLive Services) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Quickbooks Financial Center (HKLM-x32\...\{3B843B38-04B1-4CE6-8888-586273E0F289}) (Version: 2.02 - TOSHIBA Corporation) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Rapport (Version: 3.5.1205.20 - Trusteer) Hidden Rapport (x32 Version: 3.5.1304.66 - Trusteer) Hidden Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.20.503.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.) Ringtone Maker 1.0 (HKLM-x32\...\Ringtone Maker) (Version: 1.0 - Tweaks) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2380.0 - SAMSUNG Electronics Co., Ltd.) Seagate Manager Installer (HKLM-x32\...\InstallShield_{25F31730-1B6C-4E8E-A3B9-818DC0CD961D}) (Version: 2.01.0013 - Seagate) Seagate Manager Installer (HKLM-x32\...\InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}) (Version: 2.01.0600 - Seagate) Seagate Manager Installer (x32 Version: 2.01.0600 - Seagate) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Software Updater (HKLM-x32\...\{B9802DDC-53FD-4D44-A81D-49DC80448614}) (Version: 4.2.6 - SEIKO EPSON CORPORATION) <==== ATTENTION SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - ) Spotify (HKCU\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB) Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - ) Spotydl 0.7.3 (HKLM-x32\...\Spotydl_is1) (Version: 0.7.3 - spotydl.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer) Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA) TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION) Toshiba Book Place (HKLM-x32\...\{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}) (Version: 2.0.3977.0 - K-NFB Reading Technology, Inc.) Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation) TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.12-A - TOSHIBA Corporation) TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.18.64 - TOSHIBA Corporation) TOSHIBA eco Utility (Version: 1.2.18.64 - TOSHIBA Corporation) Hidden TOSHIBA eco Utility (x32 Version: 1.2.18.64 - TOSHIBA Corporation) Hidden TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation) TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION) TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.6C - TOSHIBA CORPORATION) Hidden TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.26C - TOSHIBA CORPORATION) TOSHIBA Hardware Setup (x32 Version: 1.63.0.26C - TOSHIBA CORPORATION) Hidden TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.3.198 - Symantec Corporation) TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION) Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.1.64 - TOSHIBA Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation) TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.2 - TOSHIBA Corporation) TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION) TOSHIBA Supervisor Password (x32 Version: 1.63.0.9C - TOSHIBA CORPORATION) Hidden TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.14.64 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.3.14.64 - TOSHIBA Corporation) Hidden TOSHIBA Value Added Package (x32 Version: 1.3.14.64 - TOSHIBA Corporation) Hidden TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation) ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1304.66 - Trusteer) TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc) TurboTax 2010 WinPerFedFormset (x32 Version: 010.000.3441 - Intuit Inc.) Hidden TurboTax 2010 WinPerReleaseEngine (x32 Version: 010.000.0414 - Intuit Inc.) Hidden TurboTax 2010 WinPerTaxSupport (x32 Version: 010.000.0199 - Intuit Inc.) Hidden TurboTax 2010 wnjiper (x32 Version: 010.000.1174 - Intuit Inc.) Hidden TurboTax 2010 wrapper (x32 Version: 010.000.0157 - Intuit Inc.) Hidden Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{FC4DE34E-DA9E-4F02-9837-2E65F73A0234}) (Version: 1.11.0305 - Samsung Electronics Co., Ltd.) WildTangent Games App (Toshiba Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba) (Version: 4.0.5.31 - WildTangent) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) ==================== Restore Points ========================= 20-03-2014 00:52:27 Windows Update 29-03-2014 13:41:58 Installed Software Updater 06-04-2014 02:53:04 Scheduled Checkpoint 09-04-2014 09:09:02 Windows Update 11-04-2014 23:16:08 Installed Rapport 16-04-2014 02:08:26 Installed Java 7 Update 55 ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {4083F9F7-C6FE-462C-8CCC-2F28D63F14E9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4248216778-1706330581-3612761400-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {53E0630B-58B1-49E6-9114-11A0B0E85EF0} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {73C47A8D-A39D-4C3A-AF30-36EFF2507AED} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe [2014-03-11] (Symantec Corporation) Task: {90E23A45-6C52-4BE4-A10C-3F78E10E283C} - System32\Tasks\{ECD36F31-320A-410B-AE8D-881BF7CBCA54} => C:\Program Files (x86)\Skype\\Phone\Skype.exe Task: {92211AC7-67AD-49DE-84FC-6C3B6CAB57A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core => C:\Users\Poopie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14] (Google Inc.) Task: {9D01F057-12E4-419A-B8C4-56C40838F574} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {A552DD61-7C06-44B6-83B2-B3EE0CF20D70} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {B615A259-9AAD-4B0E-89D3-F77006B1C732} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.) Task: {BC47F2CB-5266-489B-8311-9762044190FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C682E69E-C270-4727-9D74-788B41789A71} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA => C:\Users\Poopie\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-14] (Google Inc.) Task: {D287C1B3-AF26-4304-9A48-2C2EFFB01952} - System32\Tasks\PC Checkup 3 Weekly Scan => C:\Program Files (x86)\PC Checkup\NLAppLauncher.exe [2013-09-15] (Symantec Corporation) Task: {D9709760-C321-4910-ACC7-890581475C5C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated) Task: {F045D365-7D94-4766-B42F-2DC68780C45C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-16] (Google Inc.) Task: {FE066DC0-CA30-4838-ACF5-B86A6F9B6C6C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4248216778-1706330581-3612761400-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000Core.job => C:\Users\Poopie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4248216778-1706330581-3612761400-1000UA.job => C:\Users\Poopie\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-03-05 13:21 - 2010-03-05 13:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2012-05-20 12:07 - 2014-02-09 10:19 - 01125592 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-06-27 15:09 - 2012-06-27 15:09 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2011-02-02 01:14 - 2011-02-02 01:14 - 00854016 _____ () C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll 2011-02-02 01:14 - 2011-02-02 01:14 - 00476520 _____ () C:\windows\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll 2014-03-28 23:30 - 2014-03-28 23:30 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-04-11 05:14 - 2014-04-01 21:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll 2014-04-11 05:14 - 2014-04-01 21:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll 2014-04-11 05:14 - 2014-04-01 21:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll 2014-04-11 05:14 - 2014-04-01 21:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll 2014-04-11 05:14 - 2014-04-01 21:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll 2014-04-11 05:14 - 2014-04-01 21:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==================== Faulty Device Manager Devices ============= Name: Photosmart Prem C310 series Description: Photosmart Prem C310 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart Prem C310 series Description: Photosmart Prem C310 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart Prem C310 series Description: Photosmart Prem C310 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart Prem C310 series Description: Photosmart Prem C310 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Photosmart Prem C310 series Description: Photosmart Prem C310 series Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/15/2014 10:33:25 PM) (Source: Application Error) (User: ) Description: Faulting application name: mbam.exe, version: 1.0.0.500, time stamp: 0x533d8de2 Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e Exception code: 0x40000015 Fault offset: 0x0008d6fd Faulting process id: 0xd48 Faulting application start time: 0xmbam.exe0 Faulting application path: mbam.exe1 Faulting module path: mbam.exe2 Report Id: mbam.exe3 Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19781 Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19781 Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 18751 Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 18751 Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17597 Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17597 Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (04/14/2014 09:56:17 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 9:54:19 PM on ‎4/‎14/‎2014 was unexpected. Error: (04/11/2014 07:15:43 PM) (Source: DCOM) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (04/11/2014 07:10:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll Error: (04/11/2014 07:09:35 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TOSHIBA eco Utility Service service. Error: (04/11/2014 07:09:05 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapportMgmtService service. Error: (04/11/2014 05:07:40 AM) (Source: Server) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{F74F7C84-8C7F-4BE1-B24C-DA86FB627C24} because another computer on the network has the same name. The server could not start. Error: (04/09/2014 05:00:56 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TrustedInstaller service. Error: (04/08/2014 05:23:18 AM) (Source: BROWSER) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{F74F7C84-8C7F-4BE1-B24C-DA86FB627C24}. The backup browser is stopping. Error: (04/06/2014 04:44:36 PM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WiMAXAppSrv service. Error: (04/06/2014 09:09:13 AM) (Source: Service Control Manager) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. Microsoft Office Sessions: ========================= Error: (04/15/2014 10:33:25 PM) (Source: Application Error)(User: ) Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd4801cf584df38b770eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll7bf4717d-c50f-11e3-ab1e-1c750871e79d Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19781 Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19781 Error: (04/15/2014 08:57:06 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 18751 Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 18751 Error: (04/15/2014 08:57:05 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17597 Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: m->NextScheduledEvent 17597 Error: (04/15/2014 08:57:04 PM) (Source: Bonjour Service)(User: ) Description: Task Scheduling Error: Continuously busy for more than a second CodeIntegrity Errors: =================================== Date: 2013-04-27 16:21:33.705 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 16:21:33.525 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 16:21:33.265 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system. Date: 2013-04-27 16:21:33.045 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 20:25:12.540 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 20:25:12.451 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 19:51:12.715 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 19:51:12.575 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 19:51:11.985 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system. Date: 2012-10-22 19:51:11.845 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 63% Total physical RAM: 3890.67 MB Available physical RAM: 1414.87 MB Total Pagefile: 7779.48 MB Available Pagefile: 4998.59 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (TI105957W0F) (Fixed) (Total:452.7 GB) (Free:83.32 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: D0CECDEE) Partition: GPT Partition Type. ==================== End Of Log ============================
- April 17, 2014
- 6 replies
Need help removing pup. UTorrent

honeybee posted a topic in Resolved Malware Removal Logs

Hi, After running malwarebytes, I realized I was infected by pup from the UTorrent I had downloaded a few weeks back. I cleaned it up as routine and I uninstalled UTorrent, but the pup from UTorrent is still showing up in the scan from malwarebytes. Could really use the help in getting rid of these? Thank you.
- April 16, 2014
- 6 replies

Sign In

honeybee

Posts

Joined

Last visited

Reputation

Need help removing pup. UTorrent

Need help removing pup. UTorrent

Need help removing pup. UTorrent

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information