Disabling the AV worked. Here are the text files.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Owner (administrator) on DESKTOP on 12-11-2014 12:55:37
Running from C:\Users\Owner\Desktop
Loaded Profile: Owner (Available profiles: Owner & Kim & Michael2 & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\NkView6\NkvMon.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Acronis) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Google Inc.) C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\omgolld.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-12-23] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [362488 2010-06-07] (Acronis)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [642856 2008-12-12] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\hp\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\Run: [uywtdidl] => regsvr32.exe /s "C:\Users\Owner\AppData\Local\{80BD9E64-9F07-4A15-A9C9-BC0493984335}\uywtdidl.dll" <===== ATTENTION
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\Policies\Explorer: [] 0
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\MountPoints2: K - K:\LaunchU3.exe -a
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...\MountPoints2: {476004d4-edba-11e1-a566-446d5756518c} - K:\LaunchU3.exe -a
HKU\S-1-5-21-872580572-3677183479-2035353063-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NkvMon.exe.lnk
ShortcutTarget: NkvMon.exe.lnk -> C:\Program Files (x86)\Nikon\NkView6\NkvMon.exe (Nikon Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co...ll/en/side.html
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {65619AC8-EB2A-4F1B-9D78-7659E69E1AD1} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...kw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {65619AC8-EB2A-4F1B-9D78-7659E69E1AD1} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....ch={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...kw={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll ()
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {62AEFF80-16AD-4AC4-B812-E70EB5F37301} http://www.zenfolio....-ie-win-x86.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.10
FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fpd5yyrg.default
FF Homepage: hxxp://www.comcast.net/home.html
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: vShare - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fpd5yyrg.default\Extensions\vshareus@toolbar [2010-12-13]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fpd5yyrg.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-03-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-08-20]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-03-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-11-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 Automatic LiveUpdate Scheduler; C:\Program Files (x86)\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352 2007-09-12] (Symantec Corporation)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LinksysUpdater; C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe [204800 2008-11-13] () [File not signed]
S3 LiveUpdate; C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_2.EXE [2999664 2007-09-12] (Symantec Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-10-02] (Symantec Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141107.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141111.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141111.034\ENG64.SYS [129752 2014-08-21] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141111.034\EX64.SYS [2137304 2014-08-21] (Symantec Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-16] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [78936 2013-09-09] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-11-11] ()
S0x01000000 papycpu2; \SystemRoot\System32\DRIVERS\papycpu2.sys [X]
S0x01000000 papyjoy; \SystemRoot\System32\DRIVERS\papyjoy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 12:55 - 2014-11-12 12:56 - 00024054 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-11-12 12:55 - 2014-11-12 12:55 - 00000000 ____D () C:\FRST
2014-11-12 12:55 - 2014-11-12 12:53 - 02116096 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-11-12 09:40 - 2014-11-12 09:40 - 00000000 ____D () C:\Users\Michael2\AppData\Roaming\NVIDIA
2014-11-12 09:40 - 2014-11-12 09:40 - 00000000 ____D () C:\Users\Michael2\AppData\Roaming\Hewlett-Packard
2014-11-12 09:40 - 2014-10-05 11:18 - 00000636 _____ () C:\Users\Michael2\Desktop\Minecraft.exe - Shortcut.lnk
2014-11-12 09:37 - 2014-11-12 08:37 - 04759277 _____ () C:\Users\Michael2\Desktop\launcher.jar
2014-11-12 09:36 - 2014-11-12 09:36 - 00000020 ___SH () C:\Users\Michael2\ntuser.ini
2014-11-12 09:36 - 2014-11-12 09:36 - 00000000 ____D () C:\Users\Michael2\Documents\Bluetooth Exchange Folder
2014-11-12 09:36 - 2014-11-12 09:36 - 00000000 ____D () C:\Users\Michael2\AppData\Local\TouchSmartData
2014-11-12 09:36 - 2014-11-12 09:36 - 00000000 ____D () C:\Users\Michael2\AppData\Local\Broadcom
2014-11-12 09:34 - 2014-11-12 09:40 - 00000000 ____D () C:\Users\Michael2\AppData\Roaming\.minecraft
2014-11-12 09:27 - 2014-11-12 09:27 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DFD6118-3845-4952-9A80-B154B9265C70}
2014-11-12 09:26 - 2014-11-12 09:36 - 00000000 ____D () C:\Users\Michael2
2014-11-12 09:26 - 2012-09-28 19:17 - 00002049 _____ () C:\Users\Michael2\Desktop\Cyberlink PowerDirector.lnk
2014-11-12 09:26 - 2012-09-28 19:17 - 00000000 ____D () C:\Users\Michael2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberlink PowerDirector
2014-11-12 09:26 - 2012-05-17 14:31 - 00000000 ____D () C:\Users\Michael2\AppData\Roaming\Macromedia
2014-11-12 09:26 - 2012-05-17 14:20 - 00000000 ____D () C:\Users\Michael2\AppData\Local\Hewlett-Packard
2014-11-12 09:26 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\Michael2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-12 09:26 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\Michael2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-12 09:14 - 2014-11-12 09:14 - 00001894 _____ () C:\Users\Owner\Desktop\AdwCleaner[S1].txt
2014-11-12 09:06 - 2014-11-12 08:59 - 02140160 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-11-12 08:54 - 2014-11-12 08:54 - 00021986 _____ () C:\Users\Owner\Desktop\11122014_084827.log
2014-11-12 08:48 - 2014-11-12 08:48 - 00000000 ____D () C:\_OTL
2014-11-12 08:47 - 2014-11-12 08:45 - 00602112 _____ (OldTimer Tools) C:\Users\Owner\Desktop\OTL.exe
2014-11-11 18:45 - 2014-11-11 18:45 - 05598118 _____ (Swearware) C:\Users\Administrator\Desktop\ComboFix.exe
2014-11-11 18:45 - 2014-11-11 18:45 - 00448512 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\TFC.exe
2014-11-11 18:44 - 2014-11-11 18:44 - 00000000 _____ () C:\Users\Administrator\Desktop\FRST.exe.qkf92zg.partial
2014-11-11 18:43 - 2014-11-11 18:43 - 01706808 _____ (Thisisu) C:\Users\Administrator\Desktop\JRT.exe
2014-11-11 18:23 - 2014-11-11 18:23 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-11-11 18:23 - 2014-11-11 18:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-11 18:22 - 2014-11-11 18:22 - 00001858 _____ () C:\Users\Administrator\Desktop\AdwCleaner[S0].txt
2014-11-11 18:16 - 2014-11-12 09:11 - 00000000 ____D () C:\AdwCleaner
2014-11-11 18:14 - 2014-11-11 18:14 - 00083892 _____ () C:\Users\Administrator\Desktop\Extras.Txt
2014-11-11 18:13 - 2014-11-11 18:16 - 00125868 _____ () C:\Users\Administrator\Desktop\OTL.Txt
2014-11-11 18:13 - 2014-11-11 18:13 - 14672984 _____ () C:\Users\Administrator\Desktop\RogueKiller.exe
2014-11-11 18:13 - 2014-11-11 18:13 - 02140160 _____ () C:\Users\Administrator\Desktop\AdwCleaner.exe
2014-11-11 18:05 - 2014-11-11 18:05 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Hewlett-Packard
2014-11-11 18:04 - 2014-11-11 18:04 - 00602112 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\OTL.exe
2014-11-11 18:03 - 2014-11-11 18:03 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieUserList
2014-11-11 18:03 - 2014-11-11 18:03 - 00000000 __SHD () C:\Users\Administrator\AppData\Local\EmieSiteList
2014-11-11 18:03 - 2014-11-11 18:03 - 00000000 ____D () C:\Users\Administrator\Documents\Bluetooth Exchange Folder
2014-11-11 18:03 - 2014-11-11 18:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Broadcom
2014-11-11 18:02 - 2014-11-11 18:12 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1CD095B-7F58-42B7-8AC5-22592C79C9FA}
2014-11-11 18:02 - 2014-11-11 18:02 - 00001415 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-11 18:02 - 2014-11-11 18:02 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Adobe
2014-11-11 18:02 - 2014-11-11 18:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\TouchSmartData
2014-11-11 18:01 - 2014-11-11 18:02 - 00000000 ____D () C:\Users\Administrator
2014-11-11 18:01 - 2014-11-11 18:01 - 00000020 ___SH () C:\Users\Administrator\ntuser.ini
2014-11-11 18:01 - 2014-11-11 18:01 - 00000000 _____ () C:\Users\Owner\net
2014-11-11 18:01 - 2012-09-28 19:17 - 00002049 _____ () C:\Users\Administrator\Desktop\Cyberlink PowerDirector.lnk
2014-11-11 18:01 - 2012-09-28 19:17 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberlink PowerDirector
2014-11-11 18:01 - 2012-05-17 14:31 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Macromedia
2014-11-11 18:01 - 2012-05-17 14:20 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Hewlett-Packard
2014-11-11 18:01 - 2009-07-13 23:54 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-11 18:01 - 2009-07-13 23:49 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-11 17:48 - 2014-11-11 17:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\{D4120177-A982-4288-BF2E-A5B00808978A}
2014-11-10 18:05 - 2014-11-10 18:05 - 00000000 ____D () C:\Users\Owner\AppData\Local\{3F658E4D-1485-4ABE-AE76-729E34E274D5}
2014-11-09 21:36 - 2014-11-09 21:36 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-09 21:36 - 2014-11-09 21:36 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-09 21:36 - 2014-11-09 21:36 - 00000824 _____ () C:\ProgramData\Desktop\CCleaner.lnk
2014-11-09 21:36 - 2014-11-09 21:36 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\EurekaLab s.a.s
2014-11-09 21:36 - 2014-11-09 21:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-09 21:30 - 2014-11-10 19:34 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-09 21:10 - 2014-11-09 21:22 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-11-09 20:37 - 2014-11-09 20:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-09 20:36 - 2014-11-09 20:36 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-09 19:51 - 2013-09-09 21:47 - 00078936 ____R (Symantec Corporation) C:\Windows\system32\Drivers\SymIMV.sys
2014-11-09 11:43 - 2014-11-09 11:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\{97691D80-D897-446F-BFFA-4EFA1D65BFAF}
2014-11-09 07:12 - 2014-11-09 07:12 - 00054156 ____H () C:\Windows\QTFont.qfn
2014-11-09 07:12 - 2014-11-09 07:12 - 00001409 _____ () C:\Windows\QTFont.for
2014-11-08 21:54 - 2014-11-08 21:54 - 00000000 ____D () C:\Users\Owner\AppData\Local\{E198A45A-786E-455B-9F73-EEBE9DB6B089}
2014-11-07 11:33 - 2014-11-07 11:33 - 00000000 ____D () C:\Users\Kim\AppData\Local\{2141A49A-9E35-47A1-851E-1733BD58F51E}
2014-11-05 22:28 - 2014-11-05 22:28 - 00003860 _____ () C:\Windows\System32\Tasks\{1AD2BFBF-4FBB-FFAB-4DDF-B54DB4BB2C17}
2014-11-05 22:28 - 2014-11-05 22:28 - 00000028 _____ () C:\Windows\SysWOW64\u
2014-11-05 22:28 - 2014-11-05 22:28 - 00000000 _____ () C:\Windows\system32\jghzak.dll
2014-11-05 21:31 - 2014-11-05 21:32 - 00000000 ____D () C:\Users\Kim\AppData\Local\{A01BAF2A-0C15-49E7-B92A-D78AACB8BB09}
2014-11-04 12:14 - 2014-11-04 12:15 - 00000000 ____D () C:\Users\Kim\AppData\Local\{CEA1D549-A593-47C5-9B84-EBD6E1AE95E8}
2014-11-03 22:13 - 2014-11-03 22:13 - 00000000 ____D () C:\Users\Owner\AppData\Local\{0D834D86-506F-40F9-A26D-4FCEFB3BD44E}
2014-11-02 12:23 - 2014-11-02 12:24 - 00000000 ____D () C:\Users\Owner\AppData\Local\{5CC63EA1-E6CB-4B2D-B6D5-AF7B8833D5A9}
2014-11-01 11:38 - 2014-11-01 11:38 - 00000000 ____D () C:\Users\Kim\AppData\Local\{E0654785-8AB6-406A-985E-DA374895341A}
2014-11-01 11:21 - 2014-11-01 11:21 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4770C446-96A2-44D5-BC8A-555679F6E610}
2014-10-29 18:33 - 2014-10-29 18:34 - 00000000 ____D () C:\Users\Owner\AppData\Local\{4B351570-AB27-4E32-AB1D-79B659FB0923}
2014-10-29 17:51 - 2014-10-29 17:51 - 00000000 ____D () C:\Users\Kim\AppData\Local\{5DDDA557-C6BA-4D2F-B59D-31515A88F6F8}
2014-10-28 16:52 - 2014-10-28 16:52 - 00000000 ____D () C:\Users\Owner\AppData\Local\{1D592530-9D83-41E8-BCC3-69DB573A9E90}
2014-10-27 19:56 - 2014-10-27 19:56 - 00000000 ____D () C:\Users\Owner\AppData\Local\{9462FF60-37FC-44C5-B5F3-C5BBBC76BBDA}
2014-10-26 20:58 - 2014-10-26 20:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\{C0ECC6AB-7D37-4498-BEFC-1EE8F063D99B}
2014-10-26 08:57 - 2014-10-26 08:58 - 00000000 ____D () C:\Users\Owner\AppData\Local\{077422B7-99C9-4A3D-829D-61DE8AB60277}
2014-10-25 17:53 - 2014-10-25 17:53 - 00000000 ____D () C:\Users\Owner\AppData\Local\{378B1B26-F0AF-4482-8DDC-978BC0E4E524}
2014-10-22 15:13 - 2014-11-09 19:12 - 00000000 ____D () C:\Program Files (x86)\My Little Investigations
2014-10-19 08:50 - 2014-10-19 08:50 - 00000000 ____D () C:\Users\Owner\AppData\Local\{985D561A-22E5-4E92-9C64-C4FF6906FAFB}
2014-10-15 19:05 - 2014-10-15 19:05 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-10-15 06:51 - 2014-10-06 21:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 06:51 - 2014-10-06 21:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 06:51 - 2014-09-28 19:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 06:51 - 2014-09-25 17:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 06:51 - 2014-09-25 17:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 06:51 - 2014-09-25 17:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 06:51 - 2014-09-25 17:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 06:51 - 2014-09-25 17:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 06:51 - 2014-09-25 17:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 06:51 - 2014-09-25 17:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 06:51 - 2014-09-18 21:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 06:51 - 2014-09-18 20:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 06:51 - 2014-09-18 20:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 06:51 - 2014-09-18 20:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 06:51 - 2014-09-18 20:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 06:51 - 2014-09-18 20:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 06:51 - 2014-09-18 20:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 06:51 - 2014-09-18 20:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 06:51 - 2014-09-18 20:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 06:51 - 2014-09-18 20:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 06:51 - 2014-09-18 20:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 06:51 - 2014-09-18 20:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 06:51 - 2014-09-18 20:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 06:51 - 2014-09-18 20:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 06:51 - 2014-09-18 20:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 06:51 - 2014-09-18 20:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 06:51 - 2014-09-18 20:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 06:51 - 2014-09-18 20:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:51 - 2014-09-18 20:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 06:51 - 2014-09-18 20:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 06:51 - 2014-09-18 20:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:51 - 2014-09-18 20:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 06:51 - 2014-09-18 20:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 06:51 - 2014-09-18 20:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 06:51 - 2014-09-18 20:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 06:51 - 2014-09-18 20:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 06:51 - 2014-09-18 19:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 06:51 - 2014-09-18 19:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 06:51 - 2014-09-18 19:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 06:51 - 2014-09-18 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 06:51 - 2014-09-18 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 06:51 - 2014-09-18 19:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 06:51 - 2014-09-18 19:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 06:51 - 2014-09-18 19:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 06:51 - 2014-09-18 19:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 06:51 - 2014-09-18 19:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 06:51 - 2014-09-18 19:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 06:51 - 2014-09-18 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:51 - 2014-09-18 19:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 06:51 - 2014-09-18 19:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 06:51 - 2014-09-18 19:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 06:51 - 2014-09-18 19:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 06:51 - 2014-09-18 19:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 06:51 - 2014-09-18 18:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 06:51 - 2014-09-18 18:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 06:51 - 2014-09-18 18:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 06:51 - 2014-09-18 18:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 06:51 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 06:51 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 06:51 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 06:51 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 06:51 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 06:51 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:51 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:51 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:51 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 06:51 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:51 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 06:51 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 06:51 - 2014-06-18 17:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 06:51 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 06:51 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 06:51 - 2014-06-18 17:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 06:51 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 06:51 - 2014-06-18 17:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 06:50 - 2014-09-17 21:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 06:50 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 06:50 - 2014-09-12 20:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 06:50 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 06:50 - 2014-09-04 21:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 06:50 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 06:50 - 2014-09-04 00:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 06:50 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 06:50 - 2014-08-28 21:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 06:50 - 2014-07-16 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 06:50 - 2014-07-16 21:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 06:50 - 2014-07-16 21:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 06:50 - 2014-07-16 21:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:50 - 2014-07-16 21:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 06:50 - 2014-07-16 21:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 06:50 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 06:50 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 06:50 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 06:50 - 2014-07-16 20:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 06:50 - 2014-07-16 20:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 06:33 - 2014-10-15 06:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\{FAC51A51-AF27-4D65-B0D2-4F57A6949055}
2014-10-14 11:24 - 2014-10-14 11:24 - 00000000 ____D () C:\Users\Kim\AppData\Local\{C2918F44-E485-4C66-AF1A-7A87F917F8C2}
2014-10-13 12:38 - 2014-10-13 12:38 - 00000000 ____D () C:\Users\Kim\AppData\Local\{9D184A2D-6CDB-419F-8821-36D498BF925C}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 12:51 - 2012-08-20 17:22 - 01885461 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 12:01 - 2012-08-20 18:36 - 00000256 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-11-12 09:27 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-12 09:24 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 09:24 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 09:18 - 2009-07-14 00:13 - 00006506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 09:14 - 2012-05-17 14:34 - 00000000 ____D () C:\ProgramData\PDFC
2014-11-12 09:13 - 2010-11-20 22:47 - 01586596 _____ () C:\Windows\PFRO.log
2014-11-12 09:13 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 09:13 - 2009-07-13 23:51 - 00004475 _____ () C:\Windows\setupact.log
2014-11-12 08:40 - 2012-08-20 17:29 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6CD30E9-FF4C-468A-9F67-38C15221429D}
2014-11-12 08:39 - 2014-10-05 11:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\.minecraft
2014-11-12 08:36 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 21:13 - 2012-11-10 07:13 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForKim.job
2014-11-11 18:37 - 2012-08-25 13:47 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-11-11 18:01 - 2012-08-20 17:22 - 00000000 ____D () C:\Users\Owner
2014-11-10 19:33 - 2013-03-11 21:35 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2014-11-10 19:33 - 2013-03-11 21:35 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-09 22:34 - 2013-03-11 21:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 22:34 - 2013-03-11 21:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 21:37 - 2013-03-11 21:35 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 21:37 - 2013-03-11 21:35 - 00003654 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 21:04 - 2012-05-17 14:31 - 00000000 ____D () C:\Windows\PRIndex
2014-11-09 11:46 - 2014-02-22 23:18 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-11-09 09:02 - 2012-09-04 20:55 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForOwner
2014-11-09 09:02 - 2012-09-04 20:55 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForOwner.job
2014-11-08 19:46 - 2012-10-25 18:20 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{50146BE8-6A67-4DA1-BC4B-1D77760F6E40}
2014-11-08 11:05 - 2014-09-13 09:12 - 00000000 ____D () C:\Users\Owner\AppData\Local\{80BD9E64-9F07-4A15-A9C9-BC0493984335}
2014-11-07 13:57 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-11-05 15:13 - 2012-11-10 07:13 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKim
2014-11-05 09:02 - 2013-01-22 21:24 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-05 09:02 - 2012-08-28 20:44 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-28 20:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-10-28 18:23 - 2009-07-13 23:45 - 05446336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 17:06 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 19:00 - 2009-09-30 20:35 - 00000000 ____D () C:\Pictures 2004
2014-10-15 19:05 - 2014-03-16 12:18 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-10-15 19:05 - 2014-03-16 12:18 - 00002442 _____ () C:\Users\Public\Desktop\Norton Security Suite.lnk
2014-10-15 19:05 - 2014-03-16 12:18 - 00002442 _____ () C:\ProgramData\Desktop\Norton Security Suite.lnk
2014-10-15 19:05 - 2014-03-16 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-10-15 19:05 - 2014-03-16 12:17 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 07:08
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Owner at 2014-11-12 12:56:53
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Acronis True Image WD Edition (HKLM-x32\...\{A7D5787B-3A91-4433-A753-CFE520671683}) (Version: 13.0.14010 - Acronis)
Adobe Acrobat 6.0 Professional (HKLM-x32\...\{AC76BA86-1033-0000-7760-000000000001}) (Version: 006.000.000 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8200 - Broadcom Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.3.0 - NIKON CORPORATION)
Catalina Savings Printer (HKLM-x32\...\{4956ACE3-F537-4418-BB45-FD52395275A7}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dirt Track Racing (HKLM-x32\...\Dirt Track Racing) (Version: - )
Dirt Track Racing 2 (HKLM-x32\...\{5188D24B-9003-41B9-BC5D-7FEBA5C8F3AE}) (Version: - )
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FTP Commander (HKLM-x32\...\FTP Commander) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{FB555BCF-9202-4886-9203-88C9A210D727}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{710D4D91-1924-4A6B-8659-9CDE02DC7207}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
Invoices & Estimates (HKLM-x32\...\{40343BCD-282E-40B7-A3F1-0D1333F697FD}) (Version: - )
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Linksys EasyLink Advisor (HKLM-x32\...\Linksys EasyLink Advisor) (Version: - Linksys By Cisco Systems)
Linksys EasyLink Advisor (x32 Version: 3.11.9139.94 - Linksys By Cisco Systems) Hidden
LiveUpdate 3.2 (Symantec Corporation) (HKLM-x32\...\LiveUpdate) (Version: 3.2.0.68 - Symantec Corporation)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM-x32\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NASCAR® Racing 2003 Season (HKLM-x32\...\{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}) (Version: - Sierra Entertainment)
Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.7.0 - Nikon)
Nikon View 6 (HKLM-x32\...\{AAB84E83-C8DF-4752-9DFC-2E2A48EE5E9F}) (Version: - )
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Graphics Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Opanda IExif 2.3 (HKLM-x32\...\Opanda IExif_is1) (Version: 2.3 - Opanda Studio)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Paint Shop Pro 7 Anniversary Edition (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Pegasus Mail HTML Renderer 2.4.7.2 (HKLM-x32\...\{A9F5E1E1-1281-4862-90B4-6CF8E6AF83CE}_is1) (Version: - Micha's Midnight Manufacture)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.11 - Nikon)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.00.0000 - CyberLink Corp.)
PowerDirector (x32 Version: 6.00.0000 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pure Networks Platform (x32 Version: 11.1.9051.0 - Pure Networks) Hidden
QuickTime (HKLM-x32\...\InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}) (Version: 7.1 - Apple Computer, Inc.)
QuickTime (x32 Version: 7.1 - Apple Computer, Inc.) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.19 - AMD)
RAIDXpert (x32 Version: 3.3.1540.19 - AMD) Hidden
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.3.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.3.0 - SmartSound Software Inc) Hidden
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Stamps.com Internet Postage (HKLM-x32\...\Stamps.com Internet Postage) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.44.1000 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tap Tap Bear (HKLM-x32\...\{A393CDFF-BEB8-48EA-990D-2EB35B311D23}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Ulead GIF Animator 5 (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version: - )
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.7.4 - Nikon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebEx Support Manager for Internet Explorer (HKLM-x32\...\{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}) (Version: 6.5.47 - WebEx Communications Inc.)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zenfolio Uploader (HKLM\...\zfupload) (Version: - Zenfolio, Inc.)
Zenfolio Uploader (HKLM-x32\...\zfupload) (Version: - Zenfolio, Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-872580572-3677183479-2035353063-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
==================== Restore Points =========================
10-11-2014 02:20:56 Checkpoint by HitmanPro
10-11-2014 02:22:12 Checkpoint by HitmanPro
12-11-2014 13:48:46 OTL Restore Point - 11/12/2014 8:48:39 AM
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2014-11-12 08:49 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0B2A6404-AC97-442F-ACA5-03BC16BD4BA4} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {172871E9-B922-42C5-9A35-582536A1240D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {262DEC0F-05D7-4E94-BD05-EC0B6D37CB54} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2A2CECEF-F091-4920-89FE-0FB2D5E3030E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {2E353A09-F437-4A16-9A4D-41D803B969E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {2E880781-5C5D-402E-A80E-AD3CEF024F9C} - System32\Tasks\{4CF4E158-2FCE-4D15-B824-31F2117BCDB3} => C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
Task: {359596BB-6392-4EA6-84F9-FB75FF7D64A6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {393F71BA-B7AA-4385-8951-01860404E830} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {426866FE-C830-4AF7-91B7-60F2090A0C82} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {55267EC8-D097-4175-BB7E-17CDCA123D07} - System32\Tasks\{1AD2BFBF-4FBB-FFAB-4DDF-B54DB4BB2C17} => C:\Windows\system32\xkrcuql.dll/s "C:\Windows\system32\xkrcuql.dll"
Task: {642D53A0-EF89-4A63-969F-D5FA5EDBB3BD} - System32\Tasks\AdobeAAMUpdater-1.0-Desktop-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6EAF03BF-91C6-4A97-A002-6CAC3EEF0115} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {86319F98-23F6-4660-93B0-07A3FFBACB54} - System32\Tasks\{F9F364F3-DBA9-4B59-86EC-D2154ADA8B90} => C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
Task: {8A2BAA42-7B1E-4D21-AB86-127AFC77EB66} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {96298E7A-0192-4D56-B208-50D7F199FD61} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9676027F-CCD8-445B-BFCF-E91070D5D468} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-11] (Google Inc.)
Task: {ACF25503-AF73-4069-8853-7D3B910EC18E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {CC43DB83-B570-4553-940F-2583530D480A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {CD0F969F-C924-483C-9DA9-66D3D29BE3BD} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {E76C6FBA-11EF-4483-ABE5-B2FDC60DFD56} - System32\Tasks\{F1984D05-75FB-4B39-878C-3B7F4D7EF5E5} => C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
Task: {E8CD74BC-4D0B-4EEC-8FFF-40F58ABFF9C0} - System32\Tasks\HPCeeScheduleForKim => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {EA3FF327-C8AB-4F77-A70B-F86BF7C5E7C0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {FA6A40F6-291D-40B2-BFA1-461B8711B424} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {FBAC394F-3C36-46BB-9CA7-47D245385CB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN18S4817C05PJ => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {FD6B3F4F-FE22-4A6A-8721-14432D33ACEA} - System32\Tasks\{BBDED8C2-C739-40F0-A447-DB18AF89176D} => C:\Program Files (x86)\Adobe\Photoshop 7.0\Photoshop.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKim.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2012-09-28 19:18 - 2007-01-09 09:25 - 00272024 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2011-06-08 16:57 - 2011-06-08 16:57 - 02812776 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2012-05-17 14:13 - 2012-12-29 03:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-22 16:48 - 2011-07-22 16:48 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 00279040 _____ () C:\Users\Owner\AppData\Local\{80BD9E64-9F07-4A15-A9C9-BC0493984335}\uywtdidl.dll
2008-12-12 18:11 - 2008-12-12 18:11 - 00148480 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2008-12-12 18:11 - 2008-12-12 18:11 - 00097280 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 00718152 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\libglesv2.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 00126280 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\libegl.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 08537928 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\pdf.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 00353096 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 01732936 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\ffmpegsumo.dll
2014-11-08 11:05 - 2014-11-08 11:05 - 14669128 _____ () C:\Users\Owner\AppData\LocalLow\Zenfolio\gswifkkh\Bxrajoskow\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk => C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-872580572-3677183479-2035353063-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-872580572-3677183479-2035353063-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-872580572-3677183479-2035353063-1002 - Limited - Enabled)
Kim (S-1-5-21-872580572-3677183479-2035353063-1003 - Administrator - Enabled) => C:\Users\Kim
Michael2 (S-1-5-21-872580572-3677183479-2035353063-1005 - Administrator - Enabled) => C:\Users\Michael2
Owner (S-1-5-21-872580572-3677183479-2035353063-1000 - Administrator - Enabled) => C:\Users\Owner
UpdatusUser (S-1-5-21-872580572-3677183479-2035353063-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
System errors:
=============
Error: (11/12/2014 00:54:59 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on cannot be read.
Error: (11/12/2014 10:28:19 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
Error: (11/12/2014 09:57:51 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (11/12/2014 09:55:16 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on cannot be read.
Error: (11/12/2014 09:26:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (11/12/2014 09:26:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (11/12/2014 09:26:06 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (11/12/2014 09:18:42 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on cannot be read.
Error: (11/12/2014 09:18:38 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (11/12/2014 09:18:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069
Microsoft Office Sessions:
=========================
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
Error: (11/12/2014 09:31:06 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
Exception Type: System.UnauthorizedAccessException
at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
at System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
at System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
at System.IO.FileStream..ctor(String path, FileMode mode)
at LifeCenter.CommonControls.RestoreData.RestoreDataFileIfNotExist(StrFileType File)
CodeIntegrity Errors:
===================================
Date: 2012-12-17 19:02:44.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD FX-6120 Six-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 10005.44 MB
Available physical RAM: 7334.04 MB
Total Pagefile: 20009.05 MB
Available Pagefile: 16589.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:1845.27 GB) (Free:1214.29 GB) NTFS
Drive z: (Local Disk) (Fixed) (Total:298.09 GB) (Free:121.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1862.6 GB) (Disk ID: D5DC0E6B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1845.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 298 GB) (Disk ID: 12C635EB)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================