Successfully deleted: C:\Users\owner\AppData\Local\{002604EF-F02C-4AF6-A39C-F66D26913E49} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{06B26296-9EDC-4595-AB1B-B0D5409593D0} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{0E12905A-6675-425F-B6ED-A4724C56FC9E} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{0E65C0BB-4C1D-453D-AC6C-13B80E9165CB} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{1DF17044-CD5C-465B-A2C3-F0D150E4B582} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{1E11A1F2-DEC1-4EDF-A542-41B2D66FB831} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{25965F5F-272E-4BB4-955F-923497562F44} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{319D147D-F0C2-4782-8187-5F5BA3EC9866} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{3BC1D298-A641-4901-8B3E-53F0A398C5FE} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{3EC55CF7-3215-4224-8748-D8BFE3D3DBC9} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{410C2EC0-623E-49B0-902C-CB58D357A634} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{43759237-40B5-40E5-9DB2-B5F7FC7AF8AC} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{491EDC4A-9CF2-410D-818B-3D6FDD0370B9} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{4C268005-A866-4050-8528-0F26B8687791} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{4EE433B7-2B37-4A66-A914-825E69A6A040} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{54052700-52A9-4072-B4A5-A862B3AE3AE4} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{55A59A45-2472-4AB8-BCD2-CE9E799CD408} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{55AA8427-7155-4B09-AB0F-D2E0DFE97DF7} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{60D55068-C9F4-4406-A05E-09EA4810D3E4} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{6BF1558D-CFC3-49C4-86D4-F52E140D8331} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{7C6EE3A7-8488-4BE6-AF51-026E5617E04D} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{7D593EA0-B012-44F5-ACD3-2E52152CF93E} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{7DA44356-DFFE-4B8F-8DFC-66A8B9B8BC83} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{871EF585-A181-4254-9DA2-A89C59E74130} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{8A9C708D-3D41-4F86-A485-DDF42A50528B} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{90991F56-156E-405D-B37A-8762BBBAD368} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{9EC095C0-86C1-4F1D-90AC-9C3221CD4EB3} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{A03FDCAD-F325-4AF4-AB0F-4E537041C259} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{A2D50D6E-DBBA-48EF-8C21-7E8B03FBFFCC} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{A4589BCE-5543-4D8A-AD9C-C89D07CD24D6} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{AA1275EB-0FFB-441D-B897-30C8E742670C} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{AE114603-7EC7-4DE3-BC2A-803D14FD4519} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{B296E7DD-BB6F-4313-8A94-C009E44643EB} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{B343CFB3-E25A-4C24-804E-B93E5CDBD977} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{B4FD4AFE-CBD5-416F-AE09-BFD749F8535C} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{B6482857-111A-444F-8AEA-D58F2ABF23B1} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{B77B1A5E-17FF-4857-9E13-B8A3635B0ABC} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{BA02BC7E-AC41-4590-8C38-73F9CBA66E3C} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{CBAA84AD-B16F-4711-A6E5-8590839905E3} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{CC254648-1C16-4E2C-8E25-901DA1EAE276} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{D4AD2F93-7EC8-4D39-82D2-D2BB75FAC478} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{D5CAC365-2078-4D76-883F-FA28375C36FA} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{DBC62AA5-ED06-4F83-98AF-C324971A333D} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{E195D192-F0D7-46EF-B715-99ADE1EFC426} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{F57F678C-C570-4215-92DF-C2460F6F09AA} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\{FE4F7C97-8798-4B70-8F74-16EBD77AE1A6} (Empty Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2CJJXEVK (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VLDAA0R (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TMZDH9T (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41C4VI62 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9SR0XCAP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJPSZX91 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DL0HD6EV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLOXZXTU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DP59LTE7 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM9FUYTO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EU5HUJYB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZMUDIQR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNLCRZ1G (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7GH8PYY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITE7088X (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KLDOV28W (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODQIPOXZ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1CCNHFU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWI8OGT8 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SC7XOUAS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SMXIZSTS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2NYPPJP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJX8XEB6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSXKXGHS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2CJJXEVK (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VLDAA0R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TMZDH9T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41C4VI62 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9SR0XCAP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DJPSZX91 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DL0HD6EV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DLOXZXTU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DP59LTE7 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EM9FUYTO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EU5HUJYB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EZMUDIQR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNLCRZ1G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H7GH8PYY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ITE7088X (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KLDOV28W (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ODQIPOXZ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P1CCNHFU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QWI8OGT8 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SC7XOUAS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SMXIZSTS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T2NYPPJP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJX8XEB6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSXKXGHS (Temporary Internet Files Folder)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by owner (administrator) on OWNER-PC (07-08-2016 13:51:40)
Running from C:\Users\owner\Downloads
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\ns.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\ns.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2581384 2010-08-31] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [273544 2011-05-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-10-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [935288 2009-09-04] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\...\MountPoints2: {bb84e21b-74b7-11e0-b18e-e81132228e8e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\buShell.dll [2016-06-09] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2015-03-21]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2015-03-21]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{03163D81-0449-469F-AE22-A5B5AB6D604B}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{A1D97E98-42C4-4BDF-8890-881896C147BD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A1D97E98-42C4-4BDF-8890-881896C147BD}: [DhcpNameServer] 192.168.254.254
Internet Explorer:
==================
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll => No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-09] (RealPlayer)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] ()
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\coIEPlg.dll [2016-05-31] (Symantec Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.647 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2011-05-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.647 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2011-05-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2011-05-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.647 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2011-05-09] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.647 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-05-09] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-13] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-13] (Veetle Inc)
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.2.17\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.2.17\coFFAddon [2016-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-01-31] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.0.2.17\coFFAddon
Chrome:
=======
CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-02]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\Exts\Chrome.crx [2016-06-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-05-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [408576 2010-08-31] (Red Bend Ltd.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-10-19] ()
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\NS.exe [289080 2016-06-17] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [911872 2010-09-01] (Intel® Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20160802.002\BHDrvx64.sys [1832176 2016-05-12] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1607000.04C\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156912 2016-05-04] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20160805.001\IDSvia64.sys [876760 2016-07-07] (Symantec Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-02-15] (Windows ® 2003 DDK 3790 provider)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1607000.04C\SRTSP64.SYS [773368 2016-07-20] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1607000.04C\SRTSPX64.SYS [48888 2016-06-02] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1607000.04C\SYMEFASI64.SYS [1627352 2016-06-02] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [101112 2016-06-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1607000.04C\Ironx64.SYS [291056 2016-06-02] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1607000.04C\SYMNETS.SYS [567536 2016-06-02] (Symantec Corporation)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\SDSDefs\20160621.009\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\SDSDefs\20160621.009\EX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-07 13:51 - 2016-08-07 13:52 - 00019258 _____ C:\Users\owner\Downloads\FRST.txt
2016-08-07 13:46 - 2016-08-07 13:51 - 00000000 ____D C:\FRST
2016-08-07 13:45 - 2016-08-07 13:45 - 02393600 _____ (Farbar) C:\Users\owner\Downloads\FRST64.exe
2016-08-07 13:45 - 2016-08-07 13:45 - 01743872 _____ (Farbar) C:\Users\owner\Downloads\FRST.exe
2016-08-07 13:38 - 2016-08-07 13:38 - 00013851 _____ C:\Users\owner\Desktop\JRT.txt
2016-08-07 13:30 - 2016-08-07 13:30 - 01610560 _____ (Malwarebytes) C:\Users\owner\Downloads\JRT.exe
2016-08-07 13:18 - 2016-08-07 13:18 - 00013351 _____ C:\Users\owner\Desktop\AdwCleaner - Shortcut.lnk
2016-08-07 13:16 - 2016-08-07 13:16 - 00037107 _____ C:\Users\owner\Desktop\AdwCleaner[C1].txt
2016-08-07 13:09 - 2016-08-07 13:12 - 00000000 ____D C:\AdwCleaner
2016-08-07 13:07 - 2016-08-07 13:08 - 03712064 _____ C:\Users\owner\Downloads\AdwCleaner.exe
2016-08-07 04:31 - 2016-08-07 04:31 - 03411640 _____ (Symantec Corporation) C:\Users\owner\Downloads\NPE (2).exe
2016-08-07 04:27 - 2016-08-07 04:27 - 03411640 _____ (Symantec Corporation) C:\Users\owner\Downloads\NPE (1).exe
2016-08-07 03:14 - 2016-08-07 04:19 - 904271872 _____ C:\Users\owner\Downloads\nbrt.iso
2016-08-07 02:57 - 2016-08-07 04:31 - 00264422 _____ C:\Windows\ntbtlog.txt
2016-08-07 02:52 - 2016-08-07 02:52 - 03411640 _____ (Symantec Corporation) C:\Users\owner\Downloads\NPE (4).exe
2016-08-07 00:25 - 2016-08-07 00:25 - 03411640 _____ (Symantec Corporation) C:\Users\owner\Downloads\NPE.exe
2016-08-06 11:32 - 2016-08-06 11:33 - 00037588 _____ C:\Users\owner\Downloads\acorde08.mid
2016-08-05 15:07 - 2016-08-05 15:07 - 00065328 _____ C:\Users\owner\Downloads\00000000000099798193_00000000400177043268.pdf
2016-08-05 07:04 - 2016-08-05 07:04 - 00372628 _____ C:\Users\owner\Downloads\Blessings Aug 4.sm (2).pdf
2016-08-05 07:04 - 2016-08-05 07:04 - 00372628 _____ C:\Users\owner\Downloads\Blessings Aug 4.sm (1).pdf
2016-08-05 07:03 - 2016-08-05 07:04 - 00372628 _____ C:\Users\owner\Downloads\Blessings Aug 4.sm.pdf
2016-08-01 13:00 - 2016-08-01 13:00 - 00504464 _____ C:\Users\owner\Downloads\Photos Mary Ellen Orr -Donald Orr.pdf
2016-07-30 22:48 - 2016-07-30 22:48 - 00291179 _____ C:\Users\owner\Downloads\Blessings July 28.sm (3).pdf
2016-07-30 22:48 - 2016-07-30 22:48 - 00291179 _____ C:\Users\owner\Downloads\Blessings July 28.sm (2).pdf
2016-07-30 22:48 - 2016-07-30 22:48 - 00291179 _____ C:\Users\owner\Downloads\Blessings July 28.sm (1).pdf
2016-07-28 23:20 - 2016-07-28 23:20 - 01613626 _____ C:\Users\owner\Downloads\image1.(null)
2016-07-23 16:50 - 2016-07-23 16:51 - 05951531 _____ C:\Users\owner\Downloads\SopCast.zip
2016-07-13 18:02 - 2016-07-13 18:02 - 00033221 _____ C:\Users\owner\Downloads\Ravi Salamon.PDF
2016-07-11 23:05 - 2016-07-11 23:20 - 75185857 _____ C:\Users\owner\Downloads\Grainne July 2016 (1).m4a
2016-07-11 23:04 - 2016-07-11 23:17 - 75185857 _____ C:\Users\owner\Downloads\Grainne July 2016.m4a
2016-07-11 16:16 - 2016-07-11 16:16 - 00218547 _____ C:\Users\owner\Downloads\Foto 13.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-07 13:51 - 2016-01-31 09:29 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-07 13:50 - 2011-04-16 14:05 - 00000000 ____D C:\Users\owner\AppData\Roaming\Skype
2016-08-07 13:41 - 2015-12-04 06:00 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-08-07 13:25 - 2009-07-14 01:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-07 13:25 - 2009-07-14 01:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-07 13:20 - 2011-07-17 01:36 - 00000000 ____D C:\Users\owner\Desktop\Hegel articles and books
2016-08-07 13:14 - 2016-01-31 09:29 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-07 13:14 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-07 13:03 - 2012-07-25 02:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-07 05:47 - 2012-09-11 10:30 - 00000000 ____D C:\Users\owner\AppData\Local\NPE
2016-08-07 04:27 - 2010-12-08 23:36 - 00000000 ____D C:\ProgramData\Norton
2016-08-07 04:19 - 2011-10-12 16:00 - 00000000 ____D C:\Users\Public\CyberLink
2016-08-07 02:58 - 2015-02-13 01:50 - 00000000 ____D C:\NPE
2016-08-03 06:55 - 2015-03-20 17:24 - 02156544 ___SH C:\Users\owner\Downloads\Thumbs.db
2016-07-29 06:53 - 2009-07-14 02:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-29 06:53 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-28 22:46 - 2016-01-31 09:29 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 22:46 - 2016-01-31 09:29 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 22:20 - 2015-04-04 00:03 - 00431616 ___SH C:\Users\owner\Documents\Thumbs.db
2016-07-24 22:42 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-23 13:12 - 2011-07-07 14:15 - 00000000 ____D C:\Users\owner\AppData\Local\Windows Live
2016-07-14 23:00 - 2012-07-25 02:52 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 23:00 - 2012-07-25 02:52 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 23:00 - 2011-10-18 10:20 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 22:58 - 2016-06-18 11:58 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-12 13:57 - 2011-10-18 10:03 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 13:57 - 2010-12-08 22:59 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-10 11:02 - 2009-07-14 02:08 - 00032648 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2011-04-16 14:08 - 2011-04-16 14:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-10-27 14:38 - 2013-10-27 14:38 - 0004970 _____ () C:\ProgramData\xgneqrwu.hrx
2010-12-08 23:06 - 2010-12-08 23:07 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-12-08 23:00 - 2010-12-08 23:01 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2010-12-08 23:03 - 2010-12-08 23:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-08 23:01 - 2010-12-08 23:03 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2010-12-08 23:04 - 2010-12-08 23:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Some files in TEMP:
====================
C:\Users\owner\AppData\Local\Temp\libeay32.dll
C:\Users\owner\AppData\Local\Temp\msvcr120.dll
C:\Users\owner\AppData\Local\Temp\SkypeSetup.exe
C:\Users\owner\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-16 10:48
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by owner (2016-08-07 13:52:34)
Running from C:\Users\owner\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-20 11:31:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1688672369-560665978-2355779204-500 - Administrator - Disabled)
Guest (S-1-5-21-1688672369-560665978-2355779204-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1688672369-560665978-2355779204-1002 - Limited - Enabled)
owner (S-1-5-21-1688672369-560665978-2355779204-1000 - Administrator - Enabled) => C:\Users\owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
„Messenger“ pagalbinė priemonė (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader 9.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A92000000001}) (Version: 9.2.0 - Adobe Systems Incorporated)
BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
Best Buy pc app (HKU\S-1-5-21-1688672369-560665978-2355779204-1000\...\48e4cff94f039634) (Version: 3.0.0.0 - Best Buy)
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.05 - NCH Software)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{FCF2085E-ABE5-4AA8-B07C-65BBD56DA243}) (Version: 4.4.6 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
ETDWare PS/2-X64 8.0.7.1_WHQL (HKLM\...\Elantech) (Version: 8.0.7.1 - ELAN Microelectronic Corp.)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.149 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{7D220A57-969F-4D09-9297-D48195A8ABDD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Product Improvement Study (HKLM\...\{860B418B-F90B-465A-BC1D-04B518045C72}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Wireless Display (HKLM-x32\...\{34F98478-05CB-4A3A-B6F4-DA529ED8FA57}) (Version: 1.3.9.0 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{6548B189-BEA4-4041-80E0-AEB60548E046}) (Version: 2.03.2000 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Pratilac (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 사이트 공유 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 浏览器插件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Security (HKLM-x32\...\NS) (Version: 22.7.0.76 - Symantec Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 12.0) (Version: - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.21.0 - Samsung Electronics Co., Ltd.)
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.8 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.21 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.1.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.1000 - SRS Labs, Inc.)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1688672369-560665978-2355779204-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\owner\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {078811F6-9D0A-4138-9AC5-F6BE859914FE} - System32\Tasks\{4C32912D-677E-4DE7-9EF9-4C0EB0F4F521} => Chrome.exe
Task: {09DEF735-61BA-4EC5-B0A1-3C76B19984AA} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-08-19] (Samsung Electronics Co., Ltd.)
Task: {1C0F6894-CA36-4D29-9BE0-4B1409FDD104} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {24FE869C-C8FF-42B8-8904-C3D8A1403B17} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {38A33F0D-1425-4CE4-BC79-882B2679C4FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {456CC32D-874C-41DC-8879-247C7DEA87CE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)
Task: {4599B47D-BCA3-459E-91DA-1C21919B8F7A} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-26] (Samsung Electronics)
Task: {4874F561-3F0C-4D82-B702-DCB6F98145C9} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-01] (Samsung Electronics. Co. Ltd.)
Task: {4A103370-7D7D-4064-BCCA-4E501EFB2E7B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-14] (Adobe Systems Incorporated)
Task: {4AA7604C-1492-4048-8066-94D4B5FD396F} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-11-23] (SAMSUNG Electronics)
Task: {4DBF7959-6EEE-4DA3-9F21-27013A78D6EB} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\SymErr.exe [2016-05-23] (Symantec Corporation)
Task: {4FD73600-E51B-4D86-AE3A-DE1F8CD94C56} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {633813FF-730F-43F9-B229-A66FC623561D} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\SymErr.exe [2016-05-23] (Symantec Corporation)
Task: {69D57BF3-20F9-4F35-82A8-F432416E7CC6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-29] (SRS Labs, Inc.)
Task: {787E014D-1887-43D5-9751-BD346190904B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1688672369-560665978-2355779204-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {7B6E5E9E-9C7C-45BB-BF5B-09DBDB21FD3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {7CD4871C-3D25-47C7-9992-81C617B5B5F0} - System32\Tasks\{4987CD19-ED78-4E72-A139-A05168BA820B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.108.259/en/abandoninstall?source=lightinstaller&page=tsDownload&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:offered-installed;madedefault
Task: {90489BF4-B39D-4AED-B65B-E861CB94257A} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {973DBCF1-BA4C-40CD-8185-FBFE398B2716} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {9B83498C-4813-4A91-A88D-77A021844A08} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\WSCStub.exe [2016-06-16] (Symantec Corporation)
Task: {B68AA854-B0CB-441A-8F98-9534C37F5009} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-31] (Google Inc.)
Task: {B7B5EDBF-B657-43C1-8C71-C64F4716FAF3} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-06-16] (Symantec Corporation)
Task: {D67B5332-5918-416C-9352-3C0E19D173C9} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {E34B28F8-5496-4249-9257-5A0F71F2B153} - System32\Tasks\{8F8AFA24-6968-4B0E-B881-DC59FF19FE89} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.3.0.108.259/en/abandoninstall?source=lightinstaller&page=tsInstall&installinfo=google-toolbar:notoffered;userdeclined,google-chrome:offered-installed;madedefault
Task: {E9AEB8AF-4CFE-4F11-BB9B-F59A61DC0BC2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1688672369-560665978-2355779204-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-03-29] (RealNetworks, Inc.)
Task: {F282ABE8-4A50-4C94-87AB-A6C374891AFE} - System32\Tasks\{C74E7A22-C0C5-484A-95D3-7F241230FF5F} => Chrome.exe
Task: {F3EE9D4A-0574-470B-8BF2-E7E8299608EA} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-05053A95\EPM.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\owner\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.html
==================== Loaded Modules (Whitelisted) ==============
2010-10-19 01:39 - 2010-10-19 01:39 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-12-08 23:28 - 2008-06-04 20:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2011-09-11 00:56 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-12-08 23:03 - 2009-12-01 04:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-08 23:29 - 2010-04-20 20:44 - 00719872 _____ () C:\Windows\system32\SnMinDrv.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 23:34 - 2009-06-10 18:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1688672369-560665978-2355779204-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D9F4930F-7904-4D65-A33A-BAFFE317C105}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{356E77B3-B88B-4BE5-B0BB-CE7837AB1E93}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6399838E-7692-4761-B399-CD1D2137826B}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{D7E61963-FA8F-45DA-8E73-650D2DC887B6}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{74692072-133F-4DD5-8990-565E9F07E56B}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{4F3AD9A8-B92D-497A-AD6B-3B8F7AFB48CF}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{19E74ECF-6E41-49EE-BBD9-ED7A54D4E907}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A247DFFB-4726-4862-B679-A9F373E986C9}] => (Allow) LPort=2869
FirewallRules: [{6C60537F-F519-47AD-BF55-471CE3B3BDC4}] => (Allow) LPort=1900
FirewallRules: [{5A88F2DE-DDB1-47C1-B825-41EE01FFDC5D}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7D07423A-D7A9-4C32-9D06-3D04FD0FB248}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4B63CBE7-C174-48D0-A03E-3D37DEBA63C6}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{31D0C7E6-8178-4515-B92B-CC6956532F3E}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{9CF142E5-D927-4FDB-82BA-4877A7C5FD70}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{6C778C21-83CF-4623-A916-9F26A8173D9E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{FCF1541B-5700-4E27-814E-1C890BF9B2C6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{26E5EA04-EE26-4EE6-A026-4C756431D42D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{F3A28B02-60BE-4C57-8521-3BA858961B8B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AB4DD7BA-ECFF-47A4-B8B6-066F64E9E9D6}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Allow) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{42B95E61-A2BF-408E-8EEF-0F2046FB5517}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Allow) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [{EC12289E-A7FF-453C-ADCE-11550C92F10A}] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [{AEA3102E-45DE-4135-89DF-07EEFEC3B88F}] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [TCP Query User{DB720C81-50FC-4DC4-8F27-F1E70437098E}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{5A010772-07AD-488B-B8D3-93125589342C}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{8F1ECAFF-3055-40F8-AC66-5A440B203C11}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{ECEA9E79-7CED-4370-838F-BCE87A7C9CF0}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{EF4CF6D0-6E3A-4F1C-8699-8C2D3471C508}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{A7060047-1407-4CAC-8793-248B740E0B17}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{E702949C-4E7A-4717-B185-8EDB7622C7C4}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{0E723EAD-DBAA-4E85-8928-D84671CC516C}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{2B489A3D-F684-416F-A7F1-E8AE4C049E75}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{E7A54E51-85CD-4C15-A246-D77ECDCDC7EF}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{C5DAA574-56BD-48F9-A6CF-95030573555C}C:\users\owner\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\owner\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [UDP Query User{5DC41FE8-9CA1-4366-8482-6C922CD5A877}C:\users\owner\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe] => (Allow) C:\users\owner\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe
FirewallRules: [{083FE9C9-E93A-44F4-AEE7-DBA67E8DE3CF}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{9D33D690-7F39-474E-AFBD-19323FFBC873}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{B1DF3851-F768-4534-9AEF-A2B106AD3DC9}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [{FB1C3512-2122-4DA8-94B4-931359141D82}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{50F2EC1D-D56D-41B0-973F-0585472E4E74}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{3F4A196D-9463-49CB-9290-80F1BCB8F6E8}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{88FBD7D4-BF13-4309-8731-25F06BD40702}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{D51A6A56-BBC8-444B-8F8E-E1863AE9F803}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [{AC2A438E-A8CC-4574-A928-445476509C05}] => (Allow) C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
FirewallRules: [{C26F9CC4-3DFF-4DA3-AE72-FED0BF46CF0F}] => (Allow) C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe
FirewallRules: [{B63EA479-CFC4-40BD-A421-B2996776BC1A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{24799159-03DF-490B-92DC-02F653FF5D8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{71AC3028-2168-4DF8-BD1B-8E2BFF28B5C6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{9BA4104C-2B27-4E8A-AB55-BE174C23DFC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{BD51045B-8276-475F-970C-4CD5D9425126}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{2052B935-7B7A-4276-AC8C-D74BCB441BE8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{A12E5495-3ECB-4DE1-9E7B-8F2D5EA46282}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{FD3FD9ED-BA1E-46E9-8F18-CAB110950FE0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{4867F77E-9B27-44ED-AE36-5A29D4548DD4}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{7F9605EB-F901-4ADE-8127-E83877FA0F9E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{22237674-4D9F-40E1-AE98-627758CA0A13}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{D7A8B3A2-409A-4259-8F00-355A135D6BDF}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{B0E2CD74-A375-4E03-A340-0C17B7063752}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{701BEF45-BCAE-427A-BCC3-63BC420938EB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{3E26DC3C-E364-477B-A345-FE582D2422F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
17-05-2016 20:14:38 Scheduled Checkpoint
27-05-2016 19:18:36 Scheduled Checkpoint
07-08-2016 02:25:46 Norton_Power_Eraser_20160807022536838
07-08-2016 13:32:28 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/07/2016 01:29:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NS.exe version 13.1.1.19 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1068
Start Time: 01d1f0c716f6cfd8
Termination Time: 240
Application Path: C:\Program Files (x86)\Norton Security\Engine\22.7.0.76\NS.exe
Report Id: f040a9af-5cbb-11e6-882f-e81132228e8e
Error: (06/28/2016 06:48:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: SHLWAPI.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c9ab
Exception code: 0xc0000005
Fault offset: 0x0000000000011c66
Faulting process id: 0x1360
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (06/28/2016 06:45:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x5315a05a
Exception code: 0xc0000008
Fault offset: 0x000000000000940d
Faulting process id: 0x6cc
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Error: (06/27/2016 10:29:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NS.exe, version: 13.1.1.19, time stamp: 0x573e3d6e
Faulting module name: NAHELPER.DLL, version: 6.6.0.45, time stamp: 0x57336585
Exception code: 0xc0000005
Fault offset: 0x0000382f
Faulting process id: 0x694
Faulting application start time: 0xNS.exe0
Faulting application path: NS.exe1
Faulting module path: NS.exe2
Report Id: NS.exe3
Error: (06/16/2016 10:54:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17183, time stamp: 0x546ebc2a
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ac72081
Exception code: 0xc000041d
Fault offset: 0x5c8293b2
Faulting process id: 0x145c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (06/16/2016 10:54:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17183, time stamp: 0x546ebc2a
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ac72081
Exception code: 0xc0000005
Fault offset: 0x5c8293b2
Faulting process id: 0x145c
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (06/09/2016 03:57:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ETDCtrl.exe version 8.2.0.4 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 9dc
Start Time: 01d1c16a19692fa3
Termination Time: 240
Application Path: C:\Program Files\Elantech\ETDCtrl.exe
Report Id: bf5181c1-2ddc-11e6-a37f-e81132228e8e
Error: (05/13/2016 11:58:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.17183, time stamp: 0x546ebc2a
Faulting module name: AcroRd32.dll_unloaded, version: 0.0.0.0, time stamp: 0x4ac72081
Exception code: 0xc0000005
Fault offset: 0x5b7693b2
Faulting process id: 0x1adc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Error: (05/08/2016 10:27:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 50.0.2661.94 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: f98
Start Time: 01d1a9735c59bcbf
Termination Time: 129
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id: 0d12cbac-1585-11e6-b86b-e81132228e8e
Error: (04/11/2016 09:52:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 49.0.2623.112 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 19e8
Start Time: 01d19455478faee8
Termination Time: 11
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id: a57cd44e-0048-11e6-8679-e81132228e8e
System errors:
=============
Error: (08/07/2016 01:13:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/07/2016 01:13:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/07/2016 01:13:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/07/2016 01:13:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\Windows\System32\IWMSSvc.dll
Error: (08/07/2016 01:12:55 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056 = An instance of the service is already running.
Error: (08/07/2016 01:12:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management & Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/07/2016 01:12:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (08/07/2016 01:12:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (08/07/2016 01:12:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).
Error: (08/07/2016 01:12:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 60%
Total physical RAM: 3892.56 MB
Available physical RAM: 1525.4 MB
Total Virtual: 7783.3 MB
Available Virtual: 4690.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:180 GB) (Free:120.86 GB) NTFS
Drive d: () (Fixed) (Total:268.5 GB) (Free:252.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: F6A2585C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=180 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=268.5 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=17.2 GB) - (Type=27)
==================== End of Addition.txt ============================