Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05 Ran by coldharbor1950 at 2014-01-11 14:49:45 Running from C:\Users\coldharbor1950\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov) AccelerateTab (x32 Version: 1.4 - AccelerateTab) Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Amazon Kindle (HKCU Version: - Amazon) AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Fuel (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden AVG 2014 (Version: 2014.0.4259 - AVG Technologies) Blio (x32 Version: 2.2.8188 - K-NFB Reading Technology, Inc.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0512.1812.30806 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden CCleaner (Version: 4.09 - Piriform) CutePDF Writer 3.0 (Version: 3.0 - CutePDF.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden Driver Booster (x32 Version: 1.1 - IObit) Game Booster 3 (x32 Version: 3.4 - IObit) Google Chrome (x32 Version: 32.0.1700.72 - Google Inc.) Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden H&R Block Deluxe + Efile + State 2012 (x32 Version: 12.05.7803 - HRB Technology, LLC.) H&R Block Wisconsin 2012 (x32 Version: 1.12.4201 - HRB Technology, LLC.) HiJackThis (x32 Version: 1.0.0 - Trend Micro) HP Application Assistant (Version: 1.0.409.3882 - Hewlett-Packard) HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden HP Calendar (x32 Version: 5.1.4245.23508 - Hewlett-Packard) HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden HP Clock (x32 Version: 5.1.4244.16367 - Hewlett-Packard) HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden HP Deskjet 3050A J611 series Basic Device Software (Version: 25.0.571.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Help (x32 Version: 140.0.2.2 - Hewlett Packard) HP LinkUp (x32 Version: 2.01.029 - Hewlett-Packard) HP Magic Canvas (x32 Version: 5.1.15.0 - Hewlett-Packard) HP Magic Canvas Tutorials (x32 Version: 5.0.0.3 - Hewlett-Packard) HP MovieStore (x32 Version: 2.1.091 - Hewlett-Packard) Hidden HP MovieStore (x32 Version: 2.1.21091.0 - Hewlett-Packard Company) HP Notes (x32 Version: 5.1.4274.30382 - Hewlett-Packard) HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (x32 Version: 1.0.0.5192 - HP Photo Creations) HP RSS (x32 Version: 5.1.4301.21494 - Hewlett-Packard) HP Setup (x32 Version: 9.0.15076.3891 - Hewlett-Packard Company) HP Setup Manager (x32 Version: 1.2.15145.3905 - Hewlett-Packard Company) HP Support Assistant (x32 Version: 6.1.12.1 - Hewlett-Packard Company) HP Support Information (x32 Version: 11.00.0001 - Hewlett-Packard) HP TouchSmart RecipeBox (x32 Version: 3.0.3830.27730 - Hewlett-Packard) HP Update (x32 Version: 5.003.001.001 - Hewlett-Packard) HP Vision Hardware Diagnostics (Version: 2.12.1.0 - Hewlett-Packard) HP Weather (x32 Version: 5.1.4295.16450 - Hewlett-Packard) IObit Uninstaller (x32 Version: 3.0.5.1228 - IObit) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kobo (x32 Version: 2.0.3 - Kobo Inc.) LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Masque IGT Slots Wolf Run (x32 Version: 1.0.3 - Masque Publishing) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Metric Converter (x32 Version: 1.0.0.0 - XM Asia Pacific Pte Ltd) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Mathematics (x32 Version: 4.0 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation) NETGEAR WNA3100 wireless USB 2.0 adapter (x32 Version: 1.01.206 - NETGEAR) Nikon Message Center 2 (x32 Version: 2.1.0 - Nikon) Nikon Movie Editor (x32 Version: 2.6.0 - Nikon) OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation) opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden PDF Complete Special Edition (x32 Version: 4.0.65 - PDF Complete, Inc) Pdf995 (installed by H&R Block) (x32 Version: - ) PdfEdit995 (installed by H&R Block) (x32 Version: - ) Picture Control Utility x64 (Version: 1.4.7 - Nikon) PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation) Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.) Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.) Hidden PressReader (x32 Version: 5.11.0721.0 - NewspaperDirect Inc.) PrintMaster 2012 Platinum (x32 Version: 4.0.0.200 - Encore Software Inc.) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (x32 Version: 15.0.6 - RealNetworks) Realtek High Definition Audio Driver (x32 Version: 6.0.1.7106 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden Remote Graphics Receiver (x32 Version: 5.4.5 - Hewlett-Packard) RoboForm 7-9-2-5 (All Users) (x32 Version: 7-9-2-5 - Siber Systems) Serif PagePlus Starter Edition (x32 Version: 3.0.0.3 - Serif (Europe) Ltd) Serif PagePlus: Poster Template Pack 1 (x32 Version: 1.0.1.042 - Serif (Europe) Ltd) Serif PhotoPlus 8.0 (x32 Version: - ) Serif PhotoPlus Association File Formats (x32 Version: - ) Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) Smart Defrag 2 (x32 Version: 2.9 - IObit) Surfing Protection (x32 Version: 1.0 - IObit) TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden ViewNX 2 (Version: 2.6.0 - Nikon) Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Mobile Device Center (Version: 6.1.6965.0 - Microsoft Corporation) WMS Slots Reel 'em in (x32 Version: 1.00.0000 - Phantom EFX) Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden ==================== Restore Points ========================= 07-01-2014 00:34:38 ComboFix created restore point 11-01-2014 06:00:06 Windows Backup ==================== Hosts content: ========================== 2009-07-13 20:34 - 2014-01-01 14:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {10DA9D0D-86FA-4A5A-9B53-C0557B3E7EC8} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/php/pums/pums_usrlogfrm.php" Task: {2B3C8B51-8C6C-4C18-8F28-F424F85A6F2A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {2C140C34-A8B8-4C6A-8E33-789BFD79D723} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-01-01] (Siber Systems) Task: {58878F70-3779-420B-AEDC-BC0EB8C2CB31} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd) Task: {6914A14E-3ED5-43DD-B107-F7ED62A2AF7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-02] (Google Inc.) Task: {8CB46CF6-38B4-44DF-A480-7D2CDFE89D65} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-387024861-1857405023-142887614-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.) Task: {9406294F-592E-4613-ABC6-B1E7046ADA2E} - System32\Tasks\HPCeeScheduleForcoldharbor1950 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {AA6A4D0E-B646-49FC-B18E-3F8E75FD117F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-387024861-1857405023-142887614-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.) Task: {AB3455F7-763A-49FA-AFC5-F713E64C8A52} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {C15E4170-D91C-4ED5-A054-DF14FF27CD1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-13] (Adobe Systems Incorporated) Task: {D9259BEB-EF06-4D5F-87DC-A7F267FA4F3F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-02] (Google Inc.) Task: {F1E2FB07-561F-4198-8D5D-99C62CB53C0C} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe Task: C:\Windows\Tasks\HPCeeScheduleForcoldharbor1950.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2012-11-11 20:28 - 2012-09-12 15:33 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll 2013-02-08 16:21 - 2012-04-26 15:51 - 00040448 _____ () C:\Windows\System32\pdf995mon64.dll 2013-10-08 09:34 - 2013-10-08 09:34 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2011-06-08 15:57 - 2011-06-08 15:57 - 02812776 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll 2014-01-05 08:32 - 2011-10-25 14:54 - 00372736 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll 2014-01-05 08:32 - 2011-09-13 16:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\coldharbor1950\Documents\Butternut Dining Room.ppp:SummaryInformation AlternateDataStreams: C:\Users\coldharbor1950\Documents\Butternut Dining Room.ppp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} AlternateDataStreams: C:\Users\coldharbor1950\Documents\Butternut Dining Room.Spp:SummaryInformation AlternateDataStreams: C:\Users\coldharbor1950\Documents\Butternut Dining Room.Spp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/11/2014 02:48:53 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:45:53 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:42:52 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:39:53 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:36:53 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:24:13 PM) (Source: Application Hang) (User: ) Description: The program FRST64.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 14b0 Start Time: 01cf0f0ae16cf88b Termination Time: 16 Application Path: C:\Users\coldharbor1950\Desktop\FRST64.exe Report Id: 4c409d95-7afe-11e3-b56b-8000600fe800 Error: (01/11/2014 02:22:44 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:10:36 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:08:59 PM) (Source: Application Error) (User: ) Description: Faulting application name: chrome.exe, version: 32.0.1700.72, time stamp: 0x52cb57db Faulting module name: chrome.dll, version: 32.0.1700.72, time stamp: 0x52cb5218 Exception code: 0xc0000005 Fault offset: 0x0018ef51 Faulting process id: 0x16234 Faulting application start time: 0xchrome.exe0 Faulting application path: chrome.exe1 Faulting module path: chrome.exe2 Report Id: chrome.exe3 Error: (01/11/2014 02:07:36 PM) (Source: HPTouchSmartCalendar) (User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) System errors: ============= Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:09 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:08 PM) (Source: DCOM) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (01/11/2014 02:26:08 PM) (Source: DCOM) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (01/11/2014 02:26:04 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Error: (01/11/2014 02:26:04 PM) (Source: Service Control Manager) (User: ) Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: %%1068 Microsoft Office Sessions: ========================= Error: (01/11/2014 02:48:53 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:45:53 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:42:52 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:39:53 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:36:53 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:24:13 PM) (Source: Application Hang)(User: ) Description: FRST64.exe0.0.0.014b001cf0f0ae16cf88b16C:\Users\coldharbor1950\Desktop\FRST64.exe4c409d95-7afe-11e3-b56b-8000600fe800 Error: (01/11/2014 02:22:44 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:10:36 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) Error: (01/11/2014 02:08:59 PM) (Source: Application Error)(User: ) Description: chrome.exe32.0.1700.7252cb57dbchrome.dll32.0.1700.7252cb5218c00000050018ef511623401cf0f08e82cc275C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\32.0.1700.72\chrome.dll34f22b21-7afc-11e3-b620-8000600fe800 Error: (01/11/2014 02:07:36 PM) (Source: HPTouchSmartCalendar)(User: ) Description: Application Name: HP TouchSmart Calendar Exception Type: System.UnauthorizedAccessException at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost) at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share) at System.Xml.XmlDocument.Save(String filename) at LifeCenter.DAL.Common.CommonDataFunctions.UpdateLastSyncDate(DateTime dateLastSyncDate, String strProvider) CodeIntegrity Errors: =================================== Date: 2014-01-01 14:36:33.274 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-01-01 14:36:32.666 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 3686.54 MB Available physical RAM: 2307.64 MB Total Pagefile: 7371.27 MB Available Pagefile: 5777.59 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:449.07 GB) (Free:402.56 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:16.59 GB) (Free:2.04 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5476193F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS) ==================== End Of Log ============================