Solved Malware?

camshell

Posts: 28   +0
Hello there im new to this forum hope I am doing this correctly

I was hoping for some help of you guys :)

when I open chrome I get this
404. That’s an error.

The requested URL /ig/redirectdomain?brand=TEUA&bmod=TEUA was not found on this server.That’s all we know.

I have run malware bytes and adw cleaner but it is still there when you open chrome
thanks for reading
john.
 
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.


Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Hello thank you so much for answering :)
scan log ..
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26/08/2014
Scan Time: 10:17:57
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.26.01
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tosh

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 303886
Time Elapsed: 32 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 85
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native\libs, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\adapter, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\abstractbutton, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\abstractbutton\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\alert, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\alert\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\icons, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\generic, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\generic\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\link, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\link\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\images, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\rss, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\rss\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\thirdparty, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\thirdparty\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\uninstall, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\uninstall\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\weather, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\weather\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\foreground, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\radioWrapper, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\background, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\_metadata, Quarantined, [85a4c803403b4bebd7c860686d955da3],
 
Files: 199
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_howtosimplified.dl.tb.ask.com_0.localstorage, Quarantined, [2306a328d8a381b5b97f758d2bd88779],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_howtosimplified.dl.tb.ask.com_0.localstorage-journal, Quarantined, [4fda814a90ebb68092a6cc36d132cd33],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kamaleideepgjgcjbjhamhchimbdfkmi_0.localstorage, Quarantined, [6bbe5675d5a6e551855f8680a45f33cd],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kamaleideepgjgcjbjhamhchimbdfkmi_0.localstorage-journal, Quarantined, [6fba319a88f3999d588cb650ba4957a9],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\buildVars.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\config.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\contentScript.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\contentScript.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\extension_toolbar_api.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\initWidgetWindow.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\manifest.json, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\options.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\spent.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\spent.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\spent.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\superFrame.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\toolbar.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\toolbar.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\toolbarUI.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\toolbarUI.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\toolbarUI.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native\ce.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native\ss.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native\libs\jquery-1.7.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\native\libs\jquery-1.9.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\adapter\adapterUtil.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\adapter\widget-adapter.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\abstractbutton\background\abstractButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\alert\background\alertButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\background\embedHtmlWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\html\embedHtmlTemplate.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedhtml\js\embedHtmlUI.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\background\embedScriptWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\html\embedScriptTemplate.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\embedscript\js\embedScriptUI.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\background\FlareWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\icons\Icon_Flare_blue.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\icons\Icon_Flare_pink.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\flare\icons\Thumbs.db, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\generic\background\GenericWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\link\background\linkButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\README.txt, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\background\menuButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\css\menuframe.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\html\menuframe.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\images\right_arrow.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\images\right_arrow_white.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\js\jquery-1.7.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\js\menuframe.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\js\query-string.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\menu\js\underscore-1.3.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\rss\background\RssWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\thirdparty\background\thirdPartyWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\uninstall\background\uninstallButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\components\weather\background\weatherButton.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\blacklistService.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\common.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\dynamic.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\enableDetect.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\eventListening.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\global.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\jquery-1.7.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\list-interaction.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\messageEventListener.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\navRedirector.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\paramReplacer.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\PartnerId.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\set.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\underscore-1.3.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\underscore-1.5.2.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\js\unifiedLogging.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widget-context-1.0.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\common.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\eventListening.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\list-interaction.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\set.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\radio-widget.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\css\radio-widget.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\js\radio-custom.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\js\radio-parser.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\radio\js\radio-widget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss\rssWidget.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\rss\js\rss-widget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\invalid.json, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\jquery.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\qunit.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\qunit.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\resource.json, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\resource.xml, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\testWidget.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\test\testWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\widget.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\css\widget.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\js\topapps-config.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\topapps\js\widget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather\weatherButton.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather\css\weatherButton.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\common\widget-api\widgets\weather\js\weather.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\background\ApiBasedWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\background\widget-api-impl.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window\hiddenWidgetWindow.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window\hiddenWidgetWindow.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window\hiddenWidgetWindowInit.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window\widgetWindow.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\api\window\widgetWindow.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\background\updateSearch.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\background\updateSearchPromptBg.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\07_buttons2.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\08_buttons2.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\defaultSearchModal.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\tvf_btn_ok.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\tvf_btn_ok2.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\tvf_restart_icon.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\defaultSearch\foreground\updateSearchPromptFg.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\background\MovieReviewsWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\css\movieReviews.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\html\movieReviews.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\moviereviews\js\movieReviews.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\background\RadioWidget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\css\toolbar-item.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\foreground\button.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\radioWrapper\radioWrapper.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\radio\radioWrapper\radioWrapper.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\background\searchBox.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\html\searchSuggestions.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\html\searchSuggestions.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\html\searchSuggestions.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\search\html\searchSuggestionsInit.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\css\supertab.css, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\html\supertab.html, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\newtabfork.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\reporting.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\srchsugg.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\supertab.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\unifiedLogging.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\components\supertab\js\__utm.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\arrowSprite.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\icon128.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\icon16.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\icon19disabled.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\icon19on.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\icon48.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\icons\tb_icon_search_disappearing_ask.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222123971.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222123974.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222123996.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222124008.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222124022.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\222124038.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\down_arrow.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\IDR_PRODUCT_LOGO_16.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\IDR_WEBSTORE_ICON.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\magnifying_glass.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\RadioPlayerSprite.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\search_button.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\tvf_icon_guide.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\tvf_logo.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\images\wrench.png, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\options.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\chromeUtils.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\exeManager.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\exePackageManager.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\focusManager.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\globalBlacklistManager.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\messaging.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\mutation_summary-min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\mutation_summary.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\newTabInfo.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\newTabInitialize.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\readLocalStorage.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\reservespacefortoolbar.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\reservespaceifenabled.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\scriptInjector.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\searchContext.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\settingsOverrides.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\toolbarCookieParser.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\toolbarPreinit.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\underscore-1.3.1.min.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\URILoaderContentScript.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\Widget.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\widgetFactory.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\js\widgetWindowManager.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared\HttpURL.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared\rsvp-latest.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared\unifiedLogging.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared\universalConsole.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\shared\utils.js, Quarantined, [85a4c803403b4bebd7c860686d955da3],
PUP.Optional.MindSpark.A, C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\kamaleideepgjgcjbjhamhchimbdfkmi\10.82.4.29839_0\_metadata\verified_contents.json, Quarantined, [85a4c803403b4bebd7c860686d955da3],

Physical Sectors: 0
(No malicious items detected)


(end)
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 26/04/2014 04:35:38
System Uptime: 27/08/2014 09:31:12 (1 hours ago)
.
Motherboard: AMD | | Inagua
Processor: AMD E-450 APU with Radeon(tm) HD Graphics | Socket FT1 | 1650/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 297 GiB total, 193.851 GiB free.
D: is FIXED (NTFS) - 298 GiB total, 103.493 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP39: 05/08/2014 16:31:49 - Windows Update
RP40: 12/08/2014 10:38:21 - Windows Update
RP41: 13/08/2014 23:59:40 - Windows Update
RP42: 18/08/2014 22:03:38 - Installed inSSIDer Home
RP43: 19/08/2014 16:29:26 - Windows Update
RP44: 26/08/2014 10:07:03 - Installed Java 7 Update 67
RP45: 26/08/2014 10:07:05 - Windows Update
.
==== Installed Programs ======================
.
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader X MUI
aioscnnr
AMD Media Foundation Decoders
AMD VISION Engine Control Center
ASIO4ALL
Atheros Bluetooth Filter Driver Package
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Atheros Driver Installation Program
ATI Catalyst Install Manager
Battlelog Web Plugins
BBC iPlayer Desktop
Bejeweled 2 Deluxe
Bejeweled 3
Bluetooth Stack for Windows by Toshiba
C4USelfUpdater
Canon MG5300 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
center
Chicken Invaders 3 - Revenge of the Yolk
Chuzzle Deluxe
Comodo Dragon
COMODO Internet Security Premium
Conexant HD Audio
D3DX10
Diner Dash 2 Restaurant Rescue
ESN Sonar
essentials
FATE
Final Drive: Nitro
FL Studio 11
FlowStone FL 3.0
GeekBuddy
GIMP 2.8.10
Glary Utilities 5.5
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
High-Definition Video Playback
IL Shared Libraries
Insaniquarium Deluxe
inSSIDer Home
iSnooker 2.2.53
Java 7 Update 67
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Kodak AIO Printer
KODAK AiO Software
Malwarebytes Anti-Malware version 2.0.2.1012
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Express 10
Nero Express 10 Help (CHM)
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero Multimedia Suite 10 Essentials
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
NeroKwikMedia Help (CHM)
ocr
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
PokerStars
Polar Bowler
PreReq
PrintProjects
PrivDog
Realtek USB 2.0 Reader Driver
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Skype™ 6.11
Slingo Deluxe
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Supervisor Password
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless LAN Indicator
TRORMCLauncher
Update Installer for WildTangent Games App
Wedding Dash 2 - Rings Around the World
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalleri
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
Windows Live Mesh ActiveX-objekt til fjernforbindelser
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Meshin etäyhteyksien ActiveX-komponentti
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Liven asennustyökalu
Windows Liven sähköposti
Windows Liven valokuvavalikoima
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
27/08/2014 09:34:23, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BITS service.
27/08/2014 09:33:55, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
27/08/2014 09:33:55, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
27/08/2014 09:33:55, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
27/08/2014 09:33:43, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
27/08/2014 09:33:37, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239 BrowserJavaVersion: 10.67.2
Run by Tosh at 10:01:23 on 2014-08-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5735.3031 [GMT 1:00]
.
AV: COMODO Antivirus *Enabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\Toshiba\TECO\Teco.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedadssvc.exe
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
C:\Program Files\COMODO\GeekBuddy\unit.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
mRun: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
mRun: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedadssvc.exe"
mRun: [tvncontrol] "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
dRun: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARTG~1.LNK - C:\Program Files\COMODO\GeekBuddy\launcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TOSHIB~1.LNK - C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: NameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72} : DHCPNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520} : DHCPNameServer = 194.168.4.100 194.168.8.100
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:\Program Files\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\Toshiba\BulletinBoard\TosBBCom64.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 BootDefragDriver;BootDefragDriver;C:\Windows\System32\drivers\BootDefragDriver.sys [2014-6-21 17600]
R1 CFRMD;CFRMD;C:\Windows\System32\drivers\CFRMD.sys [2013-5-7 37976]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2014-4-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2014-4-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2014-4-16 48360]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-5-23 20672]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver;C:\Windows\System32\drivers\hmd.sys [2013-10-7 14888]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-26 204288]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-7-25 70864]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-5-21 2135232]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-7-25 2327248]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2014-5-6 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-12-11 780152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-8-26 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-8-26 860472]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-3-29 598312]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\Toshiba\TECO\TecoService.exe [2010-12-8 267192]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\Windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2014-4-26 116752]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-2-9 77424]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-8-26 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-8-26 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-8-26 63704]
R3 PGEffect;Pangu effect driver;C:\Windows\System32\drivers\PGEffect.sys [2014-4-26 38096]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\Toshiba\TPHM\TPCHSrv.exe [2011-7-1 828856]
R3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;C:\Windows\System32\drivers\btfilter.sys [2010-10-18 42096]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-3-25 2264280]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-13 111616]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-4-26 250984]
S3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2014-4-26 307304]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2014-4-26 54136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-4-29 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-08-26 10:00:09 536576 ----a-w- C:\Windows\SysWow64\sqlite3.dll
2014-08-26 09:18:55 -------- d-----w- C:\AdwCleaner
2014-08-26 09:17:43 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-26 09:17:10 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-26 09:17:10 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-08-26 09:17:10 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-08-26 09:17:10 -------- d-----w- C:\ProgramData\Malwarebytes
2014-08-26 09:17:10 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-26 09:09:38 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-26 09:08:31 11319192 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B46C8361-7F86-4609-AD3B-3E3087CFD835}\mpengine.dll
2014-08-20 20:23:17 -------- d-----w- C:\Program Files (x86)\ASIO4ALL v2
2014-08-20 20:14:54 -------- d-----w- C:\Program Files (x86)\VstPlugins
2014-08-20 20:13:03 -------- d-----w- C:\Users\Tosh\AppData\Roaming\FlowStone
2014-08-20 20:13:02 -------- d-----w- C:\Program Files (x86)\DSPRobotics
2014-08-20 20:04:02 -------- d-----w- C:\Program Files (x86)\Image-Line
2014-08-18 21:04:53 -------- d-----w- C:\Users\Tosh\AppData\Local\MetaGeek,_LLC
2014-08-18 21:04:25 -------- d-----w- C:\Program Files (x86)\MetaGeek
2014-08-13 23:01:16 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-13 23:01:16 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-13 23:01:15 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-13 23:01:15 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-13 23:01:14 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-13 23:01:14 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-13 23:00:55 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 23:00:55 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-13 16:37:22 -------- d-----w- C:\ProgramData\eJay
2014-08-13 16:05:32 97280 ----a-w- C:\Windows\SysWow64\ccrpbds5.dll
2014-08-13 16:05:32 262144 ----a-w- C:\Windows\SysWow64\mpg4ds32.ax
2014-08-13 16:05:31 45056 ----a-w- C:\Windows\SysWow64\eJayxWaveDest.ax
2014-08-13 16:05:30 57344 ----a-w- C:\Windows\SysWow64\eJayxQuell.ax
2014-08-13 16:05:30 528384 ----a-w- C:\Windows\SysWow64\eJayxAudio.ax
2014-08-13 16:05:29 348160 ----a-w- C:\Windows\SysWow64\eJ_UniDialog.ocx
2014-08-13 16:05:29 286720 ----a-w- C:\Windows\SysWow64\EjWaveEditorCtrl.ocx
2014-08-13 16:05:28 608448 ----a-w- C:\Windows\SysWow64\ComCtl32.ocx
2014-08-13 16:05:28 108336 ----a-w- C:\Windows\SysWow64\MSWINSCK.OCX
2014-08-13 16:05:28 100864 ----a-w- C:\Windows\SysWow64\eJ_Explorer.ocx
2014-08-13 15:55:51 -------- d-----w- C:\Program Files (x86)\eJay
2014-08-13 15:55:25 -------- d-----w- C:\ProgramData\DownloadManager
2014-07-30 15:52:20 -------- d-----w- C:\Program Files (x86)\Common Files\COMODO
.
==================== Find3M ====================
.
2014-08-12 19:06:22 20672 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-08-07 02:06:41 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-05 08:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-16 03:25:04 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 19:06:27 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:06:27 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-06-03 01:26:48 118048 ----a-w- C:\Windows\System32\BootDefrag.exe
2014-06-03 01:05:44 17600 ----a-w- C:\Windows\System32\drivers\BootDefragDriver.sys
2014-06-01 21:01:39 0 ----a-w- C:\Windows\SysWow64\OLD6D03.tmp
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
2014-05-29 15:01:40 57096 ----a-w- C:\Windows\System32\certsentry.dll
2014-05-29 15:01:40 48392 ----a-w- C:\Windows\SysWow64\certsentry.dll
.
============= FINISH: 10:05:01.57 ===============
 
I think I have done it right thanks again for helping

it did make me quarantine some things but I do not inderstand most of it :)
 
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download http://www.imgdumper.nl/uploads6/51a5f31352f71/51a5f31352b88-icon_MBAR.png][/url][b][url=https://www.techspot.com/downloads/5603-malwarebytes-anti-rootkit.html][color=#0000FF]Malwarebytes Anti-Rootkit[/color][/url][/b] to your desktop.
[LIST]
[*][b][color=#FF0000]Warning![/color][/b] [I]Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.[/I]
[*]Double click on downloaded file. OK self extracting prompt.
[*]MBAR will start. Click "[b]Next[/b]" to continue.
[*]Click in the following screen "[b]Update[/b]" to obtain the latest malware definitions.
[*]Once the update is complete select "[b]Next[/b]" and click "[b]Scan[/b]".
[*]When the scan is finished and no malware has been found select "[b]Exit[/b]".
[*]If malware was detected, make sure to check all the items and click "[b]Cleanup[/b]". Reboot your computer.
[*]Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
[LIST]
[*][b]"mbar-log-[I]{date} (xx-xx-xx)[/I].txt"[/b]
[*][b]"system-log.txt"[/b]
[/LIST]
[/LIST]
 
RogueKiller V9.2.8.0 [Jul 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Tosh [Admin rights]
Mode : Remove -- Date : 08/28/2014 11:01:10

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 13 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520} | DhcpNameServer : 194.168.4.100 194.168.8.100 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> NOT SELECTED
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> NOT SELECTED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: NOT LOADED [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK6475GSX ATA Device +++++
--- User ---
[MBR] c625e5eda1037240fe2b27b5c5508f0e
[BSP] 25aa688f1fa44ddf8277e6c522f05859 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 821248 | Size: 304588 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 624617472 | Size: 305491 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_08282014_110046.log
 
Mbar-log-2014-08-28 (11-07-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 308393
Time elapsed: 43 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 
Malwarebytes Anti-Rootkit BETA 1.07.0.1012

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17239

Java version: 1.6.0_20

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.646000 GHz
Memory total: 6013444096, free: 2486439936

Downloaded database version: v2014.08.28.01
Downloaded database version: v2014.08.21.01
=======================================
Initializing...
Done!
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C8C756AF

Partition information:

Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 819200
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 821248 Numsec = 623796224

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 624617472 Numsec = 625645568

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 640135028736 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 14-08-29.03 - Tosh 29/08/2014 9:47.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.5735.3840 [GMT 1:00]
Running from: c:\users\Tosh\Downloads\ComboFix.exe
AV: COMODO Antivirus *Disabled/Updated* {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
FW: COMODO Firewall *Disabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
SP: COMODO Antivirus *Disabled/Updated* {0C2D2636-923D-EE52-2A83-E643204A8275}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Default\AppData\Roaming\DPInst.exe
c:\users\Default\AppData\Roaming\gacutil.exe
c:\users\Default\AppData\Roaming\PnPutil.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-07-28 to 2014-08-29 )))))))))))))))))))))))))))))))
.
.
2014-08-29 09:07 . 2014-08-29 09:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-29 08:46 . 2014-08-29 08:46 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0772664-3F18-42E9-AF3F-7799062FD3FE}\offreg.dll
2014-08-29 07:54 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C0772664-3F18-42E9-AF3F-7799062FD3FE}\mpengine.dll
2014-08-28 10:06 . 2014-08-28 10:54 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-08-28 09:50 . 2014-08-28 09:50 33512 ----a-w- c:\windows\SysWow64\drivers\TrueSight.sys
2014-08-28 09:50 . 2014-08-28 09:50 -------- d-----w- c:\programdata\RogueKiller
2014-08-28 06:02 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:02 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 06:02 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-27 18:54 . 2014-08-27 18:54 -------- d-----w- c:\users\Tosh\AppData\Local\DDMSettings
2014-08-27 18:49 . 2014-08-27 18:50 -------- d-----w- c:\users\Tosh\AppData\Roaming\DivX
2014-08-27 18:49 . 2014-08-27 18:49 -------- d-----w- c:\program files\DivX
2014-08-27 18:48 . 2014-08-27 18:50 -------- d-----w- c:\program files (x86)\Common Files\DivX Shared
2014-08-27 18:48 . 2014-08-27 18:50 -------- d-----w- c:\program files (x86)\DivX
2014-08-27 18:44 . 2014-08-27 18:50 -------- d-----w- c:\programdata\DivX
2014-08-26 11:54 . 2014-08-26 11:57 -------- d-----w- c:\users\Default\AppData\Local\Eastman_Kodak_Company
2014-08-26 11:45 . 2014-08-26 11:45 -------- d-----w- c:\users\Default\AppData\Roaming\KODAK AiO Home Center363017442
2014-08-26 10:00 . 2010-08-30 07:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-26 09:18 . 2014-08-26 10:04 -------- d-----w- C:\AdwCleaner
2014-08-26 09:17 . 2014-08-29 07:46 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-26 09:17 . 2014-08-28 10:05 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-26 09:17 . 2014-08-26 09:17 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-26 09:17 . 2014-08-26 09:17 -------- d-----w- c:\programdata\Malwarebytes
2014-08-26 09:17 . 2014-05-12 06:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-26 09:17 . 2014-05-12 06:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-26 09:10 . 2014-08-26 09:10 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-26 09:09 . 2014-08-26 09:09 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-20 20:23 . 2014-08-20 20:23 -------- d-----w- c:\program files (x86)\ASIO4ALL v2
2014-08-20 20:14 . 2014-08-20 20:14 -------- d-----w- c:\program files (x86)\VstPlugins
2014-08-20 20:13 . 2014-08-20 20:13 -------- d-----w- c:\users\Tosh\AppData\Roaming\FlowStone
2014-08-20 20:13 . 2014-08-20 20:13 -------- d-----w- c:\program files (x86)\DSPRobotics
2014-08-20 20:04 . 2014-08-20 20:06 -------- d-----w- c:\program files (x86)\Image-Line
2014-08-18 21:04 . 2014-08-18 21:05 -------- d-----w- c:\users\Tosh\AppData\Local\MetaGeek,_LLC
2014-08-18 21:04 . 2014-08-18 21:04 -------- d-----w- c:\program files (x86)\MetaGeek
2014-08-13 23:01 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 23:01 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 23:01 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 23:01 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 23:01 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 23:01 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 23:00 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 23:00 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 17:25 . 2014-08-13 17:25 341848 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2014-08-13 16:37 . 2014-08-13 16:40 -------- d-----w- c:\programdata\eJay
2014-08-13 16:05 . 2010-09-24 11:44 97280 ----a-w- c:\windows\SysWow64\ccrpbds5.dll
2014-08-13 16:05 . 2010-07-05 00:49 262144 ----a-w- c:\windows\SysWow64\mpg4ds32.ax
2014-08-13 16:05 . 2010-04-26 09:52 45056 ----a-w- c:\windows\SysWow64\eJayxWaveDest.ax
2014-08-13 16:05 . 2010-04-26 09:52 57344 ----a-w- c:\windows\SysWow64\eJayxQuell.ax
2014-08-13 16:05 . 2010-04-26 09:52 528384 ----a-w- c:\windows\SysWow64\eJayxAudio.ax
2014-08-13 16:05 . 2010-04-26 09:52 348160 ----a-w- c:\windows\SysWow64\eJ_UniDialog.ocx
2014-08-13 16:05 . 2010-04-26 09:52 286720 ----a-w- c:\windows\SysWow64\EjWaveEditorCtrl.ocx
2014-08-13 16:05 . 2010-05-17 08:36 108336 ----a-w- c:\windows\SysWow64\MSWINSCK.OCX
2014-08-13 16:05 . 2010-05-03 01:40 608448 ----a-w- c:\windows\SysWow64\ComCtl32.ocx
2014-08-13 16:05 . 2010-04-26 09:52 100864 ----a-w- c:\windows\SysWow64\eJ_Explorer.ocx
2014-08-13 15:55 . 2014-08-13 15:55 -------- d-----w- c:\program files (x86)\eJay
2014-08-13 15:55 . 2014-08-13 15:55 -------- d-----w- c:\programdata\DownloadManager
2014-08-13 06:53 . 2014-07-25 13:42 48128 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-07-30 15:52 . 2014-07-30 15:52 -------- d-----w- c:\program files (x86)\Common Files\COMODO
 
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 07:41 . 2011-03-28 16:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-13 23:10 . 2014-05-04 10:22 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-12 19:06 . 2014-05-23 07:39 20672 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-08-05 08:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-09 19:06 . 2014-04-28 17:21 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 19:06 . 2014-04-28 17:21 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 05:33 . 2014-06-26 05:33 14888 ----a-w- c:\windows\system32\drivers\hmd.sys
2014-06-26 05:33 . 2014-06-26 05:33 14888 ----a-w- c:\windows\inf\HMD\hmd.sys
2014-06-26 05:33 . 2014-06-26 05:33 37976 ----a-w- c:\windows\system32\drivers\CFRMD.sys
2014-06-26 05:33 . 2014-06-26 05:33 37976 ----a-w- c:\windows\inf\CFRMD\cfrmd.sys
2014-06-18 02:18 . 2014-07-10 09:44 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 09:44 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-10 09:45 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 09:45 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 09:43 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 09:43 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 09:43 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-06-03 01:26 . 2014-06-21 08:39 118048 ----a-w- c:\windows\system32\BootDefrag.exe
2014-06-03 01:05 . 2014-06-21 08:39 17600 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-06-01 21:01 . 2014-06-01 21:01 0 ----a-w- c:\windows\SysWow64\OLD6D03.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}]
2014-04-29 15:37 932520 ----a-w- c:\program files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2014-08-04 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2011-04-01 80840]
"PrivDogService"="c:\program files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedadssvc.exe" [2014-04-29 663208]
"tvncontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2014-07-25 2327248]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-12-11 2750840]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-08-19 448856]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-05-16 846936]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2014-05-06 2234064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Start GeekBuddy.lnk - c:\program files\COMODO\GeekBuddy\launcher.exe "unit_manager.exe" [2014-7-25 48848]
Toshiba Places Icon Utility.lnk - c:\program files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [2011-8-3 1470848]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe"/hide:60
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRMD.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 HMD;COMODO livePCsupport Hardware Monitor Driver;c:\windows\system32\DRIVERS\hmd.sys;c:\windows\SYSNATIVE\DRIVERS\hmd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [x]
S2 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\drivers\QIOMem.sys;c:\windows\SYSNATIVE\drivers\QIOMem.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
.
.
 
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 14:33 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28 19:06]
.
2014-08-29 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2014-08-04 01:41]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 03:56]
.
2014-08-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 03:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2011-08-03 150992]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2014-03-25 1275608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files (x86)\AdTrustMedia\PrivDog\2.1.0.23\trustedads.dll
TCP: DhcpNameServer = 194.168.4.100 194.168.8.100
TCP: Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72}: NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520}: NameServer = 156.154.70.22,156.154.71.22
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-Conime - c:\windows\system32\conime.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\CmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Completion time: 2014-08-29 10:18:44
ComboFix-quarantined-files.txt 2014-08-29 09:18
.
Pre-Run: 200,790,376,448 bytes free
Post-Run: 200,732,147,712 bytes free
.
- - End Of File - - FC7F63C45EEC1D69D35725B871B25DF8
A36C5E4F47E84449FF07ED3517B43A31
 
Looks good.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

P. S. I'm going out of town this afternoon. I'll be back on Sunday evening.
 
# AdwCleaner v3.308 - Report created 29/08/2014 at 22:59:04
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tosh - TOSH-TOSH
# Running from : C:\Users\Tosh\Downloads\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2286 octets] - [26/08/2014 10:58:50]
AdwCleaner[R1].txt - [1185 octets] - [29/08/2014 22:41:56]
AdwCleaner[R2].txt - [1306 octets] - [29/08/2014 22:57:24]
AdwCleaner[S0].txt - [2454 octets] - [26/08/2014 11:03:54]
AdwCleaner[S1].txt - [1251 octets] - [29/08/2014 22:46:39]
AdwCleaner[S2].txt - [1231 octets] - [29/08/2014 22:59:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1291 octets] ##########
 
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tosh on 29/08/2014 at 23:42:47.47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values




~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\adtrustmedia"
Successfully deleted: [Folder] "C:\Users\Tosh\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\adtrustmedia"
Successfully deleted: [Empty Folder] C:\Users\Tosh\appdata\local\{45DE51B5-7314-4512-8B16-AB36D9D3BDCC}
Successfully deleted: [Empty Folder] C:\Users\Tosh\appdata\local\{4F61CEB2-08AA-4754-A0F0-324BE2504DFE}
Successfully deleted: [Empty Folder] C:\Users\Tosh\appdata\local\{9B27ABAC-AEA1-493A-AE16-3A6BF72611E7}
Successfully deleted: [Empty Folder] C:\Users\Tosh\appdata\local\{D2490940-0C5F-46C2-944F-2E93B9077D6B}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30/08/2014 at 1:12:04.23
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Tosh (administrator) on TOSH-TOSH on 30-08-2014 19:42:29
Running from C:\Users\Tosh\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Toshiba) C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-07-01] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [150992 2011-08-03] (Toshiba Europe GmbH)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
HKU\S-1-5-21-2088121290-2798835046-2844222186-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-2088121290-2798835046-2844222186-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-08-04] (Glarysoft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\Toshiba\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{5B7B3EEB-7286-4629-8015-FFBFC0A6DD72}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{FCF43C59-F784-450C-8A0F-1A928D70D520}: [NameServer] 156.154.70.22,156.154.71.22

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-08-03]
 
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA"
CHR Profile: C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (PrivDog) - C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-05-16]
CHR Extension: (Google Wallet) - C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-29]
CHR Extension: (ArcadeFrontier) - C:\Users\Tosh\AppData\Local\Google\Chrome\User Data\Default\Extensions\peglehonblabfemopkgmfcpofbchegcl [2014-08-27]
CHR HKCU\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Users\Tosh\AppData\Local\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-04-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70864 2014-07-25] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-07-25] (Comodo Security Solutions, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-03] (Glarysoft Ltd)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [37976 2014-06-26] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-08-12] (Glarysoft Ltd)
R1 HMD; C:\Windows\System32\DRIVERS\hmd.sys [14888 2014-06-26] ()
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 Tosrfcom; No ImagePath
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [33512 2014-08-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:42 - 2014-08-30 19:43 - 00016957 _____ () C:\Users\Tosh\Downloads\FRST.txt
2014-08-30 19:42 - 2014-08-30 19:42 - 00000000 ____D () C:\FRST
2014-08-30 19:41 - 2014-08-30 19:42 - 02103808 _____ (Farbar) C:\Users\Tosh\Downloads\FRST64.exe
2014-08-30 01:12 - 2014-08-30 01:12 - 00001471 _____ () C:\Users\Tosh\Desktop\JRT.txt
2014-08-29 23:07 - 2014-08-29 23:07 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 23:06 - 2014-08-29 23:06 - 01016261 _____ (Thisisu) C:\Users\Tosh\Downloads\JRT.exe
2014-08-29 10:18 - 2014-08-29 10:18 - 00028335 _____ () C:\ComboFix.txt
2014-08-29 09:40 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-29 09:40 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-29 09:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-29 09:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-29 09:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-29 09:40 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-29 09:40 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-29 09:40 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-29 09:38 - 2014-08-29 10:19 - 00000000 ____D () C:\Qoobox
2014-08-29 09:37 - 2014-08-29 10:10 - 00000000 ____D () C:\Windows\erdnt
2014-08-29 09:34 - 2014-08-29 09:35 - 05576760 ____R (Swearware) C:\Users\Tosh\Downloads\ComboFix.exe
2014-08-28 11:06 - 2014-08-28 11:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-28 11:05 - 2014-08-28 11:54 - 00000000 ____D () C:\Users\Tosh\Desktop\mbar
2014-08-28 11:05 - 2014-08-28 11:05 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Tosh\Downloads\mbar-1.07.0.1012.exe
2014-08-28 10:50 - 2014-08-28 10:50 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-08-28 10:50 - 2014-08-28 10:50 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-28 10:49 - 2014-08-28 10:50 - 04851288 _____ () C:\Users\Tosh\Downloads\RogueKiller.exe
2014-08-28 07:02 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 07:02 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 07:02 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 19:54 - 2014-08-27 19:54 - 00000000 ____D () C:\Users\Tosh\AppData\Local\DDMSettings
2014-08-27 19:50 - 2014-08-27 19:50 - 00001581 _____ () C:\Users\Tosh\Desktop\DivX Movies.lnk
2014-08-27 19:50 - 2014-08-27 19:50 - 00001073 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-08-27 19:49 - 2014-08-27 19:50 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\DivX
2014-08-27 19:49 - 2014-08-27 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-08-27 19:49 - 2014-08-27 19:49 - 00001138 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-08-27 19:49 - 2014-08-27 19:49 - 00000000 ____D () C:\Program Files\DivX
2014-08-27 19:48 - 2014-08-27 19:50 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-08-27 19:44 - 2014-08-27 19:50 - 00000000 ____D () C:\ProgramData\DivX
2014-08-27 19:43 - 2014-08-27 19:44 - 00995648 _____ (DivX, LLC) C:\Users\Tosh\Downloads\DivXInstaller.exe
2014-08-27 10:05 - 2014-08-27 10:05 - 00025794 _____ () C:\Users\Tosh\Desktop\dds.txt
2014-08-27 10:05 - 2014-08-27 10:05 - 00008234 _____ () C:\Users\Tosh\Desktop\attach.txt
2014-08-27 10:00 - 2014-08-27 10:00 - 00688992 ____R (Swearware) C:\Users\Tosh\Downloads\dds.com
2014-08-27 09:55 - 2014-08-27 09:55 - 00066566 _____ () C:\Users\Tosh\Desktop\scan 1.txt
2014-08-26 21:00 - 2014-08-26 21:01 - 00001764 _____ () C:\Users\Tosh\Desktop\Rkill.txt
2014-08-26 21:00 - 2014-08-26 21:00 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Tosh\Downloads\rkill.exe
2014-08-26 20:55 - 2014-08-26 20:57 - 00006996 _____ () C:\Users\Default\AppData\Local\installer.log
2014-08-26 20:55 - 2014-08-26 20:57 - 00006996 _____ () C:\Users\Default User\AppData\Local\installer.log
2014-08-26 12:54 - 2014-08-26 12:57 - 00000000 ____D () C:\Users\Default\AppData\Local\Eastman_Kodak_Company
2014-08-26 12:54 - 2014-08-26 12:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\Eastman_Kodak_Company
2014-08-26 12:54 - 2014-08-26 12:54 - 00002163 _____ () C:\Users\Public\Desktop\KODAK AiO Home Centre.lnk
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Temp
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center363017442
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Temp
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center363017442
2014-08-26 11:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-26 10:18 - 2014-08-29 22:59 - 00000000 ____D () C:\AdwCleaner
2014-08-26 10:17 - 2014-08-30 03:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-26 10:17 - 2014-08-28 11:05 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-26 10:17 - 2014-08-26 10:17 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-26 10:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-26 10:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-26 10:16 - 2014-08-26 10:16 - 01364531 _____ () C:\Users\Tosh\Downloads\adwcleaner_3.308.exe
2014-08-26 10:15 - 2014-08-26 10:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tosh\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-21 17:11 - 2014-08-21 17:35 - 3103333306 _____ () C:\Users\Tosh\Desktop\Focus T25.zip
2014-08-21 05:54 - 2014-08-29 23:01 - 00003856 _____ () C:\Windows\PFRO.log
2014-08-20 21:23 - 2014-08-20 21:23 - 00001149 _____ () C:\Users\Tosh\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-08-20 21:13 - 2014-08-29 22:30 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\FlowStone
2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-08-20 21:04 - 2014-08-29 22:30 - 00000000 ____D () C:\Program Files (x86)\Image-Line
 
2014-08-20 21:01 - 2014-08-20 21:02 - 323060176 _____ (Image-Line) C:\Users\Tosh\Downloads\flstudio_11.1.exe
2014-08-18 22:04 - 2014-08-18 22:05 - 00000000 ____D () C:\Users\Tosh\AppData\Local\MetaGeek,_LLC
2014-08-18 22:04 - 2014-08-18 22:04 - 00002489 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2014-08-18 22:04 - 2014-08-18 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-08-18 22:04 - 2014-08-18 22:04 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2014-08-18 22:02 - 2014-08-18 22:02 - 04767744 _____ () C:\Users\Tosh\Downloads\inSSIDer-installer.msi
2014-08-18 21:43 - 2014-08-18 21:43 - 01529664 _____ (LogMeIn, Inc.) C:\Users\Tosh\Downloads\Support-LogMeInRescue.exe
2014-08-14 00:01 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 00:01 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 00:01 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 00:01 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 00:01 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 00:01 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 00:00 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 00:00 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 18:25 - 2014-08-13 18:25 - 00341848 _____ (DivX, LLC) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-08-13 17:37 - 2014-08-13 17:40 - 00000000 ____D () C:\ProgramData\eJay
2014-08-13 17:05 - 2014-08-13 17:05 - 00001364 _____ () C:\Users\Public\Desktop\eJay Dance 6 Reloaded.lnk
2014-08-13 17:05 - 2014-08-13 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eJay
2014-08-13 17:05 - 2010-09-24 12:44 - 00097280 _____ (Common Controls Replacement Project (CCRP)) C:\Windows\SysWOW64\ccrpbds5.dll
2014-08-13 17:05 - 2010-07-05 01:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg4ds32.ax
2014-08-13 17:05 - 2010-05-17 09:36 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2014-08-13 17:05 - 2010-05-03 02:40 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ComCtl32.ocx
2014-08-13 17:05 - 2010-04-26 10:52 - 00528384 _____ (eJay Entertainment GmbH) C:\Windows\SysWOW64\eJayxAudio.ax
2014-08-13 17:05 - 2010-04-26 10:52 - 00348160 _____ (eJay AG) C:\Windows\SysWOW64\eJ_UniDialog.ocx
2014-08-13 17:05 - 2010-04-26 10:52 - 00286720 _____ (Ejay AG) C:\Windows\SysWOW64\EjWaveEditorCtrl.ocx
2014-08-13 17:05 - 2010-04-26 10:52 - 00100864 _____ (zwei) C:\Windows\SysWOW64\eJ_Explorer.ocx
2014-08-13 17:05 - 2010-04-26 10:52 - 00057344 _____ () C:\Windows\SysWOW64\eJayxQuell.ax
2014-08-13 17:05 - 2010-04-26 10:52 - 00045056 _____ () C:\Windows\SysWOW64\eJayxWaveDest.ax
2014-08-13 16:55 - 2014-08-13 16:55 - 00000000 ____D () C:\ProgramData\DownloadManager
2014-08-13 16:55 - 2014-08-13 16:55 - 00000000 ____D () C:\Program Files (x86)\eJay
2014-08-13 16:46 - 2014-08-13 16:55 - 00000000 ____D () C:\Users\Tosh\Desktop\eJay Dance 6 Reloaded
2014-08-13 16:46 - 2014-08-13 16:46 - 00973104 _____ () C:\Users\Tosh\Downloads\ejay_dance6_reloaded_downloader.exe
2014-08-13 14:39 - 2013-08-08 12:37 - 733663232 _____ () C:\Users\Tosh\Desktop\Insanity - Fast and Furious workout.avi
2014-08-13 14:38 - 2014-08-13 14:44 - 00000000 ____D () C:\Users\Tosh\Desktop\Insanity
2014-08-13 12:28 - 2014-08-13 14:37 - 00000000 ____D () C:\Users\Tosh\Desktop\Camera Pics Baqckup
2014-08-13 07:54 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 07:54 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 07:54 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:54 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:54 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:54 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:54 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 07:54 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 07:54 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 07:54 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 07:54 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 07:54 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 07:54 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 07:54 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 07:54 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 07:54 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 07:54 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 07:54 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 07:54 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 07:54 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 07:54 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 07:54 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 07:54 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 07:54 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 07:53 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 07:53 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 07:53 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 07:53 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 07:53 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 07:53 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 07:53 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:53 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 07:53 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 07:53 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 07:53 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:53 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 07:53 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:53 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 07:53 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 07:53 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 07:53 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 07:53 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 07:53 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:53 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 07:53 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:53 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 07:53 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 07:53 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 07:53 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 07:53 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 07:53 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 07:53 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:53 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 07:53 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 07:53 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 07:53 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 07:53 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 07:53 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 07:53 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 07:53 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 07:53 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 07:53 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 07:53 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 07:53 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 07:53 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:53 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 07:53 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 07:53 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:53 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 07:53 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 07:53 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 07:53 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 07:53 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 07:53 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 07:53 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 07:53 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 07:53 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 07:53 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 07:53 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 07:53 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 07:53 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 07:53 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 07:53 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 07:53 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 20:00 - 2014-08-12 20:01 - 14416304 _____ () C:\Users\Tosh\Downloads\gu5setup.exe
2014-08-12 16:00 - 2014-08-29 23:39 - 00006924 _____ () C:\Windows\setupact.log
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-11 00:05 - 2014-08-11 00:11 - 00000000 ____D () C:\Users\Tosh\Desktop\Focus T25
2014-08-04 20:11 - 2014-08-04 21:10 - 00000000 ____D () C:\Users\Tosh\Desktop\Devon
 
==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-30 19:43 - 2014-08-30 19:42 - 00016957 _____ () C:\Users\Tosh\Downloads\FRST.txt
2014-08-30 19:42 - 2014-08-30 19:42 - 00000000 ____D () C:\FRST
2014-08-30 19:42 - 2014-08-30 19:41 - 02103808 _____ (Farbar) C:\Users\Tosh\Downloads\FRST64.exe
2014-08-30 19:39 - 2014-04-28 18:40 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-08-30 19:20 - 2011-08-03 04:56 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-30 19:06 - 2014-04-28 18:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-30 18:19 - 2014-04-26 02:50 - 02077025 _____ () C:\Windows\WindowsUpdate.log
2014-08-30 18:19 - 2011-08-03 04:56 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-30 15:20 - 2014-06-02 14:02 - 00000000 ____D () C:\ProgramData\Kodak
2014-08-30 03:34 - 2014-08-26 10:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-30 03:33 - 2009-07-14 05:45 - 00025120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-30 03:33 - 2009-07-14 05:45 - 00025120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-30 01:12 - 2014-08-30 01:12 - 00001471 _____ () C:\Users\Tosh\Desktop\JRT.txt
2014-08-29 23:43 - 2014-05-23 08:39 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-08-29 23:42 - 2014-05-23 08:39 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-08-29 23:39 - 2014-08-12 16:00 - 00006924 _____ () C:\Windows\setupact.log
2014-08-29 23:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 23:07 - 2014-08-29 23:07 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 23:06 - 2014-08-29 23:06 - 01016261 _____ (Thisisu) C:\Users\Tosh\Downloads\JRT.exe
2014-08-29 23:01 - 2014-08-21 05:54 - 00003856 _____ () C:\Windows\PFRO.log
2014-08-29 22:59 - 2014-08-26 10:18 - 00000000 ____D () C:\AdwCleaner
2014-08-29 22:48 - 2009-07-14 06:08 - 00032584 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-29 22:34 - 2014-06-04 22:08 - 00000000 ____D () C:\Users\Tosh\AppData\Local\PokerStars
2014-08-29 22:34 - 2014-06-04 22:07 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-08-29 22:30 - 2014-08-20 21:13 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-08-29 22:30 - 2014-08-20 21:04 - 00000000 ____D () C:\Program Files (x86)\Image-Line
2014-08-29 10:19 - 2014-08-29 09:38 - 00000000 ____D () C:\Qoobox
2014-08-29 10:18 - 2014-08-29 10:18 - 00028335 _____ () C:\ComboFix.txt
2014-08-29 10:10 - 2014-08-29 09:37 - 00000000 ____D () C:\Windows\erdnt
2014-08-29 10:08 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-29 09:35 - 2014-08-29 09:34 - 05576760 ____R (Swearware) C:\Users\Tosh\Downloads\ComboFix.exe
2014-08-29 08:40 - 2009-07-14 05:45 - 00268392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 11:54 - 2014-08-28 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-28 11:54 - 2014-08-28 11:05 - 00000000 ____D () C:\Users\Tosh\Desktop\mbar
2014-08-28 11:05 - 2014-08-28 11:05 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Tosh\Downloads\mbar-1.07.0.1012.exe
2014-08-28 11:05 - 2014-08-26 10:17 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 10:50 - 2014-08-28 10:50 - 00033512 _____ () C:\Windows\SysWOW64\Drivers\TrueSight.sys
2014-08-28 10:50 - 2014-08-28 10:50 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-28 10:50 - 2014-08-28 10:49 - 04851288 _____ () C:\Users\Tosh\Downloads\RogueKiller.exe
2014-08-28 10:16 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\TAPI
2014-08-27 19:54 - 2014-08-27 19:54 - 00000000 ____D () C:\Users\Tosh\AppData\Local\DDMSettings
2014-08-27 19:50 - 2014-08-27 19:50 - 00001581 _____ () C:\Users\Tosh\Desktop\DivX Movies.lnk
2014-08-27 19:50 - 2014-08-27 19:50 - 00001073 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-08-27 19:50 - 2014-08-27 19:49 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\DivX
2014-08-27 19:50 - 2014-08-27 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-08-27 19:50 - 2014-08-27 19:48 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-08-27 19:50 - 2014-08-27 19:44 - 00000000 ____D () C:\ProgramData\DivX
2014-08-27 19:49 - 2014-08-27 19:49 - 00001138 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-08-27 19:49 - 2014-08-27 19:49 - 00000000 ____D () C:\Program Files\DivX
2014-08-27 19:44 - 2014-08-27 19:43 - 00995648 _____ (DivX, LLC) C:\Users\Tosh\Downloads\DivXInstaller.exe
2014-08-27 10:05 - 2014-08-27 10:05 - 00025794 _____ () C:\Users\Tosh\Desktop\dds.txt
2014-08-27 10:05 - 2014-08-27 10:05 - 00008234 _____ () C:\Users\Tosh\Desktop\attach.txt
2014-08-27 10:00 - 2014-08-27 10:00 - 00688992 ____R (Swearware) C:\Users\Tosh\Downloads\dds.com
2014-08-27 09:55 - 2014-08-27 09:55 - 00066566 _____ () C:\Users\Tosh\Desktop\scan 1.txt
2014-08-26 21:01 - 2014-08-26 21:00 - 00001764 _____ () C:\Users\Tosh\Desktop\Rkill.txt
2014-08-26 21:00 - 2014-08-26 21:00 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Tosh\Downloads\rkill.exe
2014-08-26 20:57 - 2014-08-26 20:55 - 00006996 _____ () C:\Users\Default\AppData\Local\installer.log
2014-08-26 20:57 - 2014-08-26 20:55 - 00006996 _____ () C:\Users\Default User\AppData\Local\installer.log
2014-08-26 12:57 - 2014-08-26 12:54 - 00000000 ____D () C:\Users\Default\AppData\Local\Eastman_Kodak_Company
2014-08-26 12:57 - 2014-08-26 12:54 - 00000000 ____D () C:\Users\Default User\AppData\Local\Eastman_Kodak_Company
2014-08-26 12:56 - 2014-06-02 14:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak
2014-08-26 12:54 - 2014-08-26 12:54 - 00002163 _____ () C:\Users\Public\Desktop\KODAK AiO Home Centre.lnk
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Temp
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default\AppData\Roaming\KODAK AiO Home Center363017442
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Temp
2014-08-26 12:45 - 2014-08-26 12:45 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\KODAK AiO Home Center363017442
2014-08-26 10:57 - 2014-06-02 14:15 - 00016210 _____ () C:\Users\Tosh\AppData\Local\installer.log
2014-08-26 10:17 - 2014-08-26 10:17 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-26 10:17 - 2014-08-26 10:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-26 10:16 - 2014-08-26 10:16 - 01364531 _____ () C:\Users\Tosh\Downloads\adwcleaner_3.308.exe
2014-08-26 10:16 - 2014-08-26 10:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Tosh\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-26 10:13 - 2014-05-28 19:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-26 10:09 - 2014-08-26 10:09 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-26 10:09 - 2014-08-26 10:09 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-26 10:09 - 2011-08-03 04:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-24 17:19 - 2009-07-14 06:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-23 03:07 - 2014-08-28 07:02 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:45 - 2014-08-28 07:02 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-08-28 07:02 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:35 - 2014-08-21 17:11 - 3103333306 _____ () C:\Users\Tosh\Desktop\Focus T25.zip
2014-08-20 21:23 - 2014-08-20 21:23 - 00001149 _____ () C:\Users\Tosh\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2014-08-20 21:23 - 2014-08-20 21:23 - 00000000 ____D () C:\Program Files (x86)\ASIO4ALL v2
2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Users\Tosh\AppData\Roaming\FlowStone
2014-08-20 21:13 - 2014-08-20 21:13 - 00000000 ____D () C:\Program Files (x86)\DSPRobotics
2014-08-20 21:02 - 2014-08-20 21:01 - 323060176 _____ (Image-Line) C:\Users\Tosh\Downloads\flstudio_11.1.exe
2014-08-18 22:05 - 2014-08-18 22:04 - 00000000 ____D () C:\Users\Tosh\AppData\Local\MetaGeek,_LLC
2014-08-18 22:04 - 2014-08-18 22:04 - 00002489 _____ () C:\Users\Public\Desktop\inSSIDer Home.lnk
2014-08-18 22:04 - 2014-08-18 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek
2014-08-18 22:04 - 2014-08-18 22:04 - 00000000 ____D () C:\Program Files (x86)\MetaGeek
2014-08-18 22:02 - 2014-08-18 22:02 - 04767744 _____ () C:\Users\Tosh\Downloads\inSSIDer-installer.msi
2014-08-18 21:43 - 2014-08-18 21:43 - 01529664 _____ (LogMeIn, Inc.) C:\Users\Tosh\Downloads\Support-LogMeInRescue.exe
2014-08-14 15:44 - 2011-08-03 04:57 - 00002190 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 11:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 10:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 00:14 - 2014-05-04 11:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 00:10 - 2014-05-04 11:22 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 00:00 - 2014-04-30 23:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 18:25 - 2014-08-13 18:25 - 00341848 _____ (DivX, LLC) C:\Windows\SysWOW64\DivXControlPanelApplet.cpl
2014-08-13 17:42 - 2014-04-26 04:40 - 00000000 ____D () C:\Users\Tosh\AppData\Local\VirtualStore
2014-08-13 17:40 - 2014-08-13 17:37 - 00000000 ____D () C:\ProgramData\eJay
2014-08-13 17:05 - 2014-08-13 17:05 - 00001364 _____ () C:\Users\Public\Desktop\eJay Dance 6 Reloaded.lnk
2014-08-13 17:05 - 2014-08-13 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eJay
2014-08-13 16:55 - 2014-08-13 16:55 - 00000000 ____D () C:\ProgramData\DownloadManager
2014-08-13 16:55 - 2014-08-13 16:55 - 00000000 ____D () C:\Program Files (x86)\eJay
2014-08-13 16:55 - 2014-08-13 16:46 - 00000000 ____D () C:\Users\Tosh\Desktop\eJay Dance 6 Reloaded
2014-08-13 16:46 - 2014-08-13 16:46 - 00973104 _____ () C:\Users\Tosh\Downloads\ejay_dance6_reloaded_downloader.exe
2014-08-13 14:44 - 2014-08-13 14:38 - 00000000 ____D () C:\Users\Tosh\Desktop\Insanity
2014-08-13 14:37 - 2014-08-13 12:28 - 00000000 ____D () C:\Users\Tosh\Desktop\Camera Pics Baqckup
2014-08-12 20:06 - 2014-05-23 08:39 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-08-12 20:06 - 2014-05-23 08:39 - 00002972 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-08-12 20:06 - 2014-05-23 08:39 - 00002626 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-08-12 20:06 - 2014-05-23 08:39 - 00001103 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-08-12 20:06 - 2014-05-23 08:39 - 00001091 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-08-12 20:01 - 2014-08-12 20:00 - 14416304 _____ () C:\Users\Tosh\Downloads\gu5setup.exe
2014-08-12 19:56 - 2014-06-21 09:39 - 00000234 _____ () C:\BackupLoader.ini
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-11 00:11 - 2014-08-11 00:05 - 00000000 ____D () C:\Users\Tosh\Desktop\Focus T25
2014-08-09 10:04 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-08-08 16:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-08 00:34 - 2014-05-19 20:51 - 00000000 ____D () C:\Users\Tosh\Desktop\Frozen Stuff
2014-08-07 03:06 - 2014-08-13 07:53 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:01 - 2014-08-13 07:53 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 21:10 - 2014-08-04 20:11 - 00000000 ____D () C:\Users\Tosh\Desktop\Devon
2014-08-01 00:41 - 2014-08-13 07:53 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 00:16 - 2014-08-13 07:53 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

Some content of TEMP:
====================
C:\Users\Tosh\AppData\Local\Temp\Quarantine.exe
C:\Users\Tosh\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-27 11:33

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2014
Ran by Tosh at 2014-08-30 19:44:32
Running from C:\Users\Tosh\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Media Foundation Decoders (Version: 1.0.60628.2255 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0628.2340.40663 - ATI) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.0004 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.1.42 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6167672A-758D-9960-C32C-47A15E180A70}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.0.7 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.0.7 - British Broadcasting Corp.) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.09(T) - TOSHIBA CORPORATION)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0628.2340.40663 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0628.2340.40663 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0628.2340.40663 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help English (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help French (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help German (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0628.2339.40663 - ATI) Hidden
ccc-utility64 (Version: 2011.0628.2340.40663 - ATI) Hidden
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.51.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.80 - DivX, LLC)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
GeekBuddy (HKLM\...\{ADBA2296-BA0A-49C1-B3A1-67B0C95CB8AE}) (Version: 4.16.114 - Comodo Security Solutions Inc)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Glary Utilities 5.5 (HKLM-x32\...\Glary Utilities 5) (Version: 5.5.0.12 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NeroKwikMedia Help (CHM) (x32 Version: 10.6.10900 - Nero AG) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.1.0.23 - privdog.com)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.14 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{28F05B12-E618-48A8-839A-0755FC8C9081}) (Version: 8.0.39 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.23.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.2.23.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.2.23.64 - TOSHIBA Corporation) Hidden
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.8.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.8.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.09.01.00 - )
TOSHIBA Hardware Setup (Version: 4.09.01.00 - TOSHIBA) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.7 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64M - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.10010 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.09.01.00 - )
TOSHIBA Supervisor Password (Version: 4.09.01.00 - TOSHIBA) Hidden
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.5.4.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.25 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.25 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wedding Dash 2 - Rings Around the World (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.5 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-08-29 10:07 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0761232B-DFDC-4179-AA7D-CD8A8B6B08E3} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {15F31442-EF6B-4390-AC25-828547FDA611} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2011-04-21] (TOSHIBA CORPORATION)
Task: {4A0A79E5-B907-4031-B235-A8FCF9B4F563} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {4F3B181D-D15D-41A5-8B63-48D00D5F4587} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {6CBC0775-A098-4737-A3A6-C391C1CD17B8} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {89961A13-70B6-45DA-BAE2-926F480563E8} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-08-04] (Glarysoft Ltd)
Task: {96C98D2E-74BD-43FD-8349-F185A8188916} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-08-04] (Glarysoft Ltd)
Task: {AF4B1BB0-C2B9-4F59-B752-5404AAF192F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {E0868145-E36A-44C6-B6C2-C352ECA8E9D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03] (Google Inc.)
Task: {E16D4ED5-EF83-4734-8705-990713255BD3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-11-18 16:18 - 2010-11-18 16:18 - 11190784 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2010-12-15 14:19 - 2010-12-15 14:19 - 00124320 _____ () C:\Program Files\Toshiba\TECO\MUIHelp.dll
2011-08-03 05:54 - 2011-02-22 11:06 - 00563576 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\en\Humphrey.resources.dll
2011-08-03 05:12 - 2011-04-21 09:57 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-12-08 14:42 - 2010-12-08 14:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 41%
Total physical RAM: 5734.87 MB
Available physical RAM: 3338.86 MB
Total Pagefile: 11467.91 MB
Available Pagefile: 8497.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:297.45 GB) (Free:187.22 GB) NTFS
Drive d: (Data) (Fixed) (Total:298.33 GB) (Free:103.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C8C756AF)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    312 bytes · Views: 1
Back