Jump to content

Does Malware get rid of every virus?


Recommended Posts

I had 14 different viruses that Malware picked up and quarantined them, i got malwar after this virus stopped my browser from coming up and i had to uninstall it google chrome, im using fire fox, it was the "fbi attention your browser has been blocked up", there was adware.whenu, trojan.bho, trojan.agent, trojan.vundo, and rogue.winantiv.. also adware.hotbar and adware.ibryte, so i unplugged my computer because of the virus wouldnt let me get away from the webpage, so i looked up the problem within 30 mins and i downloaded Malwarebytes and ran it, and it quarantined the 14 viruses that were checked, My computer seems fine now, so is my computer safe? and should i delete all in the quarantine? Also i have pup detections that are not checked, could a mojor virus be in one of them?

Link to post
Share on other sites

  • Replies 62
  • Created
  • Last Reply

Top Posters In This Topic

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
MBAM is one of the best on demand scanners out there, but no tool is 100% safe.
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Tina (administrator) on TINA-PC on 18-03-2014 10:32:04
Running from C:\Users\Tina\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMPANYVERS_NAME) C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe
() C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
(COMPANYVERS_NAME) C:\Program Files\DictionaryBoss\bar\1.bin\v4barsvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(VER_COMPANY_NAME) C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(VER_COMPANY_NAME) C:\Program Files\DictionaryBoss\bar\1.bin\v4brmon.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Users\Tina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe [583048 2007-11-28] (Symantec Corporation)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2007-05-23] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [updateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM\...\Run: [updateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [uCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM\...\Run: [LGODDFU] - C:\Program Files\lg_fwupdate\fwupdate.exe [557056 2012-02-10] (BitLeader)
HKLM\...\Run: [updatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Coupon Alert Search Scope Monitor] - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrchMn.exe [42536 2012-07-05] (MindSpark)
HKLM\...\Run: [CouponAlert_2p Browser Plugin Loader] - C:\Program Files\CouponAlert_2p\bar\1.bin\2pbrmon.exe [30096 2012-07-05] (VER_COMPANY_NAME)
HKLM\...\Run: [intelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [DictionaryBoss Search Scope Monitor] - C:\Program Files\DictionaryBoss\bar\1.bin\v4SrchMn.exe [42536 2012-10-02] (MindSpark)
HKLM\...\Run: [DictionaryBoss Browser Plugin Loader] - C:\Program Files\DictionaryBoss\bar\1.bin\v4brmon.exe [30096 2012-10-02] (VER_COMPANY_NAME)
HKLM\...\Run: [browserSafeguard] - "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe"
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-03-01] (soft thinks)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [Aim6] - [X]
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [skyDrive] - C:\Users\Tina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-33051458-4020872597-3727823883-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=ct3320132&octid=eb_original_ctid&searchsource=55&cui=&um=4&up=speb12cb89-8e67-4789-ab59-ffbb5874ab65&sspv=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
URLSearchHook: HKLM - Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.)
URLSearchHook: HKLM - XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
URLSearchHook: HKLM - WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
URLSearchHook: HKCU - AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL No File
URLSearchHook: HKCU - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
URLSearchHook: HKCU - Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.)
URLSearchHook: HKCU - XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
URLSearchHook: HKCU - WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (MindSpark)
URLSearchHook: HKCU - (No Name) - {e7472076-ff9d-4325-8eaf-613572008758} - C:\Program Files\DictionaryBoss\bar\1.bin\v4SrcAs.dll (MindSpark)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7
SearchScopes: HKLM - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70aaiminst
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3320132&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEB12CB89-8E67-4789-AB59-FFBB5874AB65&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3320132&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEB12CB89-8E67-4789-AB59-FFBB5874AB65&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL =
SearchScopes: HKCU - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL =
SearchScopes: HKCU - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL =
SearchScopes: HKCU - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKCU - {E2EF9873-81CC-4011-B84B-5EBED10BBD06} URL = http://www.mysearchresults.com/search?&c=2635&t=03&q={searchTerms}
SearchScopes: HKCU - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO: ALOT Toolbar Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} - C:\Program Files\alot\bin\alot.dll (Vertro)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Toolbar BHO - {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pbar.dll (MindSpark)
BHO: WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
BHO: Search Assistant BHO - {58376892-60e7-4f63-aca0-0f686af554d6} - C:\Program Files\DictionaryBoss\bar\1.bin\v4SrcAs.dll (MindSpark)
BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Search Assistant BHO - {60e91567-ef8a-4520-bce2-83aba5256799} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pSrcAs.dll (MindSpark)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Toolbar BHO - {6eb534fb-2001-45c4-b860-bc904865a379} - C:\Program Files\DictionaryBoss\bar\1.bin\v4bar.dll (MindSpark)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.)
BHO: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
BHO: No Name - {b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: WeCareReminder Class - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
Toolbar: HKLM - Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.)
Toolbar: HKLM - XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
Toolbar: HKLM - ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll (Vertro)
Toolbar: HKLM - WinZipBar Toolbar - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - C:\Program Files\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
Toolbar: HKLM - Coupon Alert - {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pbar.dll (MindSpark)
Toolbar: HKLM - No Name - !{b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No File
Toolbar: HKLM - DictionaryBoss - {3042df7a-e900-4389-9b94-923df0daa57e} - C:\Program Files\DictionaryBoss\bar\1.bin\v4bar.dll (MindSpark)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKCU - AIM Toolbar - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - Zynga Toolbar - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\prxtbZyn2.dll (Conduit Ltd.)
Toolbar: HKCU - XfireXO Toolbar - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - C:\Program Files\XfireXO\prxtbXfi0.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - WinZipBar Toolbar - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} - C:\Program Files\WinZipBar\prxtbWinZ.dll (Conduit Ltd.)
Toolbar: HKCU - Coupon Alert - {3462C343-BE19-4143-AF70-CEFB56F46FC6} - C:\Program Files\CouponAlert_2p\bar\1.bin\2pbar.dll (MindSpark)
Toolbar: HKCU - DictionaryBoss - {3042DF7A-E900-4389-9B94-923DF0DAA57E} - C:\Program Files\DictionaryBoss\bar\1.bin\v4bar.dll (MindSpark)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://www.cvsphoto.com/upload/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF ProfilePath: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default
FF DefaultSearchEngine: BrowseToolE0170 Customized Web Search
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Conduit Search


FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @CouponAlert_2p.com/Plugin - C:\Program Files\CouponAlert_2p\bar\1.bin\NP2pStub.dll (MindSpark)
FF Plugin: @DictionaryBoss.com/Plugin - C:\Program Files\DictionaryBoss\bar\1.bin\NPv4Stub.dll (MindSpark)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll (MyWebSearch.com)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\aim-search.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\MySpace.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\search-here.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\SafeSearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF Extension: Coupon Alert - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\2pffxtbr@CouponAlert_2p.com [2012-07-05]
FF Extension: DictionaryBoss - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\v4ffxtbr@DictionaryBoss.com [2012-10-27]
FF Extension: We-Care App - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\wecarereminder@bryan [2014-02-15]
FF Extension: WinZipBar  - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} [2014-03-17]
FF Extension: BrowseToolE0170  - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2014-03-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-03-04]
FF Extension: AOL Messaging Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2014-02-15]
FF Extension: Default Tab - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\addon@defaulttab.com.xpi [2012-08-29]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-10-15]
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2012-12-08]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [2pffxtbr@CouponAlert_2p.com] - C:\Program Files\CouponAlert_2p\bar\1.bin
FF Extension: Coupon Alert - C:\Program Files\CouponAlert_2p\bar\1.bin [2012-07-05]
FF HKLM\...\Firefox\Extensions: [v4ffxtbr@DictionaryBoss.com] - C:\Program Files\DictionaryBoss\bar\1.bin
FF Extension: DictionaryBoss - C:\Program Files\DictionaryBoss\bar\1.bin [2012-10-02]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-14]

========================== Services (Whitelisted) =================

R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 CouponAlert_2pService; C:\Program Files\CouponAlert_2p\bar\1.bin\2pbarsvc.exe [42504 2012-07-05] (COMPANYVERS_NAME)
R2 DefaultTabUpdate; C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2012-08-29] ()
R2 DictionaryBossService; C:\Program Files\DictionaryBoss\bar\1.bin\v4barsvc.exe [42504 2012-10-02] (COMPANYVERS_NAME)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-08-04] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe [583048 2007-11-28] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MyWebSearchService; C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE [28762 2008-08-20] (MyWebSearch.com)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [167936 2009-06-19] (OLYMPUS IMAGING CORP.)
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2013-12-17] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140317.001\IDSvix86.sys [395992 2014-03-06] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-03-18] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140317.004\NAVENG.SYS [93272 2014-03-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140317.004\NAVEX15.SYS [1612376 2014-03-02] (Symantec Corporation)
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows ® Codename Longhorn DDK provider)
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-25] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVRS; system32\DRIVERS\lvrs.sys [X]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 10:32 - 2014-03-18 10:35 - 00034969 _____ () C:\Users\Tina\Downloads\FRST.txt
2014-03-18 10:27 - 2014-03-18 10:27 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-18 10:26 - 2014-03-18 10:32 - 00000000 ____D () C:\FRST
2014-03-18 10:23 - 2014-03-18 10:23 - 01145856 _____ (Farbar) C:\Users\Tina\Downloads\FRST.exe
2014-03-17 15:58 - 2014-03-17 21:08 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 15:58 - 2014-03-17 15:58 - 00000908 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 15:58 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 15:57 - 2014-03-17 15:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tina\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:14 - 2014-02-23 01:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:14 - 2014-02-23 01:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:14 - 2014-02-23 01:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:14 - 2014-02-23 01:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:14 - 2014-02-23 01:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:14 - 2014-02-23 01:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 17:14 - 2014-02-23 01:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-12 17:14 - 2014-02-23 01:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 17:14 - 2014-02-23 01:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-12 17:14 - 2014-02-23 01:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:14 - 2014-02-23 01:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-12 17:14 - 2014-02-23 01:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 09:23 - 2014-02-07 06:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 09:23 - 2014-02-03 06:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 09:23 - 2014-01-30 03:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 09:23 - 2013-11-12 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-06 18:26 - 2014-03-06 15:37 - 00000513 _____ () C:\Users\Tina\Desktop\style2.css
2014-03-06 18:26 - 2014-03-04 15:52 - 00001976 _____ () C:\Users\Tina\Desktop\Register.html
2014-03-06 18:26 - 2014-02-27 15:25 - 00001151 _____ () C:\Users\Tina\Desktop\Aboutme.html
2014-03-06 18:26 - 2014-02-25 14:48 - 00000249 _____ () C:\Users\Tina\Desktop\style.css
2014-03-06 18:26 - 2013-08-26 15:42 - 02381824 _____ () C:\Users\Tina\Desktop\VisualLogic-Course-2.2.7.exe
2014-02-28 22:49 - 2014-02-28 22:49 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 22:47 - 2014-02-28 22:49 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-28 22:47 - 2014-02-28 22:49 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 22:47 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 22:32 - 2014-02-28 22:32 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-27 12:23 - 2014-02-27 12:23 - 00001127 _____ () C:\Users\Tina\Desktop\Watchtower Library 2013 - English.lnk
2014-02-25 19:14 - 2014-02-25 19:15 - 00000000 ____D () C:\Users\Tina\Desktop\FileZillaPortable
2014-02-25 19:14 - 2014-02-25 19:14 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf (1).exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2 (1).exe
2014-02-25 18:53 - 2014-02-25 19:03 - 00000000 ____D () C:\Users\Tina\Downloads\FileZillaPortable
2014-02-25 18:51 - 2014-02-25 18:51 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf.exe
2014-02-25 17:02 - 2014-02-25 17:02 - 00014394 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2014-02-20 19:03 - 2014-02-20 19:04 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000862 _____ () C:\Users\Tina\Desktop\Notepad++.lnk
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-20 19:00 - 2014-02-20 19:00 - 07564908 _____ () C:\Users\Tina\Downloads\npp.6.5.4.Installer.exe
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\Tina\AppData\Local\BrowserSafeguard
2014-02-20 18:43 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Tina\Documents\Optimizer Pro
2014-02-20 18:37 - 2014-02-20 18:44 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-20 18:33 - 2014-02-20 18:33 - 00553768 _____ (Fusion Install ) C:\Users\Tina\Downloads\Setup.exe
2014-02-19 17:47 - 2014-02-19 17:47 - 00001948 _____ () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

==================== One Month Modified Files and Folders =======

2014-03-18 10:35 - 2014-03-18 10:32 - 00034969 _____ () C:\Users\Tina\Downloads\FRST.txt
2014-03-18 10:35 - 2008-06-15 16:05 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{4E3FEFA2-BC6F-482D-A699-C651896162B4}.job
2014-03-18 10:32 - 2014-03-18 10:26 - 00000000 ____D () C:\FRST
2014-03-18 10:32 - 2012-12-08 18:38 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 10:27 - 2014-03-18 10:27 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-03-18 10:23 - 2014-03-18 10:23 - 01145856 _____ (Farbar) C:\Users\Tina\Downloads\FRST.exe
2014-03-18 10:22 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 10:22 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 10:20 - 2008-06-15 09:15 - 00000632 __RSH () C:\Users\Tina\ntuser.pol
2014-03-18 10:20 - 2007-05-30 23:11 - 00000000 ____D () C:\Users\Tina
2014-03-18 10:19 - 2006-11-02 08:52 - 01913913 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 10:15 - 2014-02-12 19:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 10:06 - 2012-09-04 18:15 - 00000000 ___RD () C:\Users\Tina\SkyDrive
2014-03-18 10:04 - 2009-07-20 22:33 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 10:04 - 2007-05-23 00:59 - 00000000 ____D () C:\Windows\SMINST
2014-03-18 10:03 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-17 22:49 - 2006-11-02 09:01 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-17 22:02 - 2010-06-08 15:15 - 00000000 ____D () C:\Users\Tina\AppData\Local\CrashDumps
2014-03-17 21:08 - 2014-03-17 15:58 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 19:55 - 2009-07-20 22:33 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 16:29 - 2014-02-04 12:12 - 00003954 _____ () C:\Windows\PFRO.log
2014-03-17 15:58 - 2014-03-17 15:58 - 00000908 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tina\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 15:29 - 2007-11-07 17:11 - 00000000 ____D () C:\Users\Tina\AppData\Local\Google
2014-03-17 15:29 - 2007-11-07 17:11 - 00000000 ____D () C:\Program Files\Google
2014-03-17 15:26 - 2007-05-30 23:21 - 00133464 _____ () C:\Users\Tina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-17 15:13 - 2006-11-02 08:47 - 00458136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 14:54 - 2010-05-26 11:59 - 00000000 ____D () C:\Users\Tina\Documents\New Folder (2)
2014-03-17 12:50 - 2009-07-20 22:33 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-03-17 12:21 - 2007-05-23 00:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 12:18 - 2007-06-02 18:35 - 00002627 _____ () C:\Users\Tina\Desktop\Microsoft Office Word 2007.lnk
2014-03-16 20:34 - 2013-09-06 18:31 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\.minecraft
2014-03-12 18:03 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-03-12 17:44 - 2010-08-08 16:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 12:46 - 2012-09-04 18:46 - 00002469 _____ () C:\Users\Tina\Desktop\Launch SNAP Player (2).lnk
2014-03-12 11:02 - 2006-11-02 06:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 10:15 - 2012-05-08 15:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 10:15 - 2011-08-20 08:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-06 15:37 - 2014-03-06 18:26 - 00000513 _____ () C:\Users\Tina\Desktop\style2.css
2014-03-04 15:52 - 2014-03-06 18:26 - 00001976 _____ () C:\Users\Tina\Desktop\Register.html
2014-02-28 22:49 - 2014-02-28 22:49 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 22:49 - 2014-02-28 22:47 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-28 22:49 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 22:47 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 22:47 - 2007-07-16 15:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-28 22:32 - 2014-02-28 22:32 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-27 15:25 - 2014-03-06 18:26 - 00001151 _____ () C:\Users\Tina\Desktop\Aboutme.html
2014-02-27 12:23 - 2014-02-27 12:23 - 00001127 _____ () C:\Users\Tina\Desktop\Watchtower Library 2013 - English.lnk
2014-02-27 12:23 - 2007-06-01 18:41 - 00000000 ____D () C:\Program Files\Watchtower
2014-02-26 20:14 - 2012-09-29 16:19 - 00000000 ____D () C:\Program Files\Microsoft IntelliPoint
2014-02-25 19:15 - 2014-02-25 19:14 - 00000000 ____D () C:\Users\Tina\Desktop\FileZillaPortable
2014-02-25 19:14 - 2014-02-25 19:14 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf (1).exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2 (1).exe
2014-02-25 19:03 - 2014-02-25 18:53 - 00000000 ____D () C:\Users\Tina\Downloads\FileZillaPortable
2014-02-25 18:51 - 2014-02-25 18:51 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf.exe
2014-02-25 17:10 - 2013-11-03 19:21 - 00000000 ____D () C:\Users\Tina\.gimp-2.8
2014-02-25 17:02 - 2014-02-25 17:02 - 00014394 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2014-02-25 17:02 - 2013-11-03 19:24 - 00000000 ____D () C:\Users\Tina\AppData\Local\gtk-2.0
2014-02-25 14:48 - 2014-03-06 18:26 - 00000249 _____ () C:\Users\Tina\Desktop\style.css
2014-02-23 01:50 - 2014-03-12 17:14 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 01:47 - 2014-03-12 17:14 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 01:43 - 2014-03-12 17:14 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 01:41 - 2014-03-12 17:14 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 01:40 - 2014-03-12 17:14 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 01:39 - 2014-03-12 17:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 01:38 - 2014-03-12 17:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 01:38 - 2014-03-12 17:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 01:38 - 2014-03-12 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 01:36 - 2014-03-12 17:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 01:36 - 2014-03-12 17:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 01:35 - 2014-03-12 17:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 19:04 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000862 _____ () C:\Users\Tina\Desktop\Notepad++.lnk
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-20 19:00 - 2014-02-20 19:00 - 07564908 _____ () C:\Users\Tina\Downloads\npp.6.5.4.Installer.exe
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\Tina\AppData\Local\BrowserSafeguard
2014-02-20 18:45 - 2014-02-20 18:43 - 00000000 ____D () C:\Users\Tina\Documents\Optimizer Pro
2014-02-20 18:44 - 2014-02-20 18:37 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-20 18:33 - 2014-02-20 18:33 - 00553768 _____ (Fusion Install ) C:\Users\Tina\Downloads\Setup.exe
2014-02-19 17:47 - 2014-02-19 17:47 - 00001948 _____ () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

Files to move or delete:
====================
C:\ProgramData\PKP_DLec.DAT
C:\Users\Tina\jagex_runescape_preferences.dat
C:\Users\Tina\jagex_runescape_preferences2.dat
C:\Users\Tina\jagex__preferences3.dat


Some content of TEMP:
====================
C:\Users\justin\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\justin\AppData\Local\Temp\symlcsv1.exe
C:\Users\justin\AppData\Local\Temp\usl2gncy.dll
C:\Users\Tina\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Tina\AppData\Local\Temp\dlLogic.exe
C:\Users\Tina\AppData\Local\Temp\GCVerifier.dll
C:\Users\Tina\AppData\Local\Temp\nsj54CF.exe
C:\Users\Tina\AppData\Local\Temp\nso704C.exe
C:\Users\Tina\AppData\Local\Temp\nst6A52.exe
C:\Users\Tina\AppData\Local\Temp\nstF6CD.exe
C:\Users\Tina\AppData\Local\Temp\nsy636E.exe
C:\Users\Tina\AppData\Local\Temp\nsz235.exe
C:\Users\Tina\AppData\Local\Temp\nszFC6A.exe
C:\Users\Tina\AppData\Local\Temp\spstub.exe
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite71864.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite79216.dll
C:\Users\Tina\AppData\Local\Temp\verifier.exe
C:\Users\Tina\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-18 10:11

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Tina at 2014-03-18 10:35:49
Running from C:\Users\Tina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
7-Zip (HKLM\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
AIM 6 (HKLM\...\AIM_6) (Version:  - )
AIM Toolbar (HKLM\...\AIM Toolbar) (Version:  - )
ALOT Toolbar (HKLM\...\alotToolbar) (Version:  - ALOT)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version:  - ArcSoft)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.0 - )
B1 Free Archiver (HKLM\...\B1FreeArchiver) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (remove only) (HKLM\...\CCleaner) (Version:  - Piriform)
Certblaster CompTIA Network+ (2009 Edition)  (HKLM\...\{AFE68D65-01D4-4B1A-902D-2660BC0C503F}) (Version: 5.0.0 - dti Publishing)
CouponAlert Toolbar (HKLM\...\CouponAlert_2pbar Uninstall) (Version:  - Mindspark Interactive Network) <==== ATTENTION
Cucusoft DVD to iPod + iPod Video Converter Suite 8.8.8.8 (HKLM\...\Cucusoft DVD to iPod + iPod Video Converter Suite_is1) (Version:  - Cucusoft, Inc.)
DefaultTab (HKLM\...\DefaultTab) (Version: 1.2.8.0 - Search Results, LLC) <==== ATTENTION
DefaultTab Chrome (HKLM\...\DefaultTab Chrome) (Version: 1.1.14 - Search Results, LLC) <==== ATTENTION
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
DictionaryBoss Toolbar (HKLM\...\DictionaryBossbar Uninstall) (Version:  - Mindspark Interactive Network)
DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 5.2.1 - DivXNetworks, Inc.)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
Elevated Installer (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Fireburst (HKLM\...\Steam App 207190) (Version:  - )
Garmin Communicator Plugin (HKLM\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{6f60b921-2ae3-43fe-a6fb-ad849bd91451}) (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4424.15 - PC-Doctor, Inc.)
Horizon v2.7.2.2 (HKLM\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.2.2 - Daring Development Inc.)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 1.00.0000 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Easy Setup - Core (HKLM\...\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.00.0000 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Total Care Advisor (HKLM\...\{CBFEEA43-2B94-44AF-8325-B413E62D2A5D}) (Version: 1.0.95 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HPSSupply (Version: 100.0.172.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 11 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)
Java Auto Updater (Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
LG CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink LabelPrint (Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink Power2Go (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (HKLM\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG CyberLink YouCam (Version: 2.0.3304a - CyberLink Corp.) Hidden
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 9.01.1124.01 - )
LG Power Tools (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG Power Tools (Version: 6.0.3316 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.1.232 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.4.1.238 - Symantec Corporation) Hidden
LiveUpdate Notice (Symantec Corporation) (HKLM\...\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}) (Version: 1.4.5 - Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaPlayerLite 0.3 (HKLM\...\MediaPlayerLite) (Version: 0.3 - Amnis Technology Ltd)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{D9DA2981-3298-4F1A-9192-F2CF5BD91145}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 17.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 5.0 (HKLM\...\{77CA976C-403C-47E2-940B-733ECAB6F62B}) (Version: 5.00.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hpdesktop Master Uninstall) (Version: HPCMPQ1601 - WildTangent)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Norton Internet Security (HKLM\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Olympus Sonority (HKLM\...\{2756AD56-3691-4C76-A54F-8A8061620570}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
Open Book HVAC Certifications 4.2.00 (HKLM\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
Prerequisites for SSDT  (HKLM\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
QQ Bubble Arena (HKLM\...\QQ Bubble Arena) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.559 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SavetheChildren Reminder by We-Care.com v4.1.18.4 (HKLM\...\{B618B8E1-FB71-4237-8361-C3EA3EF15EF7}) (Version: 4.1.18.4 - We-Care.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SnapPlayer (HKLM\...\{FF7991D3-7C6D-4C87-A541-545198F52E7D}) (Version: 1.0.4497.25196 - EMCP)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
Update for  (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Watchtower Library 2013 - English (HKLM\...\{004E8ED2-315C-4473-A934-032D5D7B3A02}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows Software Development Kit (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
WinZipBar Toolbar (HKLM\...\WinZipBar Toolbar) (Version: 6.8.9.0 - WinZipBar)
Wondershare Data Recovery(Build 3.0.2.2) (HKLM\...\Wondershare Data Recovery_is1) (Version: 3.0.2.2 - Wondershare Software Co.,Ltd.)
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
XfireXO Toolbar (HKLM\...\XfireXO Toolbar) (Version: 6.8.5.1 - XfireXO)
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
Zynga Toolbar (HKLM\...\Zynga Toolbar) (Version: 6.3.6.2 - Zynga)

==================== Restore Points  =========================

19-11-2013 19:55:10 Windows Update
11-12-2013 22:01:05 Windows Update
20-12-2013 00:43:01 Scheduled Checkpoint
26-12-2013 18:22:42 Windows Update
15-01-2014 22:01:14 Windows Update
25-01-2014 03:19:03 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
25-01-2014 03:20:08 Device Driver Package Install: Apple Network adapters
31-01-2014 20:04:04 Device Driver Package Install: Hewlett-Packard Printers
01-02-2014 01:05:56 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
01-02-2014 01:07:37 Device Driver Package Install: Apple Network adapters
01-02-2014 02:00:53 Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
01-02-2014 02:03:20 Device Driver Package Install: HP Printers
01-02-2014 02:05:16 Device Driver Package Install: Hewlett-Packard Imaging devices
01-02-2014 02:33:12 Installed 32 Bit HP CIO Components Installer
08-02-2014 02:51:04 Removed iTunes
08-02-2014 03:26:21 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
08-02-2014 03:28:34 Device Driver Package Install: Apple Network adapters
08-02-2014 03:31:45 Installed iTunes
11-02-2014 19:08:54 Scheduled Checkpoint
12-02-2014 22:01:02 Windows Update
12-03-2014 21:02:16 Windows Update

==================== Hosts content: ==========================

2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03BA0634-C498-482C-B93A-4AF91C9832D3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {0974C259-D079-4388-A669-1D700697E1E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0BF03213-588B-4228-B322-650A01E0B476} - System32\Tasks\DTReg => C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe [2014-02-05] (Search Results, LLC) <==== ATTENTION
Task: {0C09C457-ADD4-49B5-833A-C5C1CEF4BE85} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {0C4B2DA0-30A7-4569-B29B-D30B5E55CB1D} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1014EF88-70E0-4D14-BC97-757A819DF80B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4C499FFC-2ECB-4C0E-8308-BD294BE2D0BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20] (Google Inc.)
Task: {791207F5-2788-4C70-A3FF-55A7633EADA6} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-12] (Google)
Task: {924DC59F-56AA-4EAE-9ECE-97C137CA0668} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D39FFB9B-5C3D-4F87-A25B-A4F4CD0CA5D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EADB90F7-65D6-41FE-BB35-A0AE5864595B} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {F634D83A-9AAB-45F4-B939-D641FEE1E53E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Tina => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{4E3FEFA2-BC6F-482D-A699-C651896162B4}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-29 18:35 - 2012-08-29 18:35 - 00107520 _____ () C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2012-12-08 18:38 - 2012-12-08 18:38 - 02397152 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Automatic LiveUpdate Scheduler => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: ccEvtMgr => 2
MSCONFIG\Services: ccSetMgr => 2
MSCONFIG\Services: CLTNetCnService => 2
MSCONFIG\Services: comHost => 3
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LiveUpdate => 3
MSCONFIG\Services: LiveUpdate Notice => 2
MSCONFIG\Services: LVCOMSer => 2
MSCONFIG\Services: LVPrcSrv => 2
MSCONFIG\Services: LVSrvLauncher => 2
MSCONFIG\Services: MyWebSearchService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RoxMediaDB9 => 3
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: Symantec Core LC => 3
MSCONFIG\Services: Viewpoint Manager Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk => C:\Windows\pss\NkbMonitor.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StupAssist.lnk => C:\Windows\pss\StupAssist.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: DW7 => "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSCONFIG\startupreg: MyWebSearch Plugin => rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: OsdMaestro => "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: WPCUMI => C:\Windows\system32\WpcUmi.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter #7
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2014 10:01:31 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.75.0.1, time stamp 0x511f8eb2, faulting module gdiplus.dll_unloaded, version 0.0.0.0, time stamp 0x515ba857, exception code 0xc0000005, fault offset 0x741e74b2,
process id 0x1620, application start time 0xmbam.exe0.

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.   (0x80070490)

Error: (03/17/2014 03:20:55 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:20:55 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    0x%08x (0xc0041800 - The content index cannot be read.  )

Error: (03/17/2014 03:20:54 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:20:54 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot open the Jet property store.


Details:
    The content index cannot be read.   (0xc0041800)

Error: (03/17/2014 03:20:47 PM) (Source: ESENT) (User: )
Description: Windows (2236) Windows: Database recovery/restore failed with unexpected error -566.

Error: (03/17/2014 03:20:41 PM) (Source: ESENT) (User: )
Description: Windows (2236) Windows: Database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Page 2390 (0x00000956) failed verification due to a timestamp mismatch.  The expected timestamp was 0x15369aa but the actual timestamp on the page was 0x1534e54.  Recovery/restore will fail with error -566.  If this condition persists then please restore the database from a previous backup. This problem is likely due to faulty hardware "losing" one or more flushes on this page sometime in the past. Please contact your hardware vendor for further assistance diagnosing the problem.


System errors:
=============
Error: (03/18/2014 10:05:35 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (03/18/2014 10:05:35 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (03/18/2014 10:05:17 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/17/2014 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (03/17/2014 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (03/17/2014 04:31:00 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/17/2014 03:21:41 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service

Error: (03/17/2014 03:21:41 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (03/17/2014 03:20:20 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/17/2014 03:17:44 PM) (Source: Service Control Manager) (User: )
Description: Network List ServiceNetwork Location Awareness%%1068


Microsoft Office Sessions:
=========================
Error: (03/12/2014 02:33:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16674 seconds with 3660 seconds of active time.  This session ended with a crash.

Error: (03/12/2014 09:55:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1519 seconds with 1080 seconds of active time.  This session ended with a crash.

Error: (03/04/2014 11:30:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15005 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (02/21/2014 09:47:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1257 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/05/2014 00:42:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 431 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:16:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 165 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:13:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 128 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:11:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 228 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/02/2014 00:04:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 401 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (12/04/2013 06:54:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 616 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-03-18 10:34:58.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:57.680
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:56.916
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:56.136
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:46.620
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:45.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:45.044
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:44.186
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-17 21:19:01.458
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-17 21:19:00.707
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 81%
Total physical RAM: 1917.82 MB
Available physical RAM: 353.56 MB
Total Pagefile: 4086.16 MB
Available Pagefile: 2294.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.92 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:365.29 GB) (Free:184.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:7.32 GB) (Free:0.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 373 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=365 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

AIM Toolbar
ALOT Toolbar
AutoUpdate
CouponAlert Toolbar
DefaultTab
DefaultTab Chrome
DictionaryBoss Toolbar
Download Updater
SavetheChildren Reminder by We-Care.com
WinZipBar Toolbar
XfireXO Toolbar
Yahoo! Toolbar
Zynga Toolbar



Close the window.

 

 

 

When finished, create and post new logs with FRST.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014  01
Ran by Tina (administrator) on TINA-PC on 18-03-2014 17:25:57
Running from C:\Users\Tina\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Viewpoint Corporation) C:\Program Files\Viewpoint\Common\ViewpointService.exe
(Symantec Corporation) C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(CyberLink) C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Users\Tina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(OLYMPUS IMAGING CORP.) C:\Program Files\OLYMPUS\DeviceDetector\DeviceDetector4.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [symantec PIF AlertEng] - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe [583048 2007-11-28] (Symantec Corporation)
HKLM\...\Run: [AppleSyncNotifier] - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2007-05-23] (RealNetworks, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [updateLBPShortCut] - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [CLMLServer] - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM\...\Run: [updateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [uCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM\...\Run: [LGODDFU] - C:\Program Files\lg_fwupdate\fwupdate.exe [557056 2012-02-10] (BitLeader)
HKLM\...\Run: [updatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2010-04-20] (CyberLink Corp.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [intelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [browserSafeguard] - "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe"
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-03-01] (soft thinks)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [Aim6] - [X]
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [LightScribe Control Panel] - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-08-16] (Hewlett-Packard Company)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [skyDrive] - C:\Users\Tina\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [GarminExpressTrayApp] - C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1095000 2013-11-08] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-33051458-4020872597-3727823883-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\justin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-33051458-4020872597-3727823883-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=ct3320132&octid=eb_original_ctid&searchsource=55&cui=&um=4&up=speb12cb89-8e67-4789-ab59-ffbb5874ab65&sspv=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - (No Name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} -  No File
URLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL No File
URLSearchHook: HKCU - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} -  No File
URLSearchHook: HKCU - (No Name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&query={searchTerms}&invocationType=tb50trie7
SearchScopes: HKLM - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt
SearchScopes: HKLM - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70aaiminst
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157
SearchScopes: HKLM - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3320132&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEB12CB89-8E67-4789-AB59-FFBB5874AB65&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?ctid=CT3320132&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPEB12CB89-8E67-4789-AB59-FFBB5874AB65&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL =
SearchScopes: HKCU - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL =
SearchScopes: HKCU - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL =
SearchScopes: HKCU - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL =
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantastigames.com/web?src=ieb&appid=0&systemid=453&sr=0&q={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
SearchScopes: HKCU - {E2EF9873-81CC-4011-B84B-5EBED10BBD06} URL = http://www.mysearchresults.com/search?&c=2635&t=03&q={searchTerms}
SearchScopes: HKCU - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7
BHO: No Name - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -  No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll (Google Inc.)
BHO: No Name - {b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - !{b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} -  No File
Toolbar: HKCU - No Name - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab
DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {A1662FB6-39BE-41BB-ACDC-0448FB1B5817} http://www.cvsphoto.com/upload/activex/v3_0_0_5/PhotoCenter_ActiveX_Control.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF ProfilePath: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Conduit Search


FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll (MyWebSearch.com)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npViewpoint.dll ()
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\aim-search.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\MySpace.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\Search_Results.xml
FF Extension: We-Care App - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\wecarereminder@bryan [2014-02-15]
FF Extension: WinZipBar  - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} [2014-03-17]
FF Extension: BrowseToolE0170  - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2014-03-17]
FF Extension: Yahoo! Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-03-04]
FF Extension: AOL Messaging Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2014-02-15]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-10-15]
FF Extension: Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2014-03-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-12-14]

========================== Services (Whitelisted) =================

R2 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [238968 2008-02-09] (Symantec Corporation)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-11-08] (Garmin Ltd or its subsidiaries)
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3220856 2008-08-04] (Symantec Corporation)
R2 LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifSvc.exe [583048 2007-11-28] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S4 MyWebSearchService; C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE [28762 2008-08-20] (MyWebSearch.com)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [167936 2009-06-19] (OLYMPUS IMAGING CORP.)
R2 Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [24652 2007-01-04] (Viewpoint Corporation)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2013-12-17] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-11-21] (Symantec Corporation)
S3 HPZid412; C:\Windows\System32\DRIVERS\HPZid412.sys [49664 2006-04-12] (HP)
S3 HPZius12; C:\Windows\System32\DRIVERS\HPZius12.sys [21568 2006-04-12] (HP)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140317.001\IDSvix86.sys [395992 2014-03-06] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\NAVENG.SYS [93272 2014-03-18] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\NAVEX15.SYS [1612376 2014-03-18] (Symantec Corporation)
S3 rcmirror; C:\Windows\System32\DRIVERS\rcmirror.sys [3328 2008-10-08] (Windows ® Codename Longhorn DDK provider)
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1501000.012\SYMEFA.SYS [935512 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2013-12-13] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1501000.012\SYMTDIV.SYS [383576 2013-09-25] (Symantec Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVRS; system32\DRIVERS\lvrs.sys [X]
S3 LVUSBSta; system32\drivers\LVUSBSta.sys [X]
S3 LVUVC; system32\DRIVERS\lvuvc.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 17:25 - 2014-03-18 17:28 - 00027728 _____ () C:\Users\Tina\Desktop\FRST.txt
2014-03-18 15:05 - 2012-10-02 20:15 - 00699536 _____ (MindSpark) C:\Program Files\v4Uninstall DictionaryBoss.dll
2014-03-18 15:05 - 2012-10-02 20:15 - 00172448 _____ () C:\Program Files\v4res.dll
2014-03-18 15:04 - 2012-07-05 11:52 - 00697744 _____ (MindSpark) C:\Program Files\2pUninstall Coupon Alert.dll
2014-03-18 15:04 - 2012-07-05 11:52 - 00172440 _____ () C:\Program Files\2pres.dll
2014-03-18 11:09 - 2014-03-18 11:09 - 00000732 _____ () C:\Users\Tina\Desktop\TDSSKiller - Shortcut.lnk
2014-03-18 11:00 - 2014-03-18 11:00 - 00093027 _____ () C:\Users\Tina\Desktop\new3.txt
2014-03-18 10:35 - 2014-03-18 10:39 - 00053686 _____ () C:\Users\Tina\Downloads\Addition.txt
2014-03-18 10:32 - 2014-03-18 10:39 - 00052084 _____ () C:\Users\Tina\Downloads\FRST.txt
2014-03-18 10:32 - 2014-03-18 10:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 10:26 - 2014-03-18 17:25 - 00000000 ____D () C:\FRST
2014-03-18 10:23 - 2014-03-18 10:23 - 01145856 _____ (Farbar) C:\Users\Tina\Desktop\FRST.exe
2014-03-17 15:58 - 2014-03-17 21:08 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 15:58 - 2014-03-17 15:58 - 00000908 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 15:58 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 15:57 - 2014-03-17 15:58 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tina\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-12 17:14 - 2014-02-23 01:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 17:14 - 2014-02-23 01:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 17:14 - 2014-02-23 01:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 17:14 - 2014-02-23 01:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 17:14 - 2014-02-23 01:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 17:14 - 2014-02-23 01:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 17:14 - 2014-02-23 01:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-12 17:14 - 2014-02-23 01:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 17:14 - 2014-02-23 01:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 17:14 - 2014-02-23 01:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-12 17:14 - 2014-02-23 01:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 17:14 - 2014-02-23 01:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-12 17:14 - 2014-02-23 01:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 09:23 - 2014-02-07 06:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 09:23 - 2014-02-03 06:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 09:23 - 2014-01-30 03:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 09:23 - 2013-11-12 20:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-06 18:26 - 2014-03-06 15:37 - 00000513 _____ () C:\Users\Tina\Desktop\style2.css
2014-03-06 18:26 - 2014-03-04 15:52 - 00001976 _____ () C:\Users\Tina\Desktop\Register.html
2014-03-06 18:26 - 2014-02-27 15:25 - 00001151 _____ () C:\Users\Tina\Desktop\Aboutme.html
2014-03-06 18:26 - 2014-02-25 14:48 - 00000249 _____ () C:\Users\Tina\Desktop\style.css
2014-03-06 18:26 - 2013-08-26 15:42 - 02381824 _____ () C:\Users\Tina\Desktop\VisualLogic-Course-2.2.7.exe
2014-02-28 22:49 - 2014-02-28 22:49 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 22:47 - 2014-02-28 22:49 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-28 22:47 - 2014-02-28 22:49 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 22:47 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 22:32 - 2014-02-28 22:32 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-27 12:23 - 2014-02-27 12:23 - 00001127 _____ () C:\Users\Tina\Desktop\Watchtower Library 2013 - English.lnk
2014-02-25 19:14 - 2014-02-25 19:15 - 00000000 ____D () C:\Users\Tina\Desktop\FileZillaPortable
2014-02-25 19:14 - 2014-02-25 19:14 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf (1).exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2 (1).exe
2014-02-25 18:53 - 2014-02-25 19:03 - 00000000 ____D () C:\Users\Tina\Downloads\FileZillaPortable
2014-02-25 18:51 - 2014-02-25 18:51 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf.exe
2014-02-25 17:02 - 2014-02-25 17:02 - 00014394 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2014-02-20 19:03 - 2014-02-20 19:04 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000862 _____ () C:\Users\Tina\Desktop\Notepad++.lnk
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-20 19:00 - 2014-02-20 19:00 - 07564908 _____ () C:\Users\Tina\Downloads\npp.6.5.4.Installer.exe
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\Tina\AppData\Local\BrowserSafeguard
2014-02-20 18:43 - 2014-02-20 18:45 - 00000000 ____D () C:\Users\Tina\Documents\Optimizer Pro
2014-02-20 18:37 - 2014-02-20 18:44 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-20 18:33 - 2014-02-20 18:33 - 00553768 _____ (Fusion Install ) C:\Users\Tina\Downloads\Setup.exe
2014-02-19 17:47 - 2014-02-19 17:47 - 00001948 _____ () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

==================== One Month Modified Files and Folders =======

2014-03-18 17:28 - 2014-03-18 17:25 - 00027728 _____ () C:\Users\Tina\Desktop\FRST.txt
2014-03-18 17:25 - 2014-03-18 10:26 - 00000000 ____D () C:\FRST
2014-03-18 17:25 - 2008-06-15 16:05 - 00000420 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{4E3FEFA2-BC6F-482D-A699-C651896162B4}.job
2014-03-18 17:19 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 17:19 - 2006-11-02 08:47 - 00003696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 17:15 - 2014-02-12 19:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-18 17:08 - 2006-11-02 08:52 - 01940209 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 16:55 - 2009-07-20 22:33 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 16:55 - 2009-07-20 22:33 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 15:28 - 2012-09-04 18:15 - 00000000 ___RD () C:\Users\Tina\SkyDrive
2014-03-18 15:25 - 2007-05-23 00:59 - 00000000 ____D () C:\Windows\SMINST
2014-03-18 15:19 - 2014-02-04 12:12 - 00012740 _____ () C:\Windows\PFRO.log
2014-03-18 15:19 - 2012-10-15 15:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-18 15:19 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 15:18 - 2006-11-02 09:01 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-18 15:11 - 2011-03-05 13:43 - 00000000 ____D () C:\Users\Tina\AppData\Local\Conduit
2014-03-18 15:11 - 2007-05-23 00:53 - 00000000 ____D () C:\Program Files\Yahoo!
2014-03-18 15:09 - 2012-08-29 18:35 - 00000000 ____D () C:\ProgramData\WeCareReminder
2014-03-18 11:09 - 2014-03-18 11:09 - 00000732 _____ () C:\Users\Tina\Desktop\TDSSKiller - Shortcut.lnk
2014-03-18 11:00 - 2014-03-18 11:00 - 00093027 _____ () C:\Users\Tina\Desktop\new3.txt
2014-03-18 10:39 - 2014-03-18 10:35 - 00053686 _____ () C:\Users\Tina\Downloads\Addition.txt
2014-03-18 10:39 - 2014-03-18 10:32 - 00052084 _____ () C:\Users\Tina\Downloads\FRST.txt
2014-03-18 10:33 - 2014-03-18 10:32 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-18 10:23 - 2014-03-18 10:23 - 01145856 _____ (Farbar) C:\Users\Tina\Desktop\FRST.exe
2014-03-18 10:20 - 2008-06-15 09:15 - 00000632 __RSH () C:\Users\Tina\ntuser.pol
2014-03-18 10:20 - 2007-05-30 23:11 - 00000000 ____D () C:\Users\Tina
2014-03-17 22:02 - 2010-06-08 15:15 - 00000000 ____D () C:\Users\Tina\AppData\Local\CrashDumps
2014-03-17 21:08 - 2014-03-17 15:58 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-17 15:58 - 2014-03-17 15:58 - 00000908 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-17 15:58 - 2014-03-17 15:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Tina\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-17 15:29 - 2007-11-07 17:11 - 00000000 ____D () C:\Users\Tina\AppData\Local\Google
2014-03-17 15:29 - 2007-11-07 17:11 - 00000000 ____D () C:\Program Files\Google
2014-03-17 15:26 - 2007-05-30 23:21 - 00133464 _____ () C:\Users\Tina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-17 15:13 - 2006-11-02 08:47 - 00458136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 14:54 - 2010-05-26 11:59 - 00000000 ____D () C:\Users\Tina\Documents\New Folder (2)
2014-03-17 12:50 - 2009-07-20 22:33 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-03-17 12:21 - 2007-05-23 00:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-17 12:18 - 2007-06-02 18:35 - 00002627 _____ () C:\Users\Tina\Desktop\Microsoft Office Word 2007.lnk
2014-03-16 20:34 - 2013-09-06 18:31 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\.minecraft
2014-03-12 18:03 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\rescache
2014-03-12 17:44 - 2010-08-08 16:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-12 12:46 - 2012-09-04 18:46 - 00002469 _____ () C:\Users\Tina\Desktop\Launch SNAP Player (2).lnk
2014-03-12 11:02 - 2006-11-02 06:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 10:15 - 2012-05-08 15:16 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-12 10:15 - 2011-08-20 08:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-06 15:37 - 2014-03-06 18:26 - 00000513 _____ () C:\Users\Tina\Desktop\style2.css
2014-03-04 15:52 - 2014-03-06 18:26 - 00001976 _____ () C:\Users\Tina\Desktop\Register.html
2014-02-28 22:49 - 2014-02-28 22:49 - 00001666 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-28 22:49 - 2014-02-28 22:47 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-02-28 22:49 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iTunes
2014-02-28 22:47 - 2014-02-28 22:47 - 00000000 ____D () C:\Program Files\iPod
2014-02-28 22:47 - 2007-07-16 15:58 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-02-28 22:32 - 2014-02-28 22:32 - 00000000 ____D () C:\Program Files\QuickTime
2014-02-27 15:25 - 2014-03-06 18:26 - 00001151 _____ () C:\Users\Tina\Desktop\Aboutme.html
2014-02-27 12:23 - 2014-02-27 12:23 - 00001127 _____ () C:\Users\Tina\Desktop\Watchtower Library 2013 - English.lnk
2014-02-27 12:23 - 2007-06-01 18:41 - 00000000 ____D () C:\Program Files\Watchtower
2014-02-26 20:14 - 2012-09-29 16:19 - 00000000 ____D () C:\Program Files\Microsoft IntelliPoint
2014-02-25 19:15 - 2014-02-25 19:14 - 00000000 ____D () C:\Users\Tina\Desktop\FileZillaPortable
2014-02-25 19:14 - 2014-02-25 19:14 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf (1).exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2.exe
2014-02-25 19:06 - 2014-02-25 19:06 - 03307552 _____ (PortableApps.com) C:\Users\Tina\Downloads\PortableApps.com_Platform_Setup_11.2 (1).exe
2014-02-25 19:03 - 2014-02-25 18:53 - 00000000 ____D () C:\Users\Tina\Downloads\FileZillaPortable
2014-02-25 18:51 - 2014-02-25 18:51 - 05078296 _____ (PortableApps.com) C:\Users\Tina\Downloads\FileZillaPortable_3.7.4.1.paf.exe
2014-02-25 17:10 - 2013-11-03 19:21 - 00000000 ____D () C:\Users\Tina\.gimp-2.8
2014-02-25 17:02 - 2014-02-25 17:02 - 00014394 _____ () C:\Users\Tina\AppData\Local\recently-used.xbel
2014-02-25 17:02 - 2013-11-03 19:24 - 00000000 ____D () C:\Users\Tina\AppData\Local\gtk-2.0
2014-02-25 14:48 - 2014-03-06 18:26 - 00000249 _____ () C:\Users\Tina\Desktop\style.css
2014-02-23 01:50 - 2014-03-12 17:14 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 01:47 - 2014-03-12 17:14 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 01:43 - 2014-03-12 17:14 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 01:41 - 2014-03-12 17:14 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 01:40 - 2014-03-12 17:14 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 01:39 - 2014-03-12 17:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 01:38 - 2014-03-12 17:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 01:38 - 2014-03-12 17:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 01:38 - 2014-03-12 17:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 01:37 - 2014-03-12 17:14 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 01:36 - 2014-03-12 17:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 01:36 - 2014-03-12 17:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 01:35 - 2014-03-12 17:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 19:04 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000862 _____ () C:\Users\Tina\Desktop\Notepad++.lnk
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-02-20 19:03 - 2014-02-20 19:03 - 00000000 ____D () C:\Program Files\Notepad++
2014-02-20 19:00 - 2014-02-20 19:00 - 07564908 _____ () C:\Users\Tina\Downloads\npp.6.5.4.Installer.exe
2014-02-20 18:48 - 2014-02-20 18:48 - 00000000 ____D () C:\Users\Tina\AppData\Local\BrowserSafeguard
2014-02-20 18:45 - 2014-02-20 18:43 - 00000000 ____D () C:\Users\Tina\Documents\Optimizer Pro
2014-02-20 18:44 - 2014-02-20 18:37 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-02-20 18:33 - 2014-02-20 18:33 - 00553768 _____ (Fusion Install ) C:\Users\Tina\Downloads\Setup.exe
2014-02-19 17:47 - 2014-02-19 17:47 - 00001948 _____ () C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

Files to move or delete:
====================
C:\ProgramData\PKP_DLec.DAT
C:\Users\Tina\jagex_runescape_preferences.dat
C:\Users\Tina\jagex_runescape_preferences2.dat
C:\Users\Tina\jagex__preferences3.dat


Some content of TEMP:
====================
C:\Users\justin\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\justin\AppData\Local\Temp\symlcsv1.exe
C:\Users\justin\AppData\Local\Temp\usl2gncy.dll
C:\Users\Tina\AppData\Local\Temp\B1FreeArchiver_1.5.86.exe
C:\Users\Tina\AppData\Local\Temp\ChangeIcon.exe
C:\Users\Tina\AppData\Local\Temp\dlLogic.exe
C:\Users\Tina\AppData\Local\Temp\GCVerifier.dll
C:\Users\Tina\AppData\Local\Temp\nsj54CF.exe
C:\Users\Tina\AppData\Local\Temp\nso704C.exe
C:\Users\Tina\AppData\Local\Temp\nst6A52.exe
C:\Users\Tina\AppData\Local\Temp\nstF6CD.exe
C:\Users\Tina\AppData\Local\Temp\nsy636E.exe
C:\Users\Tina\AppData\Local\Temp\nsz235.exe
C:\Users\Tina\AppData\Local\Temp\nszFC6A.exe
C:\Users\Tina\AppData\Local\Temp\spstub.exe
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite71864.dll
C:\Users\Tina\AppData\Local\Temp\System.Data.SQLite79216.dll
C:\Users\Tina\AppData\Local\Temp\tbWinZ.dll
C:\Users\Tina\AppData\Local\Temp\tbXfi2.dll
C:\Users\Tina\AppData\Local\Temp\tbZyn2.dll
C:\Users\Tina\AppData\Local\Temp\verifier.exe
C:\Users\Tina\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-18 15:30

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014  01
Ran by Tina at 2014-03-18 17:28:44
Running from C:\Users\Tina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
7-Zip (HKLM\...\7-Zip 9.2.0) (Version: 9.2.0 - 7-Zip)
7-Zip (Version: 9.2.0 - 7-Zip) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
AIM 6 (HKLM\...\AIM_6) (Version:  - )
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version:  - ArcSoft)
AutoUpdate (HKLM\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.0 - )
B1 Free Archiver (HKLM\...\B1FreeArchiver) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (remove only) (HKLM\...\CCleaner) (Version:  - Piriform)
Certblaster CompTIA Network+ (2009 Edition)  (HKLM\...\{AFE68D65-01D4-4B1A-902D-2660BC0C503F}) (Version: 5.0.0 - dti Publishing)
Cucusoft DVD to iPod + iPod Video Converter Suite 8.8.8.8 (HKLM\...\Cucusoft DVD to iPod + iPod Video Converter Suite_is1) (Version:  - Cucusoft, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
DivX (HKLM\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 5.2.1 - DivXNetworks, Inc.)
Elevated Installer (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Entity Framework Designer for Visual Studio 2012 - enu (HKLM\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Fireburst (HKLM\...\Steam App 207190) (Version:  - )
Garmin Communicator Plugin (HKLM\...\{13F054F3-0B07-4D15-9E80-C55B496AB557}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{6f60b921-2ae3-43fe-a6fb-ad849bd91451}) (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.3.16.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4424.15 - PC-Doctor, Inc.)
Horizon v2.7.2.2 (HKLM\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.2.2 - Daring Development Inc.)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 1.00.0000 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Easy Setup - Core (HKLM\...\{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}) (Version: 1.00.0000 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.00.0000 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential (HKLM\...\{EB21A812-671B-4D08-B974-2A347F0D8F70}) (Version: 1.12.0.46 - HP)
HP Total Care Advisor (HKLM\...\{CBFEEA43-2B94-44AF-8325-B413E62D2A5D}) (Version: 1.0.95 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HPSSupply (Version: 100.0.172.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
iPhone Configuration Utility (HKLM\...\{FA54AFB1-5745-4389-B8C1-9F7509672ED1}) (Version: 2.1.0.163 - Apple Inc.)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 11 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150110}) (Version: 1.5.0.110 - Sun Microsystems, Inc.)
Java Auto Updater (Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
LG CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink LabelPrint (Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG CyberLink Power2Go (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink PowerBackup (HKLM\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.5529 - CyberLink Corp.)
LG CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304a - CyberLink Corp.)
LG CyberLink YouCam (Version: 2.0.3304a - CyberLink Corp.) Hidden
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 9.01.1124.01 - )
LG Power Tools (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG Power Tools (Version: 6.0.3316 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.1.232 - Symantec Corporation)
LiveUpdate (Symantec Corporation) (Version: 3.4.1.238 - Symantec Corporation) Hidden
LiveUpdate Notice (Symantec Corporation) (HKLM\...\{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}) (Version: 1.4.5 - Symantec Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MediaPlayerLite 0.3 (HKLM\...\MediaPlayerLite) (Version: 0.3 - Amnis Technology Ltd)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop (Version: 2.0.30717.9005 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{45A8F8FF-ED9B-40B2-B923-94F46FCF6135}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{D9DA2981-3298-4F1A-9192-F2CF5BD91145}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{83C7F964-AC58-4104-B613-B4D0F61DA8CD}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{79B49428-E9B0-4479-A0FA-3EFF8AFA9F07}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{CD920828-2B95-49A4-8BFD-1D34BCBF5A27}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 ENU (HKLM\...\{773AC1E4-5F27-4DF6-A932-7FDDE35C069D}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - ENU Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2012 for Windows Desktop (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (Version: 11.0.50727 - Microsoft Corporation) Hidden
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 5.0 (HKLM\...\{77CA976C-403C-47E2-940B-733ECAB6F62B}) (Version: 5.00.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hpdesktop Master Uninstall) (Version: HPCMPQ1601 - WildTangent)
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Norton Internet Security (HKLM\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Olympus Sonority (HKLM\...\{2756AD56-3691-4C76-A54F-8A8061620570}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
Open Book HVAC Certifications 4.2.00 (HKLM\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
Prerequisites for SSDT  (HKLM\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
QQ Bubble Arena (HKLM\...\QQ Bubble Arena) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Rhapsody (HKLM\...\Rhapsody) (Version:  - )
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Activation Module (Version: 1.0 - Roxio) Hidden
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.559 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
SnapPlayer (HKLM\...\{FF7991D3-7C6D-4C87-A541-545198F52E7D}) (Version: 1.0.4497.25196 - EMCP)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
Update for  (KB2504637) (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Watchtower Library 2013 - English (HKLM\...\{004E8ED2-315C-4473-A934-032D5D7B3A02}) (Version: 15.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)
Windows Software Development Kit (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Wondershare Data Recovery(Build 3.0.2.2) (HKLM\...\Wondershare Data Recovery_is1) (Version: 3.0.2.2 - Wondershare Software Co.,Ltd.)
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )

==================== Restore Points  =========================

11-12-2013 22:01:05 Windows Update
20-12-2013 00:43:01 Scheduled Checkpoint
26-12-2013 18:22:42 Windows Update
15-01-2014 22:01:14 Windows Update
25-01-2014 03:19:03 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
25-01-2014 03:20:08 Device Driver Package Install: Apple Network adapters
31-01-2014 20:04:04 Device Driver Package Install: Hewlett-Packard Printers
01-02-2014 01:05:56 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
01-02-2014 01:07:37 Device Driver Package Install: Apple Network adapters
01-02-2014 02:00:53 Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
01-02-2014 02:03:20 Device Driver Package Install: HP Printers
01-02-2014 02:05:16 Device Driver Package Install: Hewlett-Packard Imaging devices
01-02-2014 02:33:12 Installed 32 Bit HP CIO Components Installer
08-02-2014 02:51:04 Removed iTunes
08-02-2014 03:26:21 Device Driver Package Install: Apple, Inc. Universal Serial Bus controllers
08-02-2014 03:28:34 Device Driver Package Install: Apple Network adapters
08-02-2014 03:31:45 Installed iTunes
11-02-2014 19:08:54 Scheduled Checkpoint
12-02-2014 22:01:02 Windows Update
12-03-2014 21:02:16 Windows Update
18-03-2014 19:06:47 Removed SavetheChildren Reminder by We-Care.com v4.1.18.4
18-03-2014 19:08:15 Removed SavetheChildren Reminder by We-Care.com v4.1.18.4
18-03-2014 19:08:51 Removed SavetheChildren Reminder by We-Care.com v4.1.18.4

==================== Hosts content: ==========================

2006-11-02 06:23 - 2006-09-18 17:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03BA0634-C498-482C-B93A-4AF91C9832D3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {0974C259-D079-4388-A669-1D700697E1E4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0BF03213-588B-4228-B322-650A01E0B476} - System32\Tasks\DTReg => C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
Task: {0C09C457-ADD4-49B5-833A-C5C1CEF4BE85} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {0C4B2DA0-30A7-4569-B29B-D30B5E55CB1D} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {1014EF88-70E0-4D14-BC97-757A819DF80B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4C499FFC-2ECB-4C0E-8308-BD294BE2D0BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20] (Google Inc.)
Task: {791207F5-2788-4C70-A3FF-55A7633EADA6} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-12] (Google)
Task: {924DC59F-56AA-4EAE-9ECE-97C137CA0668} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {D39FFB9B-5C3D-4F87-A25B-A4F4CD0CA5D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-20] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EADB90F7-65D6-41FE-BB35-A0AE5864595B} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {F634D83A-9AAB-45F4-B939-D641FEE1E53E} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Tina => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{4E3FEFA2-BC6F-482D-A699-C651896162B4}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 02121728 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 07745536 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2010-08-16 14:21 - 2010-08-16 14:21 - 00135168 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-03-18 10:32 - 2014-03-18 10:33 - 03578992 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Automatic LiveUpdate Scheduler => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: ccEvtMgr => 2
MSCONFIG\Services: ccSetMgr => 2
MSCONFIG\Services: CLTNetCnService => 2
MSCONFIG\Services: comHost => 3
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: LiveUpdate => 3
MSCONFIG\Services: LiveUpdate Notice => 2
MSCONFIG\Services: LVCOMSer => 2
MSCONFIG\Services: LVPrcSrv => 2
MSCONFIG\Services: LVSrvLauncher => 2
MSCONFIG\Services: MyWebSearchService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: RoxMediaDB9 => 3
MSCONFIG\Services: stllssvr => 3
MSCONFIG\Services: Symantec Core LC => 3
MSCONFIG\Services: Viewpoint Manager Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk => C:\Windows\pss\NkbMonitor.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StupAssist.lnk => C:\Windows\pss\StupAssist.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSCONFIG\startupreg: ccApp => "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
MSCONFIG\startupreg: DW7 => "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogitechCommunicationsManager => "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSCONFIG\startupreg: MyWebSearch Plugin => rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: OsdMaestro => "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
MSCONFIG\startupreg: swg => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: WPCUMI => C:\Windows\system32\WpcUmi.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft 6to4 Adapter #7
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 6TO4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2014 03:08:51 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid.  hr = 0x80070539.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {0cc63495-35e4-4166-9f83-177b159eb057}

Error: (03/18/2014 03:08:15 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid.  hr = 0x80070539.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {0cc63495-35e4-4166-9f83-177b159eb057}

Error: (03/18/2014 03:06:48 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid.  hr = 0x80070539.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {0cc63495-35e4-4166-9f83-177b159eb057}

Error: (03/18/2014 03:05:06 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (03/17/2014 10:01:31 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.75.0.1, time stamp 0x511f8eb2, faulting module gdiplus.dll_unloaded, version 0.0.0.0, time stamp 0x515ba857, exception code 0xc0000005, fault offset 0x741e74b2,
process id 0x1620, application start time 0xmbam.exe0.

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:21:02 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    Element not found.   (0x80070490)

Error: (03/17/2014 03:20:55 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (03/17/2014 03:20:55 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
    0x%08x (0xc0041800 - The content index cannot be read.  )


System errors:
=============
Error: (03/18/2014 03:21:09 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/18/2014 02:49:56 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/18/2014 10:05:35 AM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (03/18/2014 10:05:35 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (03/18/2014 10:05:17 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/17/2014 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player Network Sharing Service%%1053

Error: (03/17/2014 04:32:22 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Player Network Sharing Service

Error: (03/17/2014 04:31:00 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (03/17/2014 03:21:41 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service

Error: (03/17/2014 03:21:41 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2147749155 (0x80040D23)


Microsoft Office Sessions:
=========================
Error: (03/12/2014 02:33:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16674 seconds with 3660 seconds of active time.  This session ended with a crash.

Error: (03/12/2014 09:55:21 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1519 seconds with 1080 seconds of active time.  This session ended with a crash.

Error: (03/04/2014 11:30:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 15005 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (02/21/2014 09:47:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1257 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (02/05/2014 00:42:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 431 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:16:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 165 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:13:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 128 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (02/03/2014 11:11:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 228 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/02/2014 00:04:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 401 seconds with 180 seconds of active time.  This session ended with a crash.

Error: (12/04/2013 06:54:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 616 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-03-18 17:28:07.194
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:28:06.320
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:28:05.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:28:04.666
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:27:55.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:27:54.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:27:53.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 17:27:52.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:58.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.

  Date: 2014-03-18 10:34:57.680
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\SYMEVENT.SYS because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 1917.82 MB
Available physical RAM: 961.91 MB
Total Pagefile: 4084.16 MB
Available Pagefile: 2667.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.01 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:365.29 GB) (Free:187.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:7.32 GB) (Free:0.89 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 373 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=365 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Fix with FRST (normal mode)

  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
  • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

    HKLM\...\Run: [BrowserSafeguard] - "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe"GroupPolicyUsers\S-1-5-21-33051458-4020872597-3727823883-1001\User: Group Policy restriction detected <======= ATTENTIONHKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...b5874ab65&sspv=URLSearchHook: HKCU - (No Name) - {03402f96-3dc7-4285-bc50-9e81fefafe43} -  No FileURLSearchHook: HKCU - (No Name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL No FileURLSearchHook: HKCU - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} -  No FileURLSearchHook: HKCU - (No Name) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} -  No FileSearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantas...mid=453&sr=0&q={searchTerms}SearchScopes: HKLM - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL = http://slirsredirect...dir=2706&query={searchTerms}&invocationType=tb50trie7SearchScopes: HKLM - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdSearchScopes: HKLM - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdtSearchScopes: HKLM - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL = http://search.aol.co...m/search?query={searchTerms}&invocationType=msie70aaiminstSearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantas...mid=453&sr=0&q={searchTerms}SearchScopes: HKLM - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...101881&l=dis&q={SEARCHTERMS}SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2304157SearchScopes: HKLM - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...FFBB5874AB65&q={searchTerms}&SSPV=SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.condui...FFBB5874AB65&q={searchTerms}&SSPV=SearchScopes: HKCU - {0B4A10D1-FBD6-451d-BFDA-F03252B05984} URL =SearchScopes: HKCU - {11F9B070-EFED-48C8-AA05-80CA9542576F} URL =SearchScopes: HKCU - {161452CC-3EAD-47A1-86CC-05A609F53D38} URL =SearchScopes: HKCU - {91105D14-AFFF-4eb7-8B78-6ABE2F13AAB6} URL =SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2453} URL = http://search.fantas...mid=453&sr=0&q={searchTerms}SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://www.ask.com/w...101881&l=dis&q={SEARCHTERMS}SearchScopes: HKCU - {E2EF9873-81CC-4011-B84B-5EBED10BBD06} URL = http://www.mysearchr...&c=2635&t=03&q={searchTerms}SearchScopes: HKCU - {F3C62574-CF62-4FA1-9BED-B2BD4BACE3CF} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7BHO: No Name - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -  No FileBHO: No Name - {b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No FileToolbar: HKLM - No Name - !{b4de90bb-150d-4b33-95fe-6baac97e1c21} -  No FileToolbar: HKCU - No Name - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -  No FileToolbar: HKCU - No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} -  No FileToolbar: HKCU - No Name - {5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} -  No FileToolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No FileToolbar: HKCU - No Name - {50FAFAF0-70A9-419D-A109-FA4B4FFD4E37} -  No FileDPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfar...etup1.0.1.0.cabFF DefaultSearchEngine: Conduit SearchFF SearchEngineOrder.1: Search ResultsFF SelectedSearchEngine: Conduit SearchFF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPMyWebS.dll (MyWebSearch.com)FF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\aim-search.xmlFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit-search.xmlFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\conduit.xmlFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\MySpace.xmlFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\safesearch.xmlFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\searchplugins-backupFF SearchPlugin: C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\searchplugins\Search_Results.xmlFF Extension: We-Care App - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\wecarereminder@bryan [2014-02-15]FF Extension: BrowseToolE0170  - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2014-03-17]FF Extension: Yahoo! Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-03-04]FF Extension: AOL Messaging Toolbar - C:\Users\Tina\AppData\Roaming\Mozilla\Firefox\Profiles\8hrnspxd.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2014-02-15]S4 MyWebSearchService; C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE [28762 2008-08-20] (MyWebSearch.com)Task: {0BF03213-588B-4228-B322-650A01E0B476} - System32\Tasks\DTReg => C:\Users\Tina\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTIONC:\Users\Tina\AppData\Roaming\DefaultTabC:\ProgramData\PKP_DLec.DATC:\Users\Tina\jagex_runescape_preferences.datC:\Users\Tina\jagex_runescape_preferences2.datC:\Users\Tina\jagex__preferences3.datC:\Users\Tina\AppData\Local\ConduitC:\Program Files\Yahoo!C:\ProgramData\WeCareReminderC:\Users\Tina\AppData\Local\BrowserSafeguardC:\Users\Tina\Documents\Optimizer ProC:\Program Files\Optimizer ProC:\Program Files\MyWebSearchC:\Program Files\Browsersafeguard
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

Link to post
Share on other sites

The part that says save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt. im a little confused.

 

By saying direction do you mean file? And do you mean open the file from notepad called frst.exe and delete what is in there and replace it with the script you wrote for me, and save it as fixlist.exe?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.