I have used other programs to remove viruses previously and I don't think there is one but there are heaps of files I don't know about such as one called; ACF5FE1B377240688B872D2A6EFD0A05.TMP. Are there any programs to tell me what devices, processes and folders or files I actually need on my laptop and what they're for. thanks very much
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
Ran by power (administrator) on POWER-PC (30-07-2015 17:04:09)
Running from C:\Users\power\Desktop
Loaded Profiles: UpdatusUser & power (Available Profiles: UpdatusUser & power)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\n360.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-12] (TOSHIBA Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-295868932-3461566431-2313640649-1000\...\Run: [] => [X]
HKU\S-1-5-21-295868932-3461566431-2313640649-1000\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\S-1-5-21-295868932-3461566431-2313640649-1000\...\RunOnce: [SysOff] => C:\Windows\SysWOW64\SYSPREP\ClosespV.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File not found
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [167312 2015-04-09] (NVIDIA Corporation)
AppInit_DLLs: ,C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [167312 2015-04-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [147576 2015-04-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-hom...0BPBXX31EVB0BPB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-hom...0BPBXX31EVB0BPB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-21-295868932-3461566431-2313640649-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.symantec....&pvid=21.6.0.32
HKU\S-1-5-21-295868932-3461566431-2313640649-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
HKU\S-1-5-21-295868932-3461566431-2313640649-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-...q={searchTerms}
HKU\S-1-5-21-295868932-3461566431-2313640649-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.doko-sear...125836&tsp=5037
HKU\S-1-5-21-295868932-3461566431-2313640649-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-...q={searchTerms}
URLSearchHook: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Users\power\AppData\LocalLow\Vuze_Remote\prxtbVuz0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-295868932-3461566431-2313640649-1000 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Users\power\AppData\LocalLow\Vuze_Remote\prxtbVuz0.dll (ClientConnect Ltd.)
URLSearchHook: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Users\power\AppData\LocalLow\Vuze_Remote\prxtbVuz0.dll (ClientConnect Ltd.)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM -> {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1000 -> {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> DefaultScope {80FC96E6-23AE-4758-BCD2-B1BCBEBFD057} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.searchgol...ADBD6749FB663F6
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {2A423B5F-0476-4755-AB6D-E9A0A8ED96DF} URL = https://au.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://search.filebu...q={searchTerms}
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {80FC96E6-23AE-4758-BCD2-B1BCBEBFD057} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...t=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: No Name -> {E6CE065A-F0C3-C32B-7B95-3C877CFC2A91} -> No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Vuze Remote Toolbar -> {ba14329e-9550-4989-b3f2-9732e92d17cc} -> C:\Users\power\AppData\LocalLow\Vuze_Remote\prxtbVuz0.dll [2014-03-26] (ClientConnect Ltd.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-08] (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-06] (<TOSHIBA>)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Users\power\AppData\LocalLow\Vuze_Remote\prxtbVuz0.dll [2014-03-26] (ClientConnect Ltd.)
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> No Name - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No File
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-295868932-3461566431-2313640649-1001 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0736FD2C-7D6B-49ED-802A-1E6FFF631E1F}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{1C2BBC94-FD6B-4AAD-88F4-CDF98348BD89}: [DhcpNameServer] 211.29.93.7 198.142.0.51
Tcpip\..\Interfaces\{D48B5815-319E-4D74-AB1E-16C2DF9C731B}: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: sweet-page
FF SelectedSearchEngine: sweet-page
FF Homepage: hxxp://www.sweet-page.com/?type=hp&ts=1415366958&from=air&uid=TOSHIBAXMK7575GSX_31EVB0BPBXX31EVB0BPB
FF Keyword.URL: https://au.search.ya...&type=994519&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-295868932-3461566431-2313640649-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\power\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-295868932-3461566431-2313640649-1001: @talk.google.com/O1DPlugin -> C:\Users\power\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-295868932-3461566431-2313640649-1001: @tools.google.com/Google Update;version=3 -> C:\Users\power\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-295868932-3461566431-2313640649-1001: @tools.google.com/Google Update;version=9 -> C:\Users\power\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-295868932-3461566431-2313640649-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF user.js: detected! => C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\user.js [2015-01-28]
FF Plugin ProgramFiles/Appdata: C:\Users\power\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\power\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\searchplugins\yahoo_ff.xml [2014-10-28]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-11-07]
FF Extension: Fast Start - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\[email protected] [2014-11-07]
FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{30B5D38F-A43B-42fd-B7E5-898BB1B71B8B} [2015-03-06]
FF Extension: Slick Savings - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2015-03-06]
FF Extension: Start Page - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2015-03-06]
FF Extension: Amazon Shopping Assistant by Spigot - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{DE1C78C1-2762-47f6-A1D9-1B7866FE7EB4} [2014-10-27]
FF Extension: Self-Destructing Cookies - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\[email protected] [2014-02-25]
FF Extension: Video Resumer - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\[email protected] [2014-02-25]
FF Extension: Flagfox - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: Adblock Plus - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-25]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFPlgn [2015-07-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\power\AppData\Roaming\Mozilla\Firefox\Profiles\uzf0yzm3.default-1393296102913\extensions\[email protected]
FF HKU\S-1-5-21-295868932-3461566431-2313640649-1001\...\Firefox\Extensions: [{562F1FE6-9763-FF7B-444A-FE5DD2884927}] - C:\Program Files (x86)\ver3BetterMarkIt\186.xpi
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR Profile: C:\Users\power\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-06]
CHR Extension: (Google Docs) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-06]
CHR Extension: (Google Drive) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-06]
CHR Extension: (YouTube) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-06]
CHR Extension: (Adblock Plus) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-11]
CHR Extension: (Google Search) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-06]
CHR Extension: (Google Sheets) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-06]
CHR Extension: (Norton Identity Safe) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-06]
CHR Extension: (Gmail) - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-06]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\power\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-07-03] () [File not signed]
S3 EasyAntiCheat; C:\windows\SysWOW64\EasyAntiCheat.exe [175136 2014-12-24] (EasyAntiCheat Ltd)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\N360.exe [282016 2015-07-17] (Symantec Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.202\ccSvcHst.exe [126392 2009-08-25] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-25] (TOSHIBA Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HWDeviceService64.exe; "C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-29] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\IPSDefs\20150729.001\IDSvia64.sys [692984 2015-07-14] (Symantec Corporation)
S3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [711168 2013-07-31] (DiBcom)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150729.008\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\22.5.0.124\Definitions\VirusDefs\20150729.008\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-11] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-24] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-11] (Symantec Corporation)
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-30 17:04 - 2015-07-30 17:04 - 00029538 _____ C:\Users\power\Desktop\FRST.txt
2015-07-30 17:02 - 2015-07-30 17:04 - 00000000 ____D C:\FRST
2015-07-30 17:02 - 2015-07-30 17:02 - 02169856 _____ (Farbar) C:\Users\power\Desktop\FRST64.exe
2015-07-30 16:29 - 2015-07-30 16:29 - 00099500 _____ C:\Users\power\Desktop\Extras.Txt
2015-07-30 16:23 - 2015-07-30 16:23 - 00141442 _____ C:\Users\power\Desktop\OTL.Txt
2015-07-30 16:11 - 2015-07-30 16:11 - 00602112 _____ (OldTimer Tools) C:\Users\power\Desktop\OTL.exe
2015-07-30 14:22 - 2015-07-30 14:22 - 00000000 ____D C:\Users\power\.swt
2015-07-30 13:00 - 2015-07-30 13:12 - 00000000 ____D C:\Program Files (x86)\EasyFix Tools
2015-07-30 13:00 - 2015-07-30 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyFix Tools
2015-07-29 17:49 - 2015-07-30 00:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-29 17:49 - 2015-07-29 17:49 - 00000934 _____ C:\Users\Public\Desktop\Steam.lnk
2015-07-29 17:49 - 2015-07-29 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-29 17:48 - 2015-07-29 17:48 - 01476720 _____ C:\Users\power\Downloads\SteamSetup.exe
2015-07-29 16:35 - 2015-07-29 16:35 - 00007170 _____ C:\Users\power\Downloads\Default_Library-ms.reg
2015-07-29 16:09 - 2015-07-26 02:07 - 00017856 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-07-29 16:09 - 2015-07-26 02:04 - 00765440 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-07-29 16:09 - 2015-07-26 02:04 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-07-29 16:09 - 2015-07-26 02:03 - 01085440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-07-29 16:09 - 2015-07-26 02:03 - 00433664 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-07-29 16:09 - 2015-07-26 02:03 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-07-29 16:09 - 2015-07-26 02:03 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-07-29 16:09 - 2015-07-26 01:55 - 01145856 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-07-26 11:36 - 2015-07-26 11:36 - 00347816 _____ (Microsoft Corporation) C:\Users\power\Downloads\MicrosoftFixit.Devices.Run.exe
2015-07-26 00:12 - 2015-05-10 02:26 - 00493504 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2015-07-25 22:00 - 2015-07-25 22:00 - 00000000 ____D C:\Users\power\AppData\Local\CEF
2015-07-24 22:18 - 2015-07-24 22:18 - 00000000 ____D C:\windows\System32\Tasks\Norton 360
2015-07-21 19:08 - 2015-07-15 11:19 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-07-21 19:08 - 2015-07-15 11:19 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-07-21 19:08 - 2015-07-15 11:19 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-07-21 19:08 - 2015-07-15 11:19 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-07-21 19:08 - 2015-07-15 10:55 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-07-21 19:08 - 2015-07-15 10:55 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-07-21 19:08 - 2015-07-15 10:55 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-07-21 19:08 - 2015-07-15 10:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-07-21 19:08 - 2015-07-15 09:59 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-07-21 19:08 - 2015-07-15 09:52 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 02603008 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-07-15 18:36 - 2015-07-10 01:58 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-07-15 18:36 - 2015-07-10 01:58 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-07-15 18:36 - 2015-07-10 01:58 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-07-15 18:36 - 2015-07-10 01:43 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-07-15 18:36 - 2015-07-10 01:43 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-07-15 18:36 - 2015-07-10 01:43 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-07-15 18:36 - 2015-07-10 01:43 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-07-15 18:36 - 2015-07-10 01:42 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-07-15 18:36 - 2015-07-03 05:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-07-15 18:36 - 2015-07-03 05:08 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-07-15 18:36 - 2015-07-03 04:46 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-07-15 18:36 - 2015-07-03 04:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-07-15 18:36 - 2015-07-03 04:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-07-15 18:36 - 2015-07-03 04:12 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-07-15 18:36 - 2015-07-03 03:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-07-15 18:36 - 2015-07-03 02:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-07-15 18:36 - 2015-06-27 10:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-07-15 18:36 - 2015-06-27 10:43 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-07-15 18:36 - 2015-06-27 09:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-07-15 18:36 - 2015-06-27 09:39 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-07-15 18:36 - 2015-06-25 16:57 - 03207168 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-07-15 18:36 - 2015-06-18 01:47 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-07-15 18:36 - 2015-06-18 01:37 - 00312320 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-07-15 18:36 - 2015-06-10 02:03 - 03180544 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-07-15 18:36 - 2015-06-10 02:03 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 18:36 - 2015-06-02 08:07 - 00254976 _____ (Microsoft Corporation) C:\windows\system32\cewmdm.dll
2015-07-15 18:36 - 2015-06-02 07:47 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\cewmdm.dll
2015-07-15 18:35 - 2015-07-03 04:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-07-15 18:35 - 2015-07-03 04:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-07-15 18:35 - 2015-07-03 04:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-07-15 18:35 - 2015-07-03 03:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-07-15 18:35 - 2015-06-26 02:09 - 00389832 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-07-15 18:35 - 2015-06-26 01:43 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-07-15 18:35 - 2015-06-21 04:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-07-15 18:35 - 2015-06-21 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-07-15 18:35 - 2015-06-21 03:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-07-15 18:35 - 2015-06-21 03:49 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-07-15 18:35 - 2015-06-21 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-07-15 18:35 - 2015-06-21 03:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-07-15 18:35 - 2015-06-21 03:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-07-15 18:35 - 2015-06-21 03:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-07-15 18:35 - 2015-06-21 03:34 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-07-15 18:35 - 2015-06-21 03:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-07-15 18:35 - 2015-06-21 03:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-07-15 18:35 - 2015-06-21 03:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-07-15 18:35 - 2015-06-21 03:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-07-15 18:35 - 2015-06-21 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 18:35 - 2015-06-21 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-07-15 18:35 - 2015-06-21 03:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-07-15 18:35 - 2015-06-21 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-07-15 18:35 - 2015-06-21 02:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-07-15 18:35 - 2015-06-21 02:48 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-07-15 18:35 - 2015-06-21 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-07-15 18:35 - 2015-06-21 02:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-07-15 18:35 - 2015-06-21 02:26 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-07-15 18:35 - 2015-06-21 02:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-07-15 18:35 - 2015-06-20 02:25 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-07-15 18:35 - 2015-06-20 02:25 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-07-15 18:35 - 2015-06-20 02:24 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-07-15 18:35 - 2015-06-20 02:24 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-07-15 18:35 - 2015-06-20 02:23 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-07-15 18:35 - 2015-06-20 02:17 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-07-15 18:35 - 2015-06-20 02:16 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-07-15 18:35 - 2015-06-20 02:13 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-07-15 18:35 - 2015-06-20 02:13 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-07-15 18:35 - 2015-06-20 02:03 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-07-15 18:35 - 2015-06-20 01:57 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 18:35 - 2015-06-20 01:53 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-07-15 18:35 - 2015-06-20 01:52 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-07-15 18:35 - 2015-06-20 01:51 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-07-15 18:35 - 2015-06-20 01:40 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-07-15 18:35 - 2015-06-20 01:40 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-07-15 18:35 - 2015-06-20 01:39 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-07-15 18:35 - 2015-06-20 01:15 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-07-15 18:35 - 2015-06-20 01:11 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-07-15 18:34 - 2015-07-05 02:07 - 02087424 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2015-07-15 18:34 - 2015-07-05 01:48 - 01414656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2015-07-15 18:34 - 2015-06-12 01:57 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-07-15 18:34 - 2015-06-12 01:57 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-07-15 18:34 - 2015-06-12 01:57 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-07-15 18:34 - 2015-06-12 01:56 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-07-15 18:34 - 2015-06-12 01:56 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-07-15 18:34 - 2015-06-12 01:56 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-07-15 18:34 - 2015-06-11 21:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-07-15 18:34 - 2015-04-28 03:23 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-07-15 18:34 - 2015-04-28 03:23 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-07-15 18:34 - 2015-04-28 03:23 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-07-15 18:34 - 2015-04-28 03:23 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-07-15 18:34 - 2015-04-28 03:05 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-07-15 18:34 - 2015-04-28 03:04 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-07-15 18:34 - 2015-04-28 03:04 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-07-15 18:34 - 2015-04-28 03:04 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-07-15 18:33 - 2015-07-02 04:56 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-07-15 18:33 - 2015-07-02 04:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-07-15 18:33 - 2015-07-02 04:49 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-07-15 18:33 - 2015-07-02 04:49 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-07-15 18:33 - 2015-07-02 04:48 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-07-15 18:33 - 2015-07-02 04:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-07-15 18:33 - 2015-07-02 04:47 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-07-15 18:33 - 2015-07-02 04:47 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-07-15 18:33 - 2015-07-02 04:43 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-07-15 18:33 - 2015-07-02 04:43 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-07-15 18:33 - 2015-07-02 04:39 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-07-15 18:33 - 2015-07-02 04:30 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-07-15 18:33 - 2015-07-02 04:29 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-07-15 18:33 - 2015-07-02 04:29 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-07-15 18:33 - 2015-07-02 04:29 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-07-15 18:33 - 2015-07-02 04:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-07-15 18:33 - 2015-07-02 04:26 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-07-15 18:33 - 2015-07-02 04:24 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-07-15 18:33 - 2015-07-02 03:27 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-07-15 18:33 - 2015-07-02 03:26 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-07-15 18:33 - 2015-07-02 03:26 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-07-15 18:33 - 2015-06-16 05:50 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-07-15 18:33 - 2015-06-16 05:45 - 03242496 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-07-15 18:33 - 2015-06-16 05:45 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-07-15 18:33 - 2015-06-16 05:45 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-07-15 18:33 - 2015-06-16 05:45 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-07-15 18:33 - 2015-06-16 05:44 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
2015-07-15 18:33 - 2015-06-16 05:43 - 02364416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-07-15 18:33 - 2015-06-16 05:43 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-07-15 18:33 - 2015-06-16 05:43 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-07-15 18:33 - 2015-06-16 05:42 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
2015-07-15 18:33 - 2015-06-16 05:42 - 00025088 _____ (Microsoft Corporation) C:\windows\system32\msimsg.dll
2015-07-15 18:33 - 2015-06-16 05:37 - 00025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimsg.dll
2015-07-14 21:09 - 2015-07-14 21:09 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 21:04 - 2015-07-24 22:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2015-06-30 22:21 - 2015-07-09 01:47 - 00000000 ____D C:\Users\Dana.power-PC.001\AppData\Roaming\Apple Computer
2015-06-30 21:59 - 2015-07-14 21:05 - 00002226 _____ C:\Users\Dana.power-PC.001\Desktop\Google Chrome.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-30 17:03 - 2009-07-14 12:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-30 17:03 - 2009-07-14 12:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-30 16:49 - 2013-07-04 12:55 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001UA.job
2015-07-30 16:41 - 2015-05-06 15:40 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-30 16:34 - 2012-07-10 08:11 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-30 14:40 - 2013-01-30 01:17 - 00000000 ____D C:\Users\power\AppData\Roaming\Azureus
2015-07-30 14:35 - 2014-11-30 22:22 - 00001819 _____ C:\Users\Public\Desktop\Vuze.lnk
2015-07-30 14:35 - 2014-11-30 22:22 - 00001819 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-07-30 14:35 - 2014-11-30 22:22 - 00000000 ____D C:\Program Files (x86)\Vuze
2015-07-30 14:24 - 2013-12-14 15:35 - 00000000 ____D C:\Users\power\Downloads\aanew
2015-07-30 14:22 - 2011-06-21 18:38 - 00000000 ____D C:\Users\power
2015-07-30 14:20 - 2014-05-14 13:19 - 00000000 ____D C:\Users\power\Documents\folders
2015-07-30 13:40 - 2011-04-25 20:11 - 01225616 _____ C:\windows\WindowsUpdate.log
2015-07-30 13:39 - 2014-11-26 09:24 - 00000000 ____D C:\Users\power\AppData\Local\NPE
2015-07-30 13:34 - 2015-05-06 15:40 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-30 13:33 - 2015-05-17 19:25 - 00003646 _____ C:\windows\setupact.log
2015-07-30 13:33 - 2013-07-01 17:44 - 00065536 _____ C:\windows\system32\Ikeext.etl
2015-07-30 13:33 - 2009-07-14 13:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-30 13:32 - 2015-05-21 11:50 - 00062210 _____ C:\windows\PFRO.log
2015-07-30 13:32 - 2009-07-14 11:20 - 00000000 ____D C:\windows\tracing
2015-07-30 12:19 - 2014-12-12 04:07 - 00000000 ____D C:\windows\rescache
2015-07-29 21:56 - 2009-07-14 13:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-29 18:35 - 2015-01-11 19:46 - 00000000 ____D C:\Users\Dana.power-PC.001
2015-07-29 17:53 - 2015-04-06 13:22 - 00000000 ____D C:\Users\power\AppData\Local\Steam
2015-07-29 17:49 - 2013-07-04 12:54 - 00000856 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001Core.job
2015-07-29 16:10 - 2014-05-07 03:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-07-26 12:22 - 2011-09-04 18:04 - 00000000 ____D C:\Users\power\AppData\Local\Windows Live
2015-07-26 00:40 - 2014-11-26 09:41 - 00000000 __SHD C:\Users\power\AppData\Local\EmieBrowserModeList
2015-07-26 00:40 - 2014-05-17 08:10 - 00000000 __SHD C:\Users\power\AppData\Local\EmieUserList
2015-07-26 00:40 - 2014-05-17 08:10 - 00000000 __SHD C:\Users\power\AppData\Local\EmieSiteList
2015-07-25 23:29 - 2014-12-23 22:54 - 00000000 ____D C:\Users\power\AppData\Roaming\theHunter
2015-07-25 22:57 - 2012-03-08 22:21 - 00000000 ____D C:\ProgramData\Optus Mobile Broadband
2015-07-25 22:44 - 2012-03-08 22:20 - 00000000 ____D C:\ProgramData\DatacardService
2015-07-25 22:41 - 2015-05-14 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyranid Mod for Soulstorm
2015-07-25 22:24 - 2011-04-25 20:32 - 00000000 ____D C:\ProgramData\TOSHIBA
2015-07-25 22:23 - 2009-07-14 11:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-25 22:06 - 2009-07-14 11:20 - 00000000 ____D C:\windows\system32\NDF
2015-07-25 12:31 - 2015-04-05 03:01 - 00000000 ___SD C:\windows\system32\GWX
2015-07-24 22:12 - 2014-09-10 20:14 - 00003206 _____ C:\windows\System32\Tasks\Norton WSC Integration
2015-07-24 22:12 - 2014-09-10 20:14 - 00002196 _____ C:\Users\Public\Desktop\Norton 360.LNK
2015-07-24 22:12 - 2014-09-10 20:12 - 00000000 ____D C:\windows\system32\Drivers\N360x64
2015-07-24 17:58 - 2014-09-10 20:27 - 00000000 ____D C:\N360_BACKUP
2015-07-24 11:18 - 2014-09-10 20:14 - 00111344 _____ (Symantec Corporation) C:\windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-24 11:18 - 2014-09-10 20:14 - 00008214 _____ C:\windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-22 03:19 - 2009-07-14 12:45 - 00409496 _____ C:\windows\system32\FNTCACHE.DAT
2015-07-18 18:34 - 2012-07-10 08:11 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-18 18:34 - 2012-07-10 08:11 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 18:34 - 2012-02-01 19:56 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-18 03:50 - 2015-04-05 03:01 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-07-18 03:50 - 2009-07-14 11:20 - 00000000 ____D C:\windows\PolicyDefinitions
2015-07-18 03:49 - 2015-04-16 03:46 - 00000000 ____D C:\windows\system32\appraiser
2015-07-18 03:27 - 2011-06-21 22:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 03:19 - 2014-03-30 02:55 - 00000000 ____D C:\windows\system32\MRT
2015-07-17 17:44 - 2013-07-04 12:55 - 00003878 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001UA
2015-07-17 17:44 - 2013-07-04 12:55 - 00003482 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001Core
2015-07-17 17:42 - 2013-10-16 22:18 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-17 17:36 - 2015-05-06 15:40 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-17 17:36 - 2015-05-06 15:40 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-09 01:47 - 2015-05-12 00:52 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-03 08:43 - 2014-03-30 02:55 - 130333168 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-07-01 20:13 - 2015-01-11 19:47 - 00000000 ____D C:\Users\Dana.power-PC.001\AppData\Roaming\Adobe
2015-07-01 20:00 - 2014-09-10 20:14 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-01 19:59 - 2011-04-25 21:01 - 00000000 ____D C:\ProgramData\Norton
2015-07-01 19:50 - 2011-08-22 21:31 - 00000000 ____D C:\Users\Public\Downloads\Norton
==================== Files in the root of some directories =======
2014-12-23 23:16 - 2014-12-23 23:16 - 0000096 _____ () C:\Users\power\AppData\Roaming\LauncherSettings_live.cfg
2014-12-23 22:54 - 2014-12-23 22:54 - 0000039 _____ () C:\Users\power\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-05-31 00:43 - 2014-09-03 19:03 - 0007597 _____ () C:\Users\power\AppData\Local\resmon.resmoncfg
2012-01-18 20:39 - 2012-01-18 20:39 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2011-06-22 21:30 - 2011-06-22 21:33 - 0000815 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Dana\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Dana\AppData\Local\Temp\ResetDevice.exe
C:\Users\Dana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\power\AppData\Local\Temp\i4jdel0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2011-12-22 07:41
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by power (2015-07-30 17:05:08)
Running from C:\Users\power\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-295868932-3461566431-2313640649-500 - Administrator - Disabled)
Dana (S-1-5-21-295868932-3461566431-2313640649-1004 - Administrator - Enabled)
Guest (S-1-5-21-295868932-3461566431-2313640649-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-295868932-3461566431-2313640649-1003 - Limited - Enabled)
power (S-1-5-21-295868932-3461566431-2313640649-1001 - Administrator - Enabled) => C:\Users\power
UpdatusUser (S-1-5-21-295868932-3461566431-2313640649-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.0004 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Battle.net (HKLM-x32\...\Battle.net) (Version: - )
BetterMarkIt (HKLM-x32\...\CCDEE4C2-D097-592A-B1CC-FFD5F12FF67C) (Version: - BetterMarkIt-software) <==== ATTENTION
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.06(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build a Molecule (HKU\S-1-5-21-295868932-3461566431-2313640649-1000\...\Build a Molecule) (Version: - University of Colorado, Department of Physics)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dawn Of War (HKLM-x32\...\{83F12F73-D52E-40C0-93B1-463C311C4E17}) (Version: 1.40 - THQ)
DayZ Commander (HKLM-x32\...\{0B74EC0B-2A85-4542-A167-3DE2132E7DAA}) (Version: 0.92.85 - Dotjosh Studios)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
EasyFix Tools v1.0 (HKLM\...\EasyFix Tools_is1) (Version: 1.0 - EasyFixTools, Inc.)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
f.lux (HKU\S-1-5-21-295868932-3461566431-2313640649-1001\...\Flux) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk (remove only) (HKU\S-1-5-21-295868932-3461566431-2313640649-1001\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Photosmart Wireless B110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Magentic (HKLM-x32\...\Magentic) (Version: 1.3.1.967 - IncrediMail Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91E30409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Molecule Shapes- Basics (HKU\S-1-5-21-295868932-3461566431-2313640649-1000\...\Molecule Shapes- Basics) (Version: - University of Colorado, Department of Physics)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Network Play System (Patching) (HKLM-x32\...\Network Play System (Patching)) (Version: - )
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 267.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 267.44 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Open Freely (HKLM\...\{1BF14E04-85DE-480C-9A04-EB36744C66C3}_is1) (Version: 1.0 - Download Freely, LLC)
Optus Wireless Broadband (HKLM-x32\...\Optus Wireless Broadband) (Version: 11.300.04.04.432 - Huawei Technologies Co.,Ltd)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6305 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-295868932-3461566431-2313640649-1001\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
The Sims (HKLM-x32\...\The Sims) (Version: - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA ConfigFree (HKLM-x32\...\{F52618B2-A995-4F8D-A6C8-9E235A470C68}) (Version: 8.0.36 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.7 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.24.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.9.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.12C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.34C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.12 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.8 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.5.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Speech System Applications (HKLM-x32\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM-x32\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM-x32\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.4.64 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.6.08-A - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CDADE9BC-612C-42B8-B929-5C6A823E7FF9}) (Version: 1.0.3 - TOSHIBA CORPORATION)
TuneUp 2.4.8.5 (HKLM-x32\...\TuneUpMedia) (Version: 2.4.8.5 - TuneUp Media, Inc.)
Tyranid Mod 0.5b2 for Soulstorm (HKLM-x32\...\Tyranid Mod 0.5b2 for Soulstorm) (Version: - )
Ultimate Apocalypse mod 1.73 (HKU\S-1-5-21-295868932-3461566431-2313640649-1001\...\Ultimate Apocalypse mod 1.73) (Version: - )
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.6.1.2 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: 6.10.3.27 - Vuze Remote) <==== ATTENTION
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.55 - NCH Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-295868932-3461566431-2313640649-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\power\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
25-07-2015 22:10:06 Revo Uninstaller's restore point - Evolution RTS
25-07-2015 22:21:25 Revo Uninstaller's restore point - Warhammer 40,000: Storm of Vengeance
25-07-2015 22:42:02 Revo Uninstaller's restore point - Optus Mobile Broadband
25-07-2015 23:23:19 Revo Uninstaller's restore point - War of the Roses
25-07-2015 23:25:39 Revo Uninstaller's restore point - Stronghold 3
25-07-2015 23:27:37 Revo Uninstaller's restore point - theHunter
25-07-2015 23:52:25 Windows Update
26-07-2015 00:12:19 Windows Update
29-07-2015 13:41:19 Windows Update
29-07-2015 16:09:39 Windows Update
29-07-2015 17:37:54 Revo Uninstaller's restore point - Steam
29-07-2015 21:55:24 Windows Modules Installer
30-07-2015 00:16:06 Windows Update
30-07-2015 13:30:10 Norton_Power_Eraser_20150730133008362
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {061698DE-5346-4D5F-9DCC-5A15C7866833} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {0BAE11A7-FF89-4B8B-B066-B761EC842F18} - System32\Tasks\{6C47FC73-3423-4C62-BC76-2693BB627F58} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {0C4EDBF1-189F-4488-91C9-47221DBA97C9} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {0F441619-3440-4F0A-BA84-3F63335F734C} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\22.5.2.15\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {1AF91CB9-A9DA-4F02-A3BC-1C92B6DDC1B9} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {20E8E452-D8A4-4687-B491-CE8C7F6DE2DB} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {3607B9A9-5157-48EC-825B-44AC3BCC61D6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001Core => C:\Users\power\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {5F036C68-76D4-423D-9A4F-0DDE02007EC8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001UA => C:\Users\power\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-13] (Google Inc.)
Task: {747508F8-97D7-4D9A-BD09-79EEA6420FEF} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.1.0.32\SymErr.exe
Task: {7620BAC9-24CF-4B23-9D6A-D7FA51685F0C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {A67707DC-4265-45EA-8285-91A45FF3960B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-06] (Google Inc.)
Task: {AB337D4F-1654-4089-9DFC-5D69A96D1032} - \RocketTab No Task File <==== ATTENTION
Task: {DC79EEE1-2B75-4727-8C79-CD24633181CF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-06] (Google Inc.)
Task: {E17802EF-3666-48F9-B59E-F1A90CF475F3} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {E59E531E-7F93-4642-9D70-A2468709F82C} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-04] (TOSHIBA CORPORATION)
Task: {FB4A9291-2BC3-4D7F-A041-07202C6188C1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001Core.job => C:\Users\power\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-295868932-3461566431-2313640649-1001UA.job => C:\Users\power\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-04-09 07:23 - 2015-04-09 07:23 - 00010952 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-17 13:05 - 2015-02-04 10:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-12-09 06:42 - 2010-12-09 06:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-04-09 07:23 - 2015-04-09 07:23 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-07-29 18:55 - 2015-07-25 16:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 18:55 - 2015-07-25 16:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-07-29 18:55 - 2015-07-25 16:46 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-295868932-3461566431-2313640649-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\power\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: HWDeviceService64.exe => 2
MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
MSCONFIG\Services: Skype C2C Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TOSHIBA Bluetooth Service => 3
MSCONFIG\startupfolder: C:^Users^power^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackgroundContainer => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\power\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: EE3E8F24DC53E55A1B834ECB10669E575F25AE86._service_run => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: F.lux => "C:\Users\power\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Google Update => "C:\Users\power\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk => C:\Users\power\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Magentic => C:\PROGRA~2\Magentic\bin\Magentic.exe /c
MSCONFIG\startupreg: NextLive => C:\windows\SysWOW64\rundll32.exe "C:\Users\power\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Smart PC Cleaner => C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\power\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A195EA86-E03B-46C9-A666-304986879D52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B0429496-0E5E-4B73-8E4F-EFBF3A9F3BB1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{970CE45E-F1AB-439C-959D-EFF2BF11363C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CEC9D849-CEFB-4F56-90F8-0EB8DF22830E}] => (Allow) LPort=2869
FirewallRules: [{CEC43340-8A03-4AAD-B88C-B93623345C4E}] => (Allow) LPort=1900
FirewallRules: [{F71ED726-6E0F-41B3-A754-67093245F588}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4E232A3B-786A-43AD-B031-36778DD51DAA}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{D863F626-3A40-4E73-904B-2609758B313E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{90ED6C02-7288-415E-8717-7D0C7953C487}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{8BFE9372-4CB8-47F7-885B-B9665A2F3DAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{FE40CC9D-1D52-4FD3-82A8-B319589E68FB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{02880F52-9C1C-4A08-B1C8-CCED0E424074}] => (Allow) E:\azures movies\game.dat
FirewallRules: [{480425C0-99CC-4161-9837-86CDBFEB872B}] => (Allow) E:\azures movies\game.dat
FirewallRules: [{124B1DBE-AFA9-4A91-81E4-D12F281935E3}] => (Allow) E:\azures movies\World of Warcraft\Launcher.exe
FirewallRules: [{B5BFD7A2-CF67-440C-A580-1DA234AA51C8}] => (Allow) E:\azures movies\World of Warcraft\Launcher.exe
FirewallRules: [{E3A4F1F2-34B2-4FBA-933E-787704F9BBEE}] => (Allow) E:\azures movies\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{6894C9BA-ECD6-4A9F-9EA3-3DFAFCD11A06}] => (Allow) E:\azures movies\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{0D5894EC-21BF-455E-8AF4-65C8B30C65F7}] => (Allow) E:\azures movies\World of Warcraft\Launcher.patch.exe
FirewallRules: [{F19EB48B-368D-4FCC-96C9-ACF28713A973}] => (Allow) E:\azures movies\World of Warcraft\Launcher.patch.exe
FirewallRules: [{3E5F1124-4890-40CF-8861-AC6448E8B073}] => (Allow) C:\Users\Dana\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{7986BABF-3EE4-4BC3-89E7-38ED7C4355ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0C5D6E99-30DF-4015-98A5-0DF7FD28619A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E91AB50A-626F-4AE0-A9A2-7691B9BC8CEE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{60766F7D-31A4-4E00-A82E-46A2B3DF6A8F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A33E248F-68AC-40F1-8A2B-3E497D21B203}] => (Allow) G:\My Documents\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{E9CFEB5A-A7D5-4E47-884A-A812815297F4}] => (Allow) G:\My Documents\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe
FirewallRules: [{FC64F3E0-365B-42D5-A24A-D73E254CA838}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{D0687B2A-3968-4F16-8E45-653DD9DE5ADB}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
FirewallRules: [{CF96C27C-BFAD-4F3A-A904-6A7E35ABBD79}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [TCP Query User{48A92C44-26F0-4BBC-8894-6422FF96EEF2}C:\users\power\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\power\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EA5F13D1-57B5-474A-B11B-F4791F38223B}C:\users\power\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\power\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BB898AFA-09D5-4AF5-8CB4-E9FF2EF4C841}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{A849F893-979F-489D-9036-A052E749298F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{1F872243-1BCB-4CFA-9B22-1A8448CBD00A}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{93B78F35-75CC-46B6-8ACD-7DCD2A98FEFB}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{EB695988-D6FE-4C65-A22E-AFFBF8BC9D98}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B87ADC89-DBCE-4555-AE47-53CEA264E663}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{11E9D185-7E1B-4E77-BBC2-64E716F01366}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{83B5A1E2-8D9F-482D-B0E0-B66D897FE829}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C3972BB9-FB8D-498E-A967-C21DE51758EE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{44FAEBAF-F70C-441A-B5CE-340269E606D5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{820D9BB1-E77B-4560-9CD5-1095A4FAFBC1}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
FirewallRules: [{E86ED6F6-0E48-4276-BEBB-C8B501E96325}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe
==================== Faulty Device Manager Devices =============
Name: STK7700D
Description: STK7700D
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service:
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart D7400 series
Description: Photosmart D7400 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/30/2015 01:34:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2015 01:30:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {b91d7f3a-209c-4dd2-ba0f-324a63ce381f}
Error: (07/30/2015 11:19:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2015 12:16:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9781e6b7-ae94-4c88-9241-7c424ec3210e}
Error: (07/29/2015 09:55:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {34b22933-743a-4ec3-8676-52549c58a96a}
Error: (07/29/2015 06:58:07 PM) (Source: TestWorker) (EventID: 1) (User: )
Description: TestWorkerFailed to send data to service: Norton PC Checkup Application Launcher
Error: (07/29/2015 06:40:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: power-PC)
Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off.
Error: (07/29/2015 06:40:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: power-PC)
Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on.
Error: (07/29/2015 06:39:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2015 06:36:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied.
.
System errors:
=============
Error: (07/30/2015 01:36:21 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: The LoadUserProfile call failed with the following error:
%%2
Error: (07/30/2015 01:34:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (07/30/2015 11:20:53 AM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: The LoadUserProfile call failed with the following error:
%%2
Error: (07/30/2015 11:19:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (07/30/2015 12:19:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: TOSHIBA - Other hardware - TOSHIBA USB DVB-T/Analog Hybrid Tuner.
Error: (07/30/2015 12:19:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8007066f: Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition.
Error: (07/29/2015 06:41:28 PM) (Source: Service Control Manager) (EventID: 7005) (User: )
Description: The LoadUserProfile call failed with the following error:
%%2
Error: (07/29/2015 06:39:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (07/29/2015 05:53:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053
Error: (07/29/2015 05:53:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Microsoft Office:
=========================
Error: (07/30/2015 01:34:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2015 01:30:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {b91d7f3a-209c-4dd2-ba0f-324a63ce381f}
Error: (07/30/2015 11:19:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/30/2015 12:16:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {9781e6b7-ae94-4c88-9241-7c424ec3210e}
Error: (07/29/2015 09:55:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-295868932-3461566431-2313640649-1004.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {34b22933-743a-4ec3-8676-52549c58a96a}
Error: (07/29/2015 06:58:07 PM) (Source: TestWorker) (EventID: 1) (User: )
Description: TestWorkerFailed to send data to service: Norton PC Checkup Application Launcher
Error: (07/29/2015 06:40:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: power-PC)
Description:
Error: (07/29/2015 06:40:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: power-PC)
Description:
Error: (07/29/2015 06:39:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/29/2015 06:36:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80070005, Access is denied.
==================== Memory info ===========================
Processor: Intel® Core i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8098.69 MB
Available physical RAM: 5084.86 MB
Total Virtual: 16195.59 MB
Available Virtual: 13060.79 MB
==================== Drives ================================
Drive c: (S3A9988D002) (Fixed) (Total:685.84 GB) (Free:285.03 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: E06EC09A)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=685.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=17)
==================== End of log ============================