Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Spybot Search & Destroy cannot remove detected malware
Message
<blockquote data-quote="FredricJLowe" data-source="post: 313474" data-attributes="member: 30586"><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 01</p><p>Ran by SmartMoneyStrategies at 2014-12-11 11:22:56</p><p>Running from C:\Users\SmartMoneyStrategies\Desktop</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p>==================== Security Center ========================</p><p>(If an entry is included in the fixlist, it will be removed.)</p><p>AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}</p><p> </p><p>Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 01</p><p>Ran by SmartMoneyStrategies (administrator) on SMARTMONEYSTRAT on 11-12-2014 11:21:59</p><p>Running from C:\Users\SmartMoneyStrategies\Desktop</p><p>Loaded Profile: SmartMoneyStrategies (Available profiles: SmartMoneyStrategies)</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 10</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p>==================== Processes (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p>(AMD) C:\Windows\System32\atiesrxx.exe</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe</p><p>(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe</p><p>(AMD) C:\Windows\System32\atieclxx.exe</p><p>(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe</p><p>(Microsoft Corporation) C:\Windows\System32\wlanext.exe</p><p>(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe</p><p>(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe</p><p>(Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe</p><p>() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe</p><p>(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe</p><p>() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe</p><p>() C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe</p><p>(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe</p><p>(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe</p><p>() C:\Program Files (x86)\ActiveTracker\rn5.exe</p><p>(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe</p><p>() C:\Program Files (x86)\Caller ID\Caller ID.exe</p><p>() C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe</p><p>() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe</p><p>(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE</p><p>(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe</p><p>(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE</p><p>(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe</p><p>(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe</p><p>(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe</p><p>(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe</p><p>(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe</p><p>(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe</p><p>(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe</p><p>(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe</p><p>(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe</p><p>(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe</p><p>(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</p><p>(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe</p><p>(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe</p><p>(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe</p><p>(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe</p><p>(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p></p><p>==================== Registry (Whitelisted) ==================</p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated)</p><p>HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.)</p><p>HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()</p><p>HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)</p><p>HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2584864 2013-07-06] (FSPro Labs)</p><p>HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()</p><p>HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [508312 2009-12-15] (CANON INC.)</p><p>HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company)</p><p>HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe</p><p>HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)</p><p>HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-12-03] (RealNetworks, Inc.)</p><p>HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)</p><p>HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)</p><p>HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127352 2014-07-22] (Abine Inc.)</p><p>HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] ()</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company)</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-13] (Google Inc.)</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [rn5.exe] => C:\Program Files (x86)\ActiveTracker\rn5.exe [3065776 2013-02-27] ()</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\RunOnce: [Adobe Speed Launcher] => 1418314795</p><p>Lsa: [Notification Packages] DPPassFilter scecli</p><p>Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk</p><p>ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (No File)</p><p>Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Caller ID.lnk</p><p>ShortcutTarget: Caller ID.lnk -> C:\Program Files (x86)\Caller ID\Caller ID.exe ()</p><p>Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk</p><p>ShortcutTarget: Comcast Universal Caller ID.lnk -> C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe (No File)</p><p>Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk</p><p>ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe ()</p><p>ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)</p><p>BootExecute: autocheck autochk * sdnclean64.exe</p><p>==================== Internet (Whitelisted) ====================</p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p>HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION</p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION</p><p>ProxyServer: [S-1-5-21-3824992045-3126350346-3511581396-1001] => localhost:8080</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = </p><p>HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = <a href="https://www.google.com/" target="_blank">https://www.google.com/</a></p><p>SearchScopes: HKLM -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = <a href="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" target="_blank">http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox</a></p><p>SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = <a href="http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms" target="_blank">http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms</a>}</p><p>SearchScopes: HKLM -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = <a href="http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl" target="_blank">http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl</a></p><p>SearchScopes: HKLM -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = <a href="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF</a></p><p>SearchScopes: HKLM -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = <a href="http://en.wikipedia.org/wiki/Special:Search?search={searchTerms" target="_blank">http://en.wikipedia.org/wiki/Special:Search?search={searchTerms</a>}</p><p>SearchScopes: HKLM-x32 -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = <a href="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox" target="_blank">http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox</a></p><p>SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = <a href="http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-opencandy.r-chromesbox-en-us&tb_uuid=20120403213025736&tb_oid=03-04-2012&tb_mrud=03-04-2012" target="_blank">http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-opencandy.r-chromesbox-en-us&tb_uuid=20120403213025736&tb_oid=03-04-2012&tb_mrud=03-04-2012</a></p><p>SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = <a href="http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms" target="_blank">http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms</a>}</p><p>SearchScopes: HKLM-x32 -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = <a href="http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl" target="_blank">http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl</a></p><p>SearchScopes: HKLM-x32 -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = <a href="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF</a></p><p>SearchScopes: HKLM-x32 -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = <a href="http://en.wikipedia.org/wiki/Special:Search?search={searchTerms" target="_blank">http://en.wikipedia.org/wiki/Special:Search?search={searchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = </p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {07550832-9707-4820-836E-A5717082572F} URL = <a href="http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IEOB05" target="_blank">http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IEOB05</a></p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = </p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = <a href="http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms" target="_blank">http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms</a>}</p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = <a href="http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869" target="_blank">http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869</a></p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = <a href="http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80273&iwk=252&lng=en" target="_blank">http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80273&iwk=252&lng=en</a></p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = </p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = <a href="http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF" target="_blank">http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF</a></p><p>SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = </p><p>BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)</p><p>BHO: DoNotTrackMe BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\3.2.1166\AbineBHO64.dll (Abine Inc.)</p><p>BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File</p><p>BHO-x32: CRnPluginSite Object -> {0050A87F-CF26-41AE-9C0A-C32307C941CB} -> C:\Program Files (x86)\ActiveTracker\plugins\internetexplorer\wegie\wegie.dll (ReadNotify.com)</p><p>BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)</p><p>BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)</p><p>BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)</p><p>BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)</p><p>BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.416.5\NativeBHO.dll (WhiteSky)</p><p>BHO-x32: DoNotTrackMe BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\3.2.1166\AbineBHO.dll (Abine Inc.)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)</p><p>Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File</p><p>Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)</p><p>Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File</p><p>Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)</p><p>DPF: HKLM-x32 {33704B0F-9EB7-434B-B752-EA6CFFB87423} <a href="http://beachcam.resortscasinohotel.com/JpegInst.cab" target="_blank">http://beachcam.resortscasinohotel.com/JpegInst.cab</a></p><p>DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} <a href="http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect114a.cab" target="_blank">http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect114a.cab</a></p><p>Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)</p><p>Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)</p><p>Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)</p><p>Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt</p><p>Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76</p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default</p><p>FF Plugin: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()</p><p>FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)</p><p>FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)</p><p>FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>FF Plugin-x32: @real.com/nppl3260;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)</p><p>FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)</p><p>FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)</p><p>FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)</p><p>FF Plugin-x32: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)</p><p>FF Plugin HKU\S-1-5-21-3824992045-3126350346-3511581396-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( )</p><p>FF Plugin HKU\S-1-5-21-3824992045-3126350346-3511581396-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)</p><p>FF Extension: FreeWorkz - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\<a href="mailto:links@freeworkz.com">links@freeworkz.com</a> [2012-05-23]</p><p>FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\idvaultaddon@whitesky [2014-06-08]</p><p>FF Extension: No Name - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\temp [2014-06-08]</p><p>FF Extension: Exif Viewer - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\<a href="mailto:exif_viewer@mozilla.doslash.org.xpi">exif_viewer@mozilla.doslash.org.xpi</a> [2013-10-15]</p><p>FF HKLM-x32\...\Firefox\Extensions: [<a href="mailto:otis@digitalpersona.com">otis@digitalpersona.com</a>] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt</p><p>FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2010-09-16]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext</p><p>FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-03]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF</p><p>FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-06-09]</p><p>FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn</p><p>FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-12-11]</p><p>Chrome: </p><p>=======</p><p>CHR HomePage: Default -> hxxp://<a href="http://www.google.com" target="_blank">www.google.com</a></p><p>CHR StartupUrls: Default -> "hxxp://<a href="http://www.google.com" target="_blank">www.google.com</a>"</p><p>CHR Plugin: (Remoting Viewer) - internal-remoting-viewer</p><p>CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File</p><p>CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()</p><p>CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File</p><p>CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File</p><p>CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File</p><p>CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File</p><p>CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File</p><p>CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File</p><p>CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll No File</p><p>CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)</p><p>CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)</p><p>CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)</p><p>CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)</p><p>CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)</p><p>CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)</p><p>CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)</p><p>CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)</p><p>CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)</p><p>CHR Profile: C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10]</p><p>CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2012-11-07]</p><p>CHR Extension: (Norton Identity Safe) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-20]</p><p>CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-14]</p><p>CHR Extension: (Skype Click to Call) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-23]</p><p>CHR Extension: (Refresh Monkey) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-10-15]</p><p>CHR Extension: (Norton Security Toolbar) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-04-04]</p><p>CHR Extension: (Google Wallet) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]</p><p>CHR Extension: (Readnotify.com Web Plugin) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofmhkiliplhcecdhmfndhjbppbmoegk [2012-10-27]</p><p>CHR Extension: (Page Monitor) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2014-10-15]</p><p>CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path</p><p>CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]</p><p>CHR HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\SMARTM~1\AppData\Local\funmoods.crx [Not Found]</p><p>CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path</p><p>CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-03]</p><p>CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]</p><p>CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]</p><p>==================== Services (Whitelisted) =================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)</p><p>R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] ()</p><p>S4 ISW; C:\Program Files (x86)\Transamerica\TransQuote\TransQuote.exe [109056 2011-09-28] (Transamerica) [File not signed]</p><p>R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]</p><p>R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-09-22] (Symantec Corporation)</p><p>S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)</p><p>S2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [X]</p><p>S2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [X]</p><p>==================== Drivers (Whitelisted) ====================</p><p>(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)</p><p>R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001_3a9\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation)</p><p>R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)</p><p>R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-10] (Symantec Corporation)</p><p>R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-10] (Symantec Corporation)</p><p>R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)</p><p>R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141210.001_432\IDSvia64.sys [637656 2014-12-10] (Symantec Corporation)</p><p>R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141210.021\ENG64.SYS [129752 2014-12-10] (Symantec Corporation)</p><p>R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141210.021\EX64.SYS [2137304 2014-12-10] (Symantec Corporation)</p><p>R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)</p><p>S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)</p><p>R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)</p><p>R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)</p><p>R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34512 2014-08-22] ()</p><p>R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)</p><p>R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)</p><p>R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-09] (Symantec Corporation)</p><p>R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)</p><p>R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)</p><p>R3 ALSysIO; \??\C:\Users\SMARTM~1\AppData\Local\Temp\ALSysIO64.sys [X]</p><p>S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]</p><p>S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]</p><p>==================== NetSvcs (Whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)</p><p></p><p>==================== One Month Created Files and Folders ========</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-12-11 11:20 - 2014-12-11 11:20 - 02119680 _____ (Farbar) C:\Users\SmartMoneyStrategies\Desktop\frst64.exe</p><p>2014-12-11 08:11 - 2014-12-11 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)</p><p>2014-12-11 08:09 - 2014-12-11 10:17 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Desktop\mbar</p><p>2014-12-11 08:08 - 2014-12-11 08:08 - 16448208 _____ (Malwarebytes Corp.) C:\Users\SmartMoneyStrategies\Desktop\mbar-1.08.2.1001.exe</p><p>2014-12-10 20:58 - 2014-12-10 20:58 - 00000585 _____ () C:\Users\SmartMoneyStrategies\Desktop\aswMBR.txt</p><p>2014-12-10 20:54 - 2014-12-11 11:22 - 00033890 _____ () C:\Users\SmartMoneyStrategies\Desktop\FRST.txt</p><p>2014-12-10 20:53 - 2014-12-10 20:54 - 00047233 _____ () C:\Users\SmartMoneyStrategies\Desktop\Addition.txt</p><p>2014-12-10 20:50 - 2014-12-11 11:22 - 00000000 ____D () C:\FRST</p><p>2014-12-10 20:47 - 2014-12-10 20:47 - 00001446 _____ () C:\Users\SmartMoneyStrategies\Desktop\AdwCleaner[R3].txt</p><p>2014-12-10 19:21 - 2014-12-10 20:45 - 00000000 ____D () C:\AdwCleaner</p><p>2014-12-10 16:38 - 2014-11-21 01:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll</p><p>2014-12-10 16:38 - 2014-11-21 01:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll</p><p>2014-12-10 16:38 - 2014-11-21 01:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll</p><p>2014-12-06 14:51 - 2014-12-11 10:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2</p><p>2014-12-06 14:51 - 2014-12-10 16:55 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy</p><p>2014-11-30 18:33 - 2014-11-30 18:33 - 00275088 _____ () C:\Windows\Minidump\113014-35849-01.dmp</p><p>2014-11-23 12:49 - 2014-10-25 19:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe</p><p>2014-11-23 12:49 - 2014-10-25 19:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll</p><p>2014-11-23 12:49 - 2014-10-25 19:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl</p><p>2014-11-23 12:49 - 2014-10-25 18:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled(44).dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32(42).dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy(43).dll</p><p>2014-11-23 12:49 - 2014-10-25 18:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll</p><p>2014-11-23 12:49 - 2014-10-25 18:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb</p><p>2014-11-23 12:49 - 2014-10-25 18:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb</p><p>2014-11-23 12:49 - 2014-10-25 17:22 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe</p><p>2014-11-23 12:49 - 2014-10-25 17:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe</p><p>2014-11-23 12:43 - 2014-11-23 12:43 - 00000135 _____ () C:\Windows\SysWOW64\debug.log</p><p>2014-11-23 12:25 - 2014-12-11 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk</p><p>2014-11-23 12:25 - 2014-11-23 12:25 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk</p><p>2014-11-23 11:52 - 2014-11-23 11:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe</p><p>2014-11-23 11:52 - 2014-11-23 11:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe</p><p>2014-11-23 11:52 - 2014-11-23 11:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll</p><p>2014-11-22 17:38 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll</p><p>2014-11-22 17:38 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll</p><p>2014-11-22 17:38 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll</p><p>2014-11-22 17:38 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll</p><p>2014-11-22 17:38 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll</p><p>2014-11-22 17:38 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll</p><p>2014-11-22 17:38 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll</p><p>2014-11-22 17:38 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll</p><p>2014-11-22 17:38 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll</p><p>2014-11-22 17:37 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll</p><p>2014-11-22 17:37 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll</p><p>2014-11-22 17:37 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll</p><p>2014-11-22 17:37 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll</p><p>2014-11-22 17:37 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys</p><p>2014-11-22 17:37 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll</p><p>2014-11-22 17:37 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll</p><p>2014-11-22 17:37 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll</p><p>2014-11-22 17:37 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll</p><p>2014-11-22 17:37 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll</p><p>2014-11-22 17:37 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll</p><p>2014-11-22 17:37 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll</p><p>2014-11-22 17:37 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll</p><p>2014-11-22 17:37 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll</p><p>2014-11-22 17:37 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll</p><p>2014-11-22 17:37 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll</p><p>2014-11-22 17:37 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll</p><p>2014-11-22 17:37 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL</p><p>2014-11-22 17:37 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL</p><p>2014-11-22 17:36 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll</p><p>2014-11-22 17:36 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll</p><p>2014-11-22 17:36 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll</p><p>2014-11-22 17:36 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll</p><p>2014-11-22 17:36 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys</p><p>2014-11-18 21:34 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Desktop\Autoruns</p><p>2014-11-18 21:33 - 2014-11-18 21:33 - 00511633 _____ () C:\Users\SmartMoneyStrategies\Desktop\Autoruns.zip</p><p>2014-11-15 15:45 - 2014-11-22 19:03 - 00000000 ____D () C:\Program Files (x86)\QuickTime</p><p>==================== One Month Modified Files and Folders =======</p><p>(If an entry is included in the fixlist, the file\folder will be moved.)</p><p>2014-12-11 11:20 - 2012-02-26 16:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2014-12-11 11:18 - 2014-06-11 14:19 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001.job</p><p>2014-12-11 11:18 - 2012-03-30 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job</p><p>2014-12-11 10:26 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2014-12-11 10:26 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2014-12-11 10:25 - 2010-09-16 02:56 - 01620338 _____ () C:\Windows\WindowsUpdate.log</p><p>2014-12-11 10:19 - 2014-08-02 15:10 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe</p><p>2014-12-11 10:19 - 2012-12-13 17:15 - 00000444 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job</p><p>2014-12-11 10:19 - 2012-02-26 16:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2014-12-11 10:19 - 2012-01-02 19:28 - 00000000 _____ () C:\Windows\rntest.txt</p><p>2014-12-11 10:19 - 2011-08-29 18:54 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\CrashDumps</p><p>2014-12-11 10:18 - 2010-09-16 03:03 - 00936640 _____ () C:\Windows\PFRO.log</p><p>2014-12-11 10:18 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT</p><p>2014-12-11 10:18 - 2009-07-13 22:51 - 00135185 _____ () C:\Windows\setupact.log</p><p>2014-12-11 10:02 - 2014-08-22 13:53 - 00000000 ____D () C:\ProgramData\NCH Software</p><p>2014-12-11 10:02 - 2014-08-22 13:50 - 00000000 ____D () C:\Program Files (x86)\NCH Software</p><p>2014-12-11 10:02 - 2014-06-19 14:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2014-12-11 10:02 - 2014-06-09 07:34 - 00000000 ____D () C:\ProgramData\Norton</p><p>2014-12-11 10:02 - 2014-02-17 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git</p><p>2014-12-11 10:02 - 2014-02-17 20:38 - 00000000 ____D () C:\Program Files (x86)\Lightspark 0.5.3-git</p><p>2014-12-11 10:02 - 2013-02-04 19:31 - 00000000 ____D () C:\ProgramData\Yahoo! Companion</p><p>2014-12-11 10:02 - 2012-11-09 15:58 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer</p><p>2014-12-11 10:02 - 2012-11-09 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoPerformer</p><p>2014-12-11 10:02 - 2012-05-12 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight</p><p>2014-12-11 10:02 - 2012-05-12 09:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight</p><p>2014-12-11 10:02 - 2012-05-12 09:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight</p><p>2014-12-11 10:02 - 2012-01-17 16:45 - 00000000 ___HD () C:\ProgramData\~0</p><p>2014-12-11 10:02 - 2012-01-02 19:27 - 00000000 ____D () C:\ProgramData\ActiveTracker</p><p>2014-12-11 10:02 - 2011-11-18 16:05 - 00000000 ____D () C:\Windows\system32\Macromed</p><p>2014-12-11 10:02 - 2011-10-30 15:01 - 00000000 ____D () C:\ProgramData\Real</p><p>2014-12-11 10:02 - 2011-09-06 19:28 - 00000000 ____D () C:\Windows\Minidump</p><p>2014-12-11 10:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat</p><p>2014-12-11 10:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared</p><p>2014-12-11 10:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration</p><p>2014-12-11 08:55 - 2012-12-20 21:53 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\Facebook</p><p>2014-12-11 08:55 - 2012-01-16 20:07 - 00000988 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA.job</p><p>2014-12-11 08:55 - 2012-01-16 20:07 - 00000966 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core.job</p><p>2014-12-11 08:52 - 2012-03-30 15:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe</p><p>2014-12-11 08:52 - 2012-03-30 15:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater</p><p>2014-12-11 08:52 - 2011-08-26 16:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2014-12-11 08:11 - 2014-06-19 14:47 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys</p><p>2014-12-11 08:10 - 2014-06-19 14:47 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys</p><p>2014-12-11 08:04 - 2011-08-26 14:17 - 00000000 ____D () C:\Users\SmartMoneyStrategies</p><p>2014-12-09 17:50 - 2013-08-14 20:44 - 00000000 ____D () C:\Windows\system32\MRT</p><p>2014-12-02 18:35 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp</p><p>2014-11-30 18:33 - 2011-09-06 19:28 - 853762830 _____ () C:\Windows\MEMORY.DMP</p><p>2014-11-29 20:52 - 2011-10-02 10:11 - 00003276 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSmartMoneyStrategies</p><p>2014-11-29 20:52 - 2011-10-02 10:11 - 00000392 _____ () C:\Windows\Tasks\HPCeeScheduleForSmartMoneyStrategies.job</p><p>2014-11-26 22:11 - 2014-06-11 14:19 - 00003642 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001</p><p>2014-11-23 16:00 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache</p><p>2014-11-23 12:43 - 2011-08-26 14:24 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Roaming\Adobe</p><p>2014-11-23 12:26 - 2014-08-25 20:19 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\Adobe</p><p>2014-11-23 12:24 - 2010-07-20 01:22 - 00000000 ____D () C:\Program Files (x86)\Adobe</p><p>2014-11-23 11:52 - 2013-10-08 17:44 - 00000000 ____D () C:\ProgramData\Oracle</p><p>2014-11-23 11:52 - 2013-10-08 17:04 - 00000000 ____D () C:\Program Files (x86)\Java</p><p>2014-11-23 11:50 - 2014-01-11 13:53 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe</p><p>2014-11-23 11:38 - 2009-07-13 22:45 - 00340768 _____ () C:\Windows\system32\FNTCACHE.DAT</p><p>2014-11-22 22:03 - 2011-08-26 15:20 - 00000000 ____D () C:\ProgramData\Microsoft Help</p><p>2014-11-22 22:00 - 2009-07-13 23:13 - 00793204 _____ () C:\Windows\system32\PerfStringBackup.INI</p><p>2014-11-22 21:53 - 2011-08-26 16:22 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe</p><p>2014-11-22 19:10 - 2014-06-19 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2014-11-22 19:10 - 2012-06-14 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome</p><p>2014-11-22 19:07 - 2010-07-20 01:22 - 00000000 ____D () C:\ProgramData\Adobe</p><p>2014-11-22 17:15 - 2012-02-26 16:03 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2014-11-22 17:15 - 2012-02-26 16:03 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore</p><p>2014-11-14 15:37 - 2014-10-30 15:48 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Documents\My Kindle Content</p><p>Some content of TEMP:</p><p>====================</p><p>C:\Users\SmartMoneyStrategies\AppData\Local\Temp\ose00000.exe</p><p></p><p>==================== Bamital & volsnap Check =================</p><p>(There is no automatic fix for files that do not pass verification.)</p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p>LastRegBack: 2014-12-05 22:33</p><p>==================== End Of Log ============================</p><p></p><p>AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}</p><p>AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}</p><p>==================== Installed Programs ======================</p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p>7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )</p><p>Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)</p><p>ActiveTracker (HKLM-x32\...\ActiveTracker 131105) (Version: 131105 - Name of your company)</p><p>Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)</p><p>Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)</p><p>Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)</p><p>Aegis Desktop (HKLM-x32\...\Aegis Desktop) (Version: 7.8.0.5 - WELIS, LLC)</p><p>Aegis Desktop (x32 Version: 7.8.0.5 - WELIS, LLC) Hidden</p><p>Allianz ForeSight Console 5.1.11.12 (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\e198fe59e6db0240) (Version: 5.1.11.12 - ForeSight Console 5)</p><p>Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)</p><p>Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies)</p><p>ATI Catalyst Install Manager (HKLM\...\{FB07515A-48AC-9996-16EE-3A3DC8CF8D8E}) (Version: 3.0.790.0 - ATI Technologies, Inc.)</p><p>Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)</p><p>Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)</p><p>Canon MF8300C Series (HKLM\...\{DB3D2C81-EF11-4b1f-9B55-3959AEE09E55}) (Version: 3.9.0.0 - CANON INC.)</p><p>ccc-core-static (x32 Version: 2010.0909.1412.23625 - ATI) Hidden</p><p>Century II MTL Illustrator (HKLM-x32\...\{4000D573-1E11-4F16-9FA8-5C6E0903DAA2}) (Version: 4.57.2 - MTL Insurance Company)</p><p>Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)</p><p>Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)</p><p>Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)</p><p>Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden</p><p>Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)</p><p>CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>DesktopMirror for Google and ACT! 5.0 (HKLM-x32\...\DesktopMirror for Google and ACT!_is1) (Version: - LivePIM Software Inc.)</p><p>DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>DoNotTrackMe Add-on 3.2.1166 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 3.2.1166 - Abine Inc)</p><p>Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION</p><p>DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)</p><p>DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden</p><p>Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)</p><p>Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)</p><p>Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)</p><p>FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )</p><p>Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)</p><p>Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>GoToMeeting 7.0.4.2033 (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\GoToMeeting) (Version: 7.0.4.2033 - CitrixOnline)</p><p>Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )</p><p>Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden</p><p>HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)</p><p>HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)</p><p>HP Documentation (HKLM-x32\...\{7D4318AC-9560-46F0-910F-0B38D6CDC009}) (Version: 1.1.2.0 - Hewlett-Packard)</p><p>HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )</p><p>HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)</p><p>HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)</p><p>HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)</p><p>HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)</p><p>HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)</p><p>HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)</p><p>HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)</p><p>HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)</p><p>HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)</p><p>HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)</p><p>HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)</p><p>HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)</p><p>HP Product Detection (HKLM-x32\...\{F13FBD0E-5CE1-4A3F-A4F0-C8633CB7B4DD}) (Version: 11.10.1000 - HP)</p><p>HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)</p><p>HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)</p><p>HP SimplePass Identity Protection (HKLM\...\{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}) (Version: 5.10.175 - DigitalPersona, Inc.)</p><p>HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)</p><p>HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)</p><p>IC Solutions (HKLM-x32\...\{C113D27D-CE95-4450-BDAA-A8547A73CC51}) (Version: 13.4 - National Life Insurance Company)</p><p>ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden</p><p>ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)</p><p>IDroo 1.0.0.186 (HKLM-x32\...\IDroo) (Version: 1.0.0.186 - Iteral Group OÃœ)</p><p>IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)</p><p>Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )</p><p>IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden</p><p>IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden</p><p>ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden</p><p>iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)</p><p>Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)</p><p>Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>join.me (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\JoinMe) (Version: 1.7.0.138 - LogMeIn, Inc.)</p><p>Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden</p><p>LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)</p><p>LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden</p><p>Lafayette Life Insurance Company (HKLM-x32\...\Lafayette Life Insurance Company) (Version: - )</p><p>LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)</p><p>Lightspark 0.5.3-git (HKLM-x32\...\Lightspark) (Version: 0.5.3-git - Lightspark Team)</p><p>Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)</p><p>Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)</p><p>Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)</p><p>Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Midland LifeSolutions (HKLM-x32\...\{DF01BC74-74F6-4A54-B4C8-050341F039EC}) (Version: 17.2 - Midland National)</p><p>Midland LifeSolutions (x32 Version: 17.2 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 17.3 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 17.4 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 17.4.1 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 18.1 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 18.2 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 18.3 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 18.5 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 18.6 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 19.3 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 19.5 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 20.0 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 20.2 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 21.1.1 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 21.2 - Midland National) Hidden</p><p>Midland LifeSolutions (x32 Version: 22.0 - Midland National) Hidden</p><p>MoneyTrax Inc. Circle of Wealth® System (HKLM-x32\...\Circle of Wealth® System) (Version: ver. 2013.1.0.0 - MoneyTrax Inc.)</p><p>Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)</p><p>Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden</p><p>Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)</p><p>Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)</p><p>Mutual of Omaha - Health (HKLM-x32\...\Mutual of Omaha - Health_is1) (Version: - Ebix Exchange, INC)</p><p>My Lockbox 2.9.9 (HKLM\...\My Lockbox_is1) (Version: 2.9.9 - )</p><p>NexDef Plug-in (HKLM-x32\...\Autobahn) (Version: - )</p><p>Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)</p><p>Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)</p><p>PDFLIB (HKLM-x32\...\PDFLIB) (Version: - )</p><p>PDFlib 4.0.1 (HKLM-x32\...\{58D92B58-1BE9-4DE4-AE88-ACB205D75B63}) (Version: - )</p><p>Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Penn Mutual Illustrator 11.1 (HKLM-x32\...\{9F5E5B90-E6A1-4427-AEBC-87B79133D316}) (Version: 11.1.0 - Penn Mutual Life Insurance)</p><p>PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)</p><p>PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden</p><p>Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)</p><p>Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden</p><p>PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)</p><p>PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden</p><p>Presto! PageManager 7.15.36 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.36 - NewSoft Technology Corporation)</p><p>PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden</p><p>PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden</p><p>PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden</p><p>Quote It! (HKLM-x32\...\Quote It!_is1) (Version: - Genworth Financial Inc.)</p><p>RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 2.40 - Philipp Winterberg)</p><p>RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden</p><p>RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks)</p><p>Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)</p><p>Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)</p><p>RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden</p><p>Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden</p><p>Security Mutual Illustrator (HKLM-x32\...\{99AF5B5F-5A55-49CE-B080-A2E60E289B4E}) (Version: 17.09.2011 - Security Mutual Life Insurance Company of New York)</p><p>Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden</p><p>Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)</p><p>Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)</p><p>SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.31 - NCH Software)</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated)</p><p>TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version: - 2nd Story Software, Inc.)</p><p>TaxACT 2012 Illinois (HKLM-x32\...\TaxACT 2012 Illinois) (Version: - 2nd Story Software, Inc.)</p><p>TaxACT 2013 - 1040 Edition (HKLM-x32\...\TaxACT 2013 - 1040 Edition) (Version: - TaxACT, Inc.)</p><p>TaxACT 2013 Illinois (HKLM-x32\...\TaxACT 2013 Illinois) (Version: - TaxACT, Inc.)</p><p>Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.061 - The New York Times Company)</p><p>Times Reader (x32 Version: 2.061 - The New York Times Company) Hidden</p><p>TransQuote (HKLM-x32\...\TransQuote) (Version: 10.01.20.00 - Transamerica)</p><p>TransQuote (x32 Version: 11.09.29.00 - Transamerica) Hidden</p><p>Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)</p><p>Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)</p><p>VideoPerformer (HKLM-x32\...\VideoPerformer) (Version: - PerformerSoft LLC) <==== ATTENTION</p><p>VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)</p><p>VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden</p><p>WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software)</p><p>Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)</p><p>Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)</p><p>Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )</p><p>WinFlex 6 (HKLM-x32\...\WinFlex 6_is1) (Version: 6.103.0.21 - Ebix Exchange, INC)</p><p>WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)</p><p>XFINITY Caller ID (HKLM-x32\...\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1) (Version: 3.1.38 - Comcast Cable Communications Management LLC)</p><p>XFINITY Caller ID (x32 Version: 3.1.38 - Comcast Cable Communications Management LLC) Hidden</p><p>Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )</p><p>Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)</p><p>Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )</p><p>Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)</p><p>Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden</p><p>==================== Custom CLSID (selected items): ==========================</p><p>(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)</p><p>CustomCLSID: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)</p><p>==================== Restore Points =========================</p><p>24-11-2014 04:03:00 Windows Update</p><p>02-12-2014 01:27:03 Scheduled Checkpoint</p><p>09-12-2014 23:27:10 Restore Operation</p><p>09-12-2014 23:39:33 Windows Update</p><p>11-12-2014 03:32:33 Windows Update</p><p>==================== Hosts content: ==========================</p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p>2009-07-13 20:34 - 2014-01-18 06:14 - 00450700 ____N C:\Windows\system32\Drivers\etc\hosts</p><p>127.0.0.1 <a href="http://www.007guard.com" target="_blank">www.007guard.com</a></p><p>127.0.0.1 007guard.com</p><p>127.0.0.1 008i.com</p><p>127.0.0.1 <a href="http://www.008k.com" target="_blank">www.008k.com</a></p><p>127.0.0.1 008k.com</p><p>127.0.0.1 <a href="http://www.00hq.com" target="_blank">www.00hq.com</a></p><p>127.0.0.1 00hq.com</p><p>127.0.0.1 010402.com</p><p>127.0.0.1 <a href="http://www.032439.com" target="_blank">www.032439.com</a></p><p>127.0.0.1 032439.com</p><p>127.0.0.1 <a href="http://www.0scan.com" target="_blank">www.0scan.com</a></p><p>127.0.0.1 0scan.com</p><p>127.0.0.1 1000gratisproben.com</p><p>127.0.0.1 <a href="http://www.1000gratisproben.com" target="_blank">www.1000gratisproben.com</a></p><p>127.0.0.1 1001namen.com</p><p>127.0.0.1 <a href="http://www.1001namen.com" target="_blank">www.1001namen.com</a></p><p>127.0.0.1 100888290cs.com</p><p>127.0.0.1 <a href="http://www.100888290cs.com" target="_blank">www.100888290cs.com</a></p><p>127.0.0.1 <a href="http://www.100sexlinks.com" target="_blank">www.100sexlinks.com</a></p><p>127.0.0.1 100sexlinks.com</p><p>127.0.0.1 10sek.com</p><p>127.0.0.1 <a href="http://www.10sek.com" target="_blank">www.10sek.com</a></p><p>127.0.0.1 <a href="http://www.1-2005-search.com" target="_blank">www.1-2005-search.com</a></p><p>127.0.0.1 1-2005-search.com</p><p>127.0.0.1 123fporn.info</p><p>127.0.0.1 <a href="http://www.123fporn.info" target="_blank">www.123fporn.info</a></p><p>127.0.0.1 123haustiereundmehr.com</p><p>127.0.0.1 <a href="http://www.123haustiereundmehr.com" target="_blank">www.123haustiereundmehr.com</a></p><p>127.0.0.1 123moviedownload.com</p><p>There are 1000 more lines.</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p>(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)</p><p>Task: {01905C9D-79C0-48B2-A6CD-D8F95543123C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)</p><p>Task: {059056F8-F986-43E7-84AA-2DC0EEA3B04B} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-08-11] (Hewlett-Packard)</p><p>Task: {071BA60D-089B-44FC-B214-6F4A9433D1B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)</p><p>Task: {1856D3CF-B589-42EA-917D-FED696E8EEC8} - System32\Tasks\{D61F72AE-A711-450B-8F7D-8BCED0AA9191} => C:\pmillus.exe [2011-08-27] (Penn Mutual Life Insurance )</p><p>Task: {271F4369-7E95-4305-9E53-0B4431FD54A3} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION</p><p>Task: {2B0029AD-B694-4194-ABB3-4C5D61CB4FA4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)</p><p>Task: {446D151E-7E0A-4E13-A56F-650E07B4F0B5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.)</p><p>Task: {58076638-2A22-4550-BD64-8312B9065876} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.)</p><p>Task: {63AB0163-FB3E-4265-9FB3-242B6F5AB9F4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)</p><p>Task: {6BC3E8D0-1951-467B-883D-E50C7216DCEC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {759D236F-9DB2-4A9D-9E1E-2110776BA959} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()</p><p>Task: {7F10C907-BBFA-4A1E-816A-968C50883873} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)</p><p>Task: {87A4C5E3-F081-497B-AD64-22953C6D2746} - System32\Tasks\Core Temp Autostart SmartMoneyStrategies => C:\Program Files\Core Temp\Core Temp.exe [2011-09-01] ()</p><p>Task: {8D7C1BD0-8D5C-43CC-AF67-527EBB14A150} - System32\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe [2014-11-26] (Citrix Online, a division of Citrix Systems, Inc.)</p><p>Task: {94F4C7A5-F74F-4AE0-9813-89842BE94ADE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.)</p><p>Task: {C4FE2EF8-07CD-4BC5-90C9-3A7229D944A4} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()</p><p>Task: {C8B3F0AF-99F6-4577-98E0-7DB94D5EC3BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated)</p><p>Task: {D99178FF-3844-455D-891C-E56F553E867E} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>Task: {E20A8E3D-8D56-4A40-82E8-905D1D7F7324} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()</p><p>Task: {F08002E3-A54A-45EB-A9B2-3D317E37849D} - System32\Tasks\HPCeeScheduleForSmartMoneyStrategies => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)</p><p>Task: {F68E5B13-7375-4818-8A1E-506EDE0A7846} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core.job => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA.job => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe</p><p>Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\HPCeeScheduleForSmartMoneyStrategies.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe</p><p>Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION</p><p>==================== Loaded Modules (whitelisted) =============</p><p>2010-01-20 17:20 - 2010-01-20 17:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe</p><p>2013-04-13 16:39 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe</p><p>2010-06-29 20:00 - 2010-06-29 20:00 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe</p><p>2013-12-28 13:49 - 2013-02-27 00:59 - 03065776 _____ () C:\Program Files (x86)\ActiveTracker\rn5.exe</p><p>2012-05-09 17:08 - 2012-05-09 17:08 - 00074752 _____ () C:\Program Files (x86)\Caller ID\Caller ID.exe</p><p>2011-08-11 09:27 - 2011-08-11 09:27 - 15490560 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe</p><p>2013-04-13 16:39 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe</p><p>2010-09-09 14:50 - 2010-09-09 14:50 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll</p><p>2010-09-09 13:11 - 2010-09-09 13:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll</p><p>2010-06-18 17:26 - 2010-06-18 17:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll</p><p>2010-06-18 17:26 - 2010-06-18 17:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll</p><p>2010-06-18 17:26 - 2010-06-18 17:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll</p><p>2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2011-09-18 14:12 - 2010-06-30 13:03 - 00051512 _____ () C:\Program Files\My Lockbox\fspflt.dll</p><p>2010-06-16 13:48 - 2010-06-16 13:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll</p><p>2010-06-16 13:48 - 2010-06-16 13:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll</p><p>2010-06-16 13:48 - 2010-06-16 13:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00024671 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\6a08173d0718dbb0783fee513cba195c\IO.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00024690 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\d138a21b4de1d36065da80913effcc49\HiRes.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00024673 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\0e21cfbb5a8724557d1fdb2fad1257b3\Fcntl.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00032885 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\ec7bb8ff9ad0c51d9cc5235bc8434e04\Dumper.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00082021 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\62021bee2a3c77a1a7316037e8f651f5\MatrixSSL.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00028760 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\14eb94a46b1d59d79d884f71880b5d9c\CPUtils.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00024664 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\11d17591008de70c1d0553f3e9a3abb3\SysTray.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00094306 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\5cfd16b7954a5ce94a6928eb6a342475\DBI.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00028791 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\bca525f1057a3c6464fa7a890a532d26\Util.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00036971 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\59e557f19044cb1e4dd067d30c7a98d8\Encode.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00032867 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\dae5b95ff7dc44764284c7dae55bde2a\Socket.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00028809 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\1601ac767a5adb5c5f07ad53d9d0e348\FastCalc.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00036942 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\7f6d8a0f10c6e5b83886d8ad4c8c8bd7\nscrypt.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00155779 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\845fe33881b76aefd22e65412b5f7ef2\Registry.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00061553 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\0a8fb0d11acdc10c02ea0fe9470463eb\Storable.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00020584 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\eaa37a0d95e6b7e5ca21502c8b3f4c74\Cwd.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00098431 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\106e9d8fe455779e07dcc5d37d541192\Zlib.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00032878 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\5c47212e5a0fae36b466c5247fa8d97e\API.dll</p><p>2014-12-11 10:19 - 2014-12-11 10:19 - 00090222 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\f195a4b7b0f71b5f4b1c61c634b0b648\OLE.dll</p><p>2011-08-11 09:27 - 2011-08-11 09:27 - 00020480 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll</p><p>2011-08-11 09:27 - 2011-08-11 09:27 - 00069632 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\java.dll</p><p>2011-08-11 09:27 - 2011-08-11 09:27 - 00126976 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\zip.dll</p><p>2011-08-11 09:27 - 2011-08-11 09:27 - 00159744 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\jetrt\baseline720.dll</p><p>2013-02-04 19:31 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll</p><p>2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll</p><p>2014-06-11 05:51 - 2014-06-11 05:51 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll</p><p>2014-06-11 05:51 - 2014-06-11 05:51 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll</p><p>2014-06-11 05:51 - 2014-06-11 05:51 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll</p><p>==================== Alternate Data Streams (whitelisted) =========</p><p>(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p>HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"</p><p>==================== EXE Association (whitelisted) =============</p><p>(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p>(Currently there is no automatic fix for this section.)</p><p>MSCONFIG\startupreg: AIM for Windows => "C:\Users\SmartMoneyStrategies\AppData\Local\AOL\AIM\aim.exe"</p><p>MSCONFIG\startupreg: Facebook Update => "C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver</p><p>MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4</p><p>MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background</p><p>========================= Accounts: ==========================</p><p>Administrator (S-1-5-21-3824992045-3126350346-3511581396-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-3824992045-3126350346-3511581396-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-3824992045-3126350346-3511581396-1002 - Limited - Enabled)</p><p>SmartMoneyStrategies (S-1-5-21-3824992045-3126350346-3511581396-1001 - Administrator - Enabled) => C:\Users\SmartMoneyStrategies</p><p>==================== Faulty Device Manager Devices =============</p><p>Name: AntiLog32</p><p>Description: AntiLog32</p><p>Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}</p><p>Manufacturer: </p><p>Service: AntiLog32</p><p>Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)</p><p>Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.</p><p>Devices stay in this state if they have been prepared for removal.</p><p>After you remove the device, this error disappears.Remove the device, and this error should be resolved.</p><p></p><p>==================== Event log errors: =========================</p><p>Application errors:</p><p>==================</p><p>Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 2848890</p><p>Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 2848890</p><p>Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: Continuously busy for more than a second</p><p>Error: (12/11/2014 10:19:32 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d</p><p>Faulting module name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x000000000002dbc6</p><p>Faulting process id: 0x894</p><p>Faulting application start time: 0xCore Temp.exe0</p><p>Faulting application path: Core Temp.exe1</p><p>Faulting module path: Core Temp.exe2</p><p>Report Id: Core Temp.exe3</p><p>Error: (12/10/2014 04:33:25 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d</p><p>Faulting module name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x000000000002dbc6</p><p>Faulting process id: 0x5a4</p><p>Faulting application start time: 0xCore Temp.exe0</p><p>Faulting application path: Core Temp.exe1</p><p>Faulting module path: Core Temp.exe2</p><p>Report Id: Core Temp.exe3</p><p>Error: (12/09/2014 06:54:25 PM) (Source: SideBySide) (EventID: 9) (User: )</p><p>Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.</p><p>The manifest file root element must be assembly.</p><p>Error: (12/09/2014 05:12:58 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce7a1c7</p><p>Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24</p><p>Exception code: 0xc0000264</p><p>Fault offset: 0x00000000000cd7e8</p><p>Faulting process id: 0x8c0</p><p>Faulting application start time: 0xsidebar.exe0</p><p>Faulting application path: sidebar.exe1</p><p>Faulting module path: sidebar.exe2</p><p>Report Id: sidebar.exe3</p><p>Error: (12/08/2014 08:31:13 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program iexplore.exe version 10.0.9200.17148 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p>Process ID: 2894</p><p>Start Time: 01d0134b6539eb21</p><p>Termination Time: 0</p><p>Application Path: C:\Program Files\Internet Explorer\iexplore.exe</p><p>Report Id:</p><p>Error: (12/08/2014 06:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledSPRetry 1686870</p><p>Error: (12/08/2014 06:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )</p><p>Description: Task Scheduling Error: m->NextScheduledEvent 1686870</p><p></p><p>System errors:</p><p>=============</p><p>Error: (12/11/2014 11:21:21 AM) (Source: BROWSER) (EventID: 8032) (User: )</p><p>Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{711245CD-18C2-443B-A0BB-719A0DEE65F4}.</p><p>The backup browser is stopping.</p><p>Error: (12/11/2014 10:20:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)</p><p>Error: (12/11/2014 10:19:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Norton Online Backup service failed to start due to the following error: </p><p>%%2</p><p>Error: (12/11/2014 10:19:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The CGPS Service service failed to start due to the following error: </p><p>%%2</p><p>Error: (12/11/2014 10:17:44 AM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}</p><p>Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)</p><p>Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB3013126).</p><p>Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)</p><p>Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3003057).</p><p>Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)</p><p>Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3008923).</p><p>Error: (12/11/2014 08:05:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)</p><p>Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)</p><p>Error: (12/11/2014 08:04:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>BHDrvx64</p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>==================== Memory info ===========================</p><p>Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz</p><p>Percentage of memory in use: 41%</p><p>Total physical RAM: 6077.86 MB</p><p>Available physical RAM: 3527.24 MB</p><p>Total Pagefile: 12153.9 MB</p><p>Available Pagefile: 8990.91 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.82 MB</p><p>==================== Drives ================================</p><p>Drive c: (OS) (Fixed) (Total:443.56 GB) (Free:354.84 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:456.37 GB) NTFS</p><p>Drive e: (RECOVERY) (Fixed) (Total:21.91 GB) (Free:3.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32</p><p>==================== MBR & Partition Table ==================</p><p>========================================================</p><p>Disk: 0 (Size: 465.8 GB) (Disk ID: 2FBFE761)</p><p>Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=443.6 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)</p><p>Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)</p><p>========================================================</p><p>Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F773DF0)</p><p>Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)</p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="FredricJLowe, post: 313474, member: 30586"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 01 Ran by SmartMoneyStrategies at 2014-12-11 11:22:56 Running from C:\Users\SmartMoneyStrategies\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 01 Ran by SmartMoneyStrategies (administrator) on SMARTMONEYSTRAT on 11-12-2014 11:21:59 Running from C:\Users\SmartMoneyStrategies\Desktop Loaded Profile: SmartMoneyStrategies (Available profiles: SmartMoneyStrategies) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [url]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/url] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (AMD) C:\Windows\System32\atieclxx.exe (Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe (Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (Abine Inc.) C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe () C:\Program Files (x86)\ActiveTracker\rn5.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe () C:\Program Files (x86)\Caller ID\Caller ID.exe () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\n360.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe (DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-17] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.) HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] () HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company) HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2584864 2013-07-06] (FSPro Labs) HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] () HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [508312 2009-12-15] (CANON INC.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-29] (Hewlett-Packard Company) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296056 2011-12-03] (RealNetworks, Inc.) HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [AbineAutoUpdate] => C:\Program Files (x86)\DoNotTrackMe\AbineAutoUpdate.exe [127352 2014-07-22] (Abine Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [1712184 2010-02-09] () HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-06-16] (Hewlett-Packard Company) HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-13] (Google Inc.) HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Run: [rn5.exe] => C:\Program Files (x86)\ActiveTracker\rn5.exe [3065776 2013-02-27] () HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\RunOnce: [Adobe Speed Launcher] => 1418314795 Lsa: [Notification Packages] DPPassFilter scecli Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Constant Guard.lnk ShortcutTarget: Constant Guard.lnk -> C:\Program Files (x86)\Constant Guard Protection Suite\IDVault.exe (No File) Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Caller ID.lnk ShortcutTarget: Caller ID.lnk -> C:\Program Files (x86)\Caller ID\Caller ID.exe () Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Comcast Universal Caller ID.lnk ShortcutTarget: Comcast Universal Caller ID.lnk -> C:\Program Files (x86)\Comcast Universal Caller ID\Comcast Universal Caller ID.exe (No File) Startup: C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexDef Plug-in.lnk ShortcutTarget: NexDef Plug-in.lnk -> C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe () ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\buShell.dll (Symantec Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION ProxyServer: [S-1-5-21-3824992045-3126350346-3511581396-1001] => localhost:8080 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = [url]https://www.google.com/[/url] SearchScopes: HKLM -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = [url]http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox[/url] SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [url]http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms[/url]} SearchScopes: HKLM -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = [url]http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl[/url] SearchScopes: HKLM -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = [url]http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF[/url] SearchScopes: HKLM -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = [url]http://en.wikipedia.org/wiki/Special:Search?search={searchTerms[/url]} SearchScopes: HKLM-x32 -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = [url]http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox[/url] SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = [url]http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-opencandy.r-chromesbox-en-us&tb_uuid=20120403213025736&tb_oid=03-04-2012&tb_mrud=03-04-2012[/url] SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [url]http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms[/url]} SearchScopes: HKLM-x32 -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = [url]http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl[/url] SearchScopes: HKLM-x32 -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = [url]http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF[/url] SearchScopes: HKLM-x32 -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = [url]http://en.wikipedia.org/wiki/Special:Search?search={searchTerms[/url]} SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {00F66D1F-CB8F-4697-B8A6-0D044C10891A} URL = SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {07550832-9707-4820-836E-A5717082572F} URL = [url]http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933&SSPV=IEOB05[/url] SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = [url]http://dts.search-results.com/sr?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms[/url]} SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = [url]http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869[/url] SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = [url]http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80273&iwk=252&lng=en[/url] SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {CC9C1F90-27EA-4690-95B0-DA9ADC541227} URL = SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {D603DB46-AC59-46AE-92B6-4E207A39EEF0} URL = [url]http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF[/url] SearchScopes: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> {EB5DAC6F-6316-47E8-9B15-4AFC50AEA822} URL = BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: DoNotTrackMe BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\3.2.1166\AbineBHO64.dll (Abine Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File BHO-x32: CRnPluginSite Object -> {0050A87F-CF26-41AE-9C0A-C32307C941CB} -> C:\Program Files (x86)\ActiveTracker\plugins\internetexplorer\wegie\wegie.dll (ReadNotify.com) BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Constant Guard Protection Suite -> {B84CDBE7-1B46-494B-A188-01D4C52DEB61} -> C:\ProgramData\White Sky, Inc\ID Vault\IEBHO1.14.416.5\NativeBHO.dll (WhiteSky) BHO-x32: DoNotTrackMe BHO -> {C584D6D2-EF22-4C61-BF5B-0C7E723D836C} -> C:\Program Files (x86)\DoNotTrackMe\3.2.1166\AbineBHO.dll (Abine Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation) Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> No Name - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No File Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Toolbar: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation) DPF: HKLM-x32 {33704B0F-9EB7-434B-B752-EA6CFFB87423} [url]http://beachcam.resortscasinohotel.com/JpegInst.cab[/url] DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} [url]http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect114a.cab[/url] Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 FireFox: ======== FF ProfilePath: C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.0.198 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=15.0.0.198 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3824992045-3126350346-3511581396-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll ( ) FF Plugin HKU\S-1-5-21-3824992045-3126350346-3511581396-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Extension: FreeWorkz - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email]links@freeworkz.com[/email] [2012-05-23] FF Extension: XFINITY Constant Guard Protection Suite - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\idvaultaddon@whitesky [2014-06-08] FF Extension: No Name - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\temp [2014-06-08] FF Extension: Exif Viewer - C:\Users\SmartMoneyStrategies\AppData\Roaming\Mozilla\Firefox\Profiles\j58jwzsa.default\Extensions\[email]exif_viewer@mozilla.doslash.org.xpi[/email] [2013-10-15] FF HKLM-x32\...\Firefox\Extensions: [[email]otis@digitalpersona.com[/email]] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2010-09-16] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-12-03] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-06-09] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-12-11] Chrome: ======= CHR HomePage: Default -> hxxp://[url="http://www.google.com"]www.google.com[/url] CHR StartupUrls: Default -> "hxxp://[url="http://www.google.com"]www.google.com[/url]" CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll No File CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) CHR Profile: C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-10] CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2012-11-07] CHR Extension: (Norton Identity Safe) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-20] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2012-06-14] CHR Extension: (Skype Click to Call) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-23] CHR Extension: (Refresh Monkey) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-10-15] CHR Extension: (Norton Security Toolbar) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-04-04] CHR Extension: (Google Wallet) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30] CHR Extension: (Readnotify.com Web Plugin) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nofmhkiliplhcecdhmfndhjbppbmoegk [2012-10-27] CHR Extension: (Page Monitor) - C:\Users\SmartMoneyStrategies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2014-10-15] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04] CHR HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Users\SMARTM~1\AppData\Local\funmoods.crx [Not Found] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-12-03] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14] CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink) R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-29] () S4 ISW; C:\Program Files (x86)\Transamerica\TransQuote\TransQuote.exe [109056 2011-09-28] (Transamerica) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed] R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\N360.exe [265040 2014-09-22] (Symantec Corporation) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S2 IDVaultSvc; "C:\Program Files (x86)\Constant Guard Protection Suite\IDVaultSvc.exe" [X] S2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20141209.001_3a9\BHDrvx64.sys [1587416 2014-12-09] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-10] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-10] (Symantec Corporation) R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs) R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20141210.001_432\IDSvia64.sys [637656 2014-12-10] (Symantec Corporation) R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141210.021\ENG64.SYS [129752 2014-12-10] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20141210.021\EX64.SYS [2137304 2014-12-10] (Symantec Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation) R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34512 2014-08-22] () R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-06-09] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation) R3 ALSysIO; \??\C:\Users\SMARTM~1\AppData\Local\Temp\ALSysIO64.sys [X] S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X] S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-11 11:20 - 2014-12-11 11:20 - 02119680 _____ (Farbar) C:\Users\SmartMoneyStrategies\Desktop\frst64.exe 2014-12-11 08:11 - 2014-12-11 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-12-11 08:09 - 2014-12-11 10:17 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Desktop\mbar 2014-12-11 08:08 - 2014-12-11 08:08 - 16448208 _____ (Malwarebytes Corp.) C:\Users\SmartMoneyStrategies\Desktop\mbar-1.08.2.1001.exe 2014-12-10 20:58 - 2014-12-10 20:58 - 00000585 _____ () C:\Users\SmartMoneyStrategies\Desktop\aswMBR.txt 2014-12-10 20:54 - 2014-12-11 11:22 - 00033890 _____ () C:\Users\SmartMoneyStrategies\Desktop\FRST.txt 2014-12-10 20:53 - 2014-12-10 20:54 - 00047233 _____ () C:\Users\SmartMoneyStrategies\Desktop\Addition.txt 2014-12-10 20:50 - 2014-12-11 11:22 - 00000000 ____D () C:\FRST 2014-12-10 20:47 - 2014-12-10 20:47 - 00001446 _____ () C:\Users\SmartMoneyStrategies\Desktop\AdwCleaner[R3].txt 2014-12-10 19:21 - 2014-12-10 20:45 - 00000000 ____D () C:\AdwCleaner 2014-12-10 16:38 - 2014-11-21 01:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 16:38 - 2014-11-21 01:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 16:38 - 2014-11-21 01:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-06 14:51 - 2014-12-11 10:02 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-12-06 14:51 - 2014-12-10 16:55 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-11-30 18:33 - 2014-11-30 18:33 - 00275088 _____ () C:\Windows\Minidump\113014-35849-01.dmp 2014-11-23 12:49 - 2014-10-25 19:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-23 12:49 - 2014-10-25 19:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-23 12:49 - 2014-10-25 19:56 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-23 12:49 - 2014-10-25 19:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-23 12:49 - 2014-10-25 19:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-23 12:49 - 2014-10-25 19:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-23 12:49 - 2014-10-25 19:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-23 12:49 - 2014-10-25 19:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-23 12:49 - 2014-10-25 19:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-23 12:49 - 2014-10-25 19:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-23 12:49 - 2014-10-25 18:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-23 12:49 - 2014-10-25 18:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled(44).dll 2014-11-23 12:49 - 2014-10-25 18:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-23 12:49 - 2014-10-25 18:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32(42).dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy(43).dll 2014-11-23 12:49 - 2014-10-25 18:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-23 12:49 - 2014-10-25 18:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-23 12:49 - 2014-10-25 18:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-23 12:49 - 2014-10-25 17:22 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-11-23 12:49 - 2014-10-25 17:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-11-23 12:43 - 2014-11-23 12:43 - 00000135 _____ () C:\Windows\SysWOW64\debug.log 2014-11-23 12:25 - 2014-12-11 08:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-11-23 12:25 - 2014-11-23 12:25 - 00001981 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-11-23 11:52 - 2014-11-23 11:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-11-23 11:52 - 2014-11-23 11:50 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-11-23 11:52 - 2014-11-23 11:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-22 17:38 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-22 17:38 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-22 17:38 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-22 17:38 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-22 17:38 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-22 17:38 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-22 17:38 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-22 17:38 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-22 17:38 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-22 17:37 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-22 17:37 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-22 17:37 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-22 17:37 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-22 17:37 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-22 17:37 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-22 17:37 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-22 17:37 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-22 17:37 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-22 17:37 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-22 17:37 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-22 17:37 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-22 17:37 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-22 17:37 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-22 17:37 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-22 17:37 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-22 17:37 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-22 17:37 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-22 17:37 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-22 17:37 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-22 17:36 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-22 17:36 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-22 17:36 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-22 17:36 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-22 17:36 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-18 21:34 - 2014-11-22 19:23 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Desktop\Autoruns 2014-11-18 21:33 - 2014-11-18 21:33 - 00511633 _____ () C:\Users\SmartMoneyStrategies\Desktop\Autoruns.zip 2014-11-15 15:45 - 2014-11-22 19:03 - 00000000 ____D () C:\Program Files (x86)\QuickTime ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-11 11:20 - 2012-02-26 16:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-11 11:18 - 2014-06-11 14:19 - 00000568 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001.job 2014-12-11 11:18 - 2012-03-30 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-11 10:26 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-11 10:26 - 2009-07-13 22:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-11 10:25 - 2010-09-16 02:56 - 01620338 _____ () C:\Windows\WindowsUpdate.log 2014-12-11 10:19 - 2014-08-02 15:10 - 00000000 ____D () C:\Program Files (x86)\DoNotTrackMe 2014-12-11 10:19 - 2012-12-13 17:15 - 00000444 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job 2014-12-11 10:19 - 2012-02-26 16:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-11 10:19 - 2012-01-02 19:28 - 00000000 _____ () C:\Windows\rntest.txt 2014-12-11 10:19 - 2011-08-29 18:54 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\CrashDumps 2014-12-11 10:18 - 2010-09-16 03:03 - 00936640 _____ () C:\Windows\PFRO.log 2014-12-11 10:18 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-11 10:18 - 2009-07-13 22:51 - 00135185 _____ () C:\Windows\setupact.log 2014-12-11 10:02 - 2014-08-22 13:53 - 00000000 ____D () C:\ProgramData\NCH Software 2014-12-11 10:02 - 2014-08-22 13:50 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-12-11 10:02 - 2014-06-19 14:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-12-11 10:02 - 2014-06-09 07:34 - 00000000 ____D () C:\ProgramData\Norton 2014-12-11 10:02 - 2014-02-17 20:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git 2014-12-11 10:02 - 2014-02-17 20:38 - 00000000 ____D () C:\Program Files (x86)\Lightspark 0.5.3-git 2014-12-11 10:02 - 2013-02-04 19:31 - 00000000 ____D () C:\ProgramData\Yahoo! Companion 2014-12-11 10:02 - 2012-11-09 15:58 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoPerformer 2014-12-11 10:02 - 2012-11-09 15:58 - 00000000 ____D () C:\Program Files (x86)\VideoPerformer 2014-12-11 10:02 - 2012-05-12 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-12-11 10:02 - 2012-05-12 09:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-12-11 10:02 - 2012-05-12 09:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-12-11 10:02 - 2012-01-17 16:45 - 00000000 ___HD () C:\ProgramData\~0 2014-12-11 10:02 - 2012-01-02 19:27 - 00000000 ____D () C:\ProgramData\ActiveTracker 2014-12-11 10:02 - 2011-11-18 16:05 - 00000000 ____D () C:\Windows\system32\Macromed 2014-12-11 10:02 - 2011-10-30 15:01 - 00000000 ____D () C:\ProgramData\Real 2014-12-11 10:02 - 2011-09-06 19:28 - 00000000 ____D () C:\Windows\Minidump 2014-12-11 10:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 10:02 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-12-11 10:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration 2014-12-11 08:55 - 2012-12-20 21:53 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\Facebook 2014-12-11 08:55 - 2012-01-16 20:07 - 00000988 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA.job 2014-12-11 08:55 - 2012-01-16 20:07 - 00000966 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core.job 2014-12-11 08:52 - 2012-03-30 15:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-11 08:52 - 2012-03-30 15:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-11 08:52 - 2011-08-26 16:24 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-11 08:11 - 2014-06-19 14:47 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-11 08:10 - 2014-06-19 14:47 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-12-11 08:04 - 2011-08-26 14:17 - 00000000 ____D () C:\Users\SmartMoneyStrategies 2014-12-09 17:50 - 2013-08-14 20:44 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-02 18:35 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-11-30 18:33 - 2011-09-06 19:28 - 853762830 _____ () C:\Windows\MEMORY.DMP 2014-11-29 20:52 - 2011-10-02 10:11 - 00003276 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSmartMoneyStrategies 2014-11-29 20:52 - 2011-10-02 10:11 - 00000392 _____ () C:\Windows\Tasks\HPCeeScheduleForSmartMoneyStrategies.job 2014-11-26 22:11 - 2014-06-11 14:19 - 00003642 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001 2014-11-23 16:00 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache 2014-11-23 12:43 - 2011-08-26 14:24 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Roaming\Adobe 2014-11-23 12:26 - 2014-08-25 20:19 - 00000000 ____D () C:\Users\SmartMoneyStrategies\AppData\Local\Adobe 2014-11-23 12:24 - 2010-07-20 01:22 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-11-23 11:52 - 2013-10-08 17:44 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-23 11:52 - 2013-10-08 17:04 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-23 11:50 - 2014-01-11 13:53 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-11-23 11:38 - 2009-07-13 22:45 - 00340768 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-22 22:03 - 2011-08-26 15:20 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-22 22:00 - 2009-07-13 23:13 - 00793204 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-22 21:53 - 2011-08-26 16:22 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-22 19:10 - 2014-06-19 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-11-22 19:10 - 2012-06-14 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-22 19:07 - 2010-07-20 01:22 - 00000000 ____D () C:\ProgramData\Adobe 2014-11-22 17:15 - 2012-02-26 16:03 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-22 17:15 - 2012-02-26 16:03 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-14 15:37 - 2014-10-30 15:48 - 00000000 ____D () C:\Users\SmartMoneyStrategies\Documents\My Kindle Content Some content of TEMP: ==================== C:\Users\SmartMoneyStrategies\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-05 22:33 ==================== End Of Log ============================ AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) ActiveTracker (HKLM-x32\...\ActiveTracker 131105) (Version: 131105 - Name of your company) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc) Aegis Desktop (HKLM-x32\...\Aegis Desktop) (Version: 7.8.0.5 - WELIS, LLC) Aegis Desktop (x32 Version: 7.8.0.5 - WELIS, LLC) Hidden Allianz ForeSight Console 5.1.11.12 (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\e198fe59e6db0240) (Version: 5.1.11.12 - ForeSight Console 5) Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies) ATI Catalyst Install Manager (HKLM\...\{FB07515A-48AC-9996-16EE-3A3DC8CF8D8E}) (Version: 3.0.790.0 - ATI Technologies, Inc.) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation) Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.) Canon MF8300C Series (HKLM\...\{DB3D2C81-EF11-4b1f-9B55-3959AEE09E55}) (Version: 3.9.0.0 - CANON INC.) ccc-core-static (x32 Version: 2010.0909.1412.23625 - ATI) Hidden Century II MTL Illustrator (HKLM-x32\...\{4000D573-1E11-4F16-9FA8-5C6E0903DAA2}) (Version: 4.57.2 - MTL Insurance Company) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.) Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden Core Temp 1.0 RC2 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation) Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation) CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DesktopMirror for Google and ACT! 5.0 (HKLM-x32\...\DesktopMirror for Google and ACT!_is1) (Version: - LivePIM Software Inc.) DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden DoNotTrackMe Add-on 3.2.1166 (HKLM-x32\...\DoNotTrackMe Add-on_is1) (Version: 3.2.1166 - Abine Inc) Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - ) Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden GoToMeeting 7.0.4.2033 (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\GoToMeeting) (Version: 7.0.4.2033 - CitrixOnline) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard) HP Documentation (HKLM-x32\...\{7D4318AC-9560-46F0-910F-0B38D6CDC009}) (Version: 1.1.2.0 - Hewlett-Packard) HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - ) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent) HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard) HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard) HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard) HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard) HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife) HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company) HP Product Detection (HKLM-x32\...\{F13FBD0E-5CE1-4A3F-A4F0-C8633CB7B4DD}) (Version: 11.10.1000 - HP) HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard) HP SimplePass Identity Protection (HKLM\...\{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}) (Version: 5.10.175 - DigitalPersona, Inc.) HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company) HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company) IC Solutions (HKLM-x32\...\{C113D27D-CE95-4450-BDAA-A8547A73CC51}) (Version: 13.4 - National Life Insurance Company) ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ) IDroo 1.0.0.186 (HKLM-x32\...\IDroo) (Version: 1.0.0.186 - Iteral Group OÃœ) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation) Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - ) IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden join.me (HKU\S-1-5-21-3824992045-3126350346-3511581396-1001\...\JoinMe) (Version: 1.7.0.138 - LogMeIn, Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden Lafayette Life Insurance Company (HKLM-x32\...\Lafayette Life Insurance Company) (Version: - ) LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe) Lightspark 0.5.3-git (HKLM-x32\...\Lightspark) (Version: 0.5.3-git - Lightspark Team) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Midland LifeSolutions (HKLM-x32\...\{DF01BC74-74F6-4A54-B4C8-050341F039EC}) (Version: 17.2 - Midland National) Midland LifeSolutions (x32 Version: 17.2 - Midland National) Hidden Midland LifeSolutions (x32 Version: 17.3 - Midland National) Hidden Midland LifeSolutions (x32 Version: 17.4 - Midland National) Hidden Midland LifeSolutions (x32 Version: 17.4.1 - Midland National) Hidden Midland LifeSolutions (x32 Version: 18.1 - Midland National) Hidden Midland LifeSolutions (x32 Version: 18.2 - Midland National) Hidden Midland LifeSolutions (x32 Version: 18.3 - Midland National) Hidden Midland LifeSolutions (x32 Version: 18.5 - Midland National) Hidden Midland LifeSolutions (x32 Version: 18.6 - Midland National) Hidden Midland LifeSolutions (x32 Version: 19.3 - Midland National) Hidden Midland LifeSolutions (x32 Version: 19.5 - Midland National) Hidden Midland LifeSolutions (x32 Version: 20.0 - Midland National) Hidden Midland LifeSolutions (x32 Version: 20.2 - Midland National) Hidden Midland LifeSolutions (x32 Version: 21.1.1 - Midland National) Hidden Midland LifeSolutions (x32 Version: 21.2 - Midland National) Hidden Midland LifeSolutions (x32 Version: 22.0 - Midland National) Hidden MoneyTrax Inc. Circle of Wealth® System (HKLM-x32\...\Circle of Wealth® System) (Version: ver. 2013.1.0.0 - MoneyTrax Inc.) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Mutual of Omaha - Health (HKLM-x32\...\Mutual of Omaha - Health_is1) (Version: - Ebix Exchange, INC) My Lockbox 2.9.9 (HKLM\...\My Lockbox_is1) (Version: 2.9.9 - ) NexDef Plug-in (HKLM-x32\...\Autobahn) (Version: - ) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) Norton Security Suite (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation) PDFLIB (HKLM-x32\...\PDFLIB) (Version: - ) PDFlib 4.0.1 (HKLM-x32\...\{58D92B58-1BE9-4DE4-AE88-ACB205D75B63}) (Version: - ) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Penn Mutual Illustrator 11.1 (HKLM-x32\...\{9F5E5B90-E6A1-4427-AEBC-87B79133D316}) (Version: 11.1.0 - Penn Mutual Life Insurance) PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.) PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden Presto! PageManager 7.15.36 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.36 - NewSoft Technology Corporation) PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Quote It! (HKLM-x32\...\Quote It!_is1) (Version: - Genworth Financial Inc.) RAR File Open Knife - Free Opener (HKLM-x32\...\RAR File Open Knife - Free Opener) (Version: 2.40 - Philipp Winterberg) RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: - RealNetworks) Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden Security Mutual Illustrator (HKLM-x32\...\{99AF5B5F-5A55-49CE-B080-A2E60E289B4E}) (Version: 17.09.2011 - Security Mutual Life Insurance Company of New York) Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SoundTap Streaming Audio Recorder (HKLM-x32\...\SoundTap) (Version: 2.31 - NCH Software) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated) TaxACT 2012 - 1040 Edition (HKLM-x32\...\TaxACT 2012 - 1040 Edition) (Version: - 2nd Story Software, Inc.) TaxACT 2012 Illinois (HKLM-x32\...\TaxACT 2012 Illinois) (Version: - 2nd Story Software, Inc.) TaxACT 2013 - 1040 Edition (HKLM-x32\...\TaxACT 2013 - 1040 Edition) (Version: - TaxACT, Inc.) TaxACT 2013 Illinois (HKLM-x32\...\TaxACT 2013 Illinois) (Version: - TaxACT, Inc.) Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.061 - The New York Times Company) Times Reader (x32 Version: 2.061 - The New York Times Company) Hidden TransQuote (HKLM-x32\...\TransQuote) (Version: 10.01.20.00 - Transamerica) TransQuote (x32 Version: 11.09.29.00 - Transamerica) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.) VideoPerformer (HKLM-x32\...\VideoPerformer) (Version: - PerformerSoft LLC) <==== ATTENTION VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN) VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.96 - NCH Software) Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) WinFlex 6 (HKLM-x32\...\WinFlex 6_is1) (Version: 6.103.0.21 - Ebix Exchange, INC) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) XFINITY Caller ID (HKLM-x32\...\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1) (Version: 3.1.38 - Comcast Cable Communications Management LLC) XFINITY Caller ID (x32 Version: 3.1.38 - Comcast Cable Communications Management LLC) Hidden Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - ) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3824992045-3126350346-3511581396-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1350\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) ==================== Restore Points ========================= 24-11-2014 04:03:00 Windows Update 02-12-2014 01:27:03 Scheduled Checkpoint 09-12-2014 23:27:10 Restore Operation 09-12-2014 23:39:33 Windows Update 11-12-2014 03:32:33 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2014-01-18 06:14 - 00450700 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 [URL='http://www.007guard.com']www.007guard.com[/URL] 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 [URL='http://www.008k.com']www.008k.com[/URL] 127.0.0.1 008k.com 127.0.0.1 [URL='http://www.00hq.com']www.00hq.com[/URL] 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 [URL='http://www.032439.com']www.032439.com[/URL] 127.0.0.1 032439.com 127.0.0.1 [URL='http://www.0scan.com']www.0scan.com[/URL] 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 [URL='http://www.1000gratisproben.com']www.1000gratisproben.com[/URL] 127.0.0.1 1001namen.com 127.0.0.1 [URL='http://www.1001namen.com']www.1001namen.com[/URL] 127.0.0.1 100888290cs.com 127.0.0.1 [URL='http://www.100888290cs.com']www.100888290cs.com[/URL] 127.0.0.1 [URL='http://www.100sexlinks.com']www.100sexlinks.com[/URL] 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 [URL='http://www.10sek.com']www.10sek.com[/URL] 127.0.0.1 [URL='http://www.1-2005-search.com']www.1-2005-search.com[/URL] 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 [URL='http://www.123fporn.info']www.123fporn.info[/URL] 127.0.0.1 123haustiereundmehr.com 127.0.0.1 [URL='http://www.123haustiereundmehr.com']www.123haustiereundmehr.com[/URL] 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {01905C9D-79C0-48B2-A6CD-D8F95543123C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation) Task: {059056F8-F986-43E7-84AA-2DC0EEA3B04B} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [2011-08-11] (Hewlett-Packard) Task: {071BA60D-089B-44FC-B214-6F4A9433D1B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.) Task: {1856D3CF-B589-42EA-917D-FED696E8EEC8} - System32\Tasks\{D61F72AE-A711-450B-8F7D-8BCED0AA9191} => C:\pmillus.exe [2011-08-27] (Penn Mutual Life Insurance ) Task: {271F4369-7E95-4305-9E53-0B4431FD54A3} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION Task: {2B0029AD-B694-4194-ABB3-4C5D61CB4FA4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.) Task: {446D151E-7E0A-4E13-A56F-650E07B4F0B5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.) Task: {58076638-2A22-4550-BD64-8312B9065876} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.) Task: {63AB0163-FB3E-4265-9FB3-242B6F5AB9F4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink) Task: {6BC3E8D0-1951-467B-883D-E50C7216DCEC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {759D236F-9DB2-4A9D-9E1E-2110776BA959} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {7F10C907-BBFA-4A1E-816A-968C50883873} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.) Task: {87A4C5E3-F081-497B-AD64-22953C6D2746} - System32\Tasks\Core Temp Autostart SmartMoneyStrategies => C:\Program Files\Core Temp\Core Temp.exe [2011-09-01] () Task: {8D7C1BD0-8D5C-43CC-AF67-527EBB14A150} - System32\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe [2014-11-26] (Citrix Online, a division of Citrix Systems, Inc.) Task: {94F4C7A5-F74F-4AE0-9813-89842BE94ADE} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3824992045-3126350346-3511581396-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2011-11-08] (RealNetworks, Inc.) Task: {C4FE2EF8-07CD-4BC5-90C9-3A7229D944A4} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {C8B3F0AF-99F6-4577-98E0-7DB94D5EC3BB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-11] (Adobe Systems Incorporated) Task: {D99178FF-3844-455D-891C-E56F553E867E} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {E20A8E3D-8D56-4A40-82E8-905D1D7F7324} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] () Task: {F08002E3-A54A-45EB-A9B2-3D317E37849D} - System32\Tasks\HPCeeScheduleForSmartMoneyStrategies => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard) Task: {F68E5B13-7375-4818-8A1E-506EDE0A7846} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001Core.job => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3824992045-3126350346-3511581396-1001UA.job => C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3824992045-3126350346-3511581396-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\2033\g2mupdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForSmartMoneyStrategies.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2010-01-20 17:20 - 2010-01-20 17:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe 2013-04-13 16:39 - 2006-09-20 07:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe 2010-06-29 20:00 - 2010-06-29 20:00 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 2013-12-28 13:49 - 2013-02-27 00:59 - 03065776 _____ () C:\Program Files (x86)\ActiveTracker\rn5.exe 2012-05-09 17:08 - 2012-05-09 17:08 - 00074752 _____ () C:\Program Files (x86)\Caller ID\Caller ID.exe 2011-08-11 09:27 - 2011-08-11 09:27 - 15490560 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\nexdef.exe 2013-04-13 16:39 - 2006-10-30 15:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe 2010-09-09 14:50 - 2010-09-09 14:50 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-09-09 13:11 - 2010-09-09 13:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2010-06-18 17:26 - 2010-06-18 17:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll 2010-06-18 17:26 - 2010-06-18 17:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll 2010-06-18 17:26 - 2010-06-18 17:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2011-09-18 14:12 - 2010-06-30 13:03 - 00051512 _____ () C:\Program Files\My Lockbox\fspflt.dll 2010-06-16 13:48 - 2010-06-16 13:48 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll 2010-06-16 13:48 - 2010-06-16 13:48 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll 2010-06-16 13:48 - 2010-06-16 13:48 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00024671 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\6a08173d0718dbb0783fee513cba195c\IO.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00024690 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\d138a21b4de1d36065da80913effcc49\HiRes.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00024673 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\0e21cfbb5a8724557d1fdb2fad1257b3\Fcntl.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00032885 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\ec7bb8ff9ad0c51d9cc5235bc8434e04\Dumper.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00082021 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\62021bee2a3c77a1a7316037e8f651f5\MatrixSSL.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00028760 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\14eb94a46b1d59d79d884f71880b5d9c\CPUtils.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00024664 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\11d17591008de70c1d0553f3e9a3abb3\SysTray.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00094306 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\5cfd16b7954a5ce94a6928eb6a342475\DBI.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00028791 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\bca525f1057a3c6464fa7a890a532d26\Util.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00036971 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\59e557f19044cb1e4dd067d30c7a98d8\Encode.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00032867 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\dae5b95ff7dc44764284c7dae55bde2a\Socket.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00028809 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\1601ac767a5adb5c5f07ad53d9d0e348\FastCalc.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00036942 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\7f6d8a0f10c6e5b83886d8ad4c8c8bd7\nscrypt.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00155779 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\845fe33881b76aefd22e65412b5f7ef2\Registry.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00061553 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\0a8fb0d11acdc10c02ea0fe9470463eb\Storable.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00020584 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\eaa37a0d95e6b7e5ca21502c8b3f4c74\Cwd.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00098431 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\106e9d8fe455779e07dcc5d37d541192\Zlib.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00032878 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\5c47212e5a0fae36b466c5247fa8d97e\API.dll 2014-12-11 10:19 - 2014-12-11 10:19 - 00090222 ____R () C:\Users\SmartMoneyStrategies\AppData\Local\Temp\pdk-SmartMoneyStrategies-476\f195a4b7b0f71b5f4b1c61c634b0b648\OLE.dll 2011-08-11 09:27 - 2011-08-11 09:27 - 00020480 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll 2011-08-11 09:27 - 2011-08-11 09:27 - 00069632 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\java.dll 2011-08-11 09:27 - 2011-08-11 09:27 - 00126976 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\bin\zip.dll 2011-08-11 09:27 - 2011-08-11 09:27 - 00159744 _____ () C:\Users\SmartMoneyStrategies\AppData\Local\Autobahn\rt\jetrt\baseline720.dll 2013-02-04 19:31 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll 2010-02-09 19:58 - 2010-02-09 19:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll 2014-06-11 05:51 - 2014-06-11 05:51 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-06-11 05:51 - 2014-06-11 05:51 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-06-11 05:51 - 2014-06-11 05:51 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AIM for Windows => "C:\Users\SmartMoneyStrategies\AppData\Local\AOL\AIM\aim.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\SmartMoneyStrategies\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4 MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background ========================= Accounts: ========================== Administrator (S-1-5-21-3824992045-3126350346-3511581396-500 - Administrator - Disabled) Guest (S-1-5-21-3824992045-3126350346-3511581396-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3824992045-3126350346-3511581396-1002 - Limited - Enabled) SmartMoneyStrategies (S-1-5-21-3824992045-3126350346-3511581396-1001 - Administrator - Enabled) => C:\Users\SmartMoneyStrategies ==================== Faulty Device Manager Devices ============= Name: AntiLog32 Description: AntiLog32 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AntiLog32 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2848890 Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2848890 Error: (12/11/2014 11:18:26 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/11/2014 10:19:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d Faulting module name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d Exception code: 0xc0000005 Fault offset: 0x000000000002dbc6 Faulting process id: 0x894 Faulting application start time: 0xCore Temp.exe0 Faulting application path: Core Temp.exe1 Faulting module path: Core Temp.exe2 Report Id: Core Temp.exe3 Error: (12/10/2014 04:33:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d Faulting module name: Core Temp.exe, version: 1.0.0.0, time stamp: 0x4e5ff94d Exception code: 0xc0000005 Fault offset: 0x000000000002dbc6 Faulting process id: 0x5a4 Faulting application start time: 0xCore Temp.exe0 Faulting application path: Core Temp.exe1 Faulting module path: Core Temp.exe2 Report Id: Core Temp.exe3 Error: (12/09/2014 06:54:25 PM) (Source: SideBySide) (EventID: 9) (User: ) Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3. The manifest file root element must be assembly. Error: (12/09/2014 05:12:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: sidebar.exe, version: 6.1.7601.17514, time stamp: 0x4ce7a1c7 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24 Exception code: 0xc0000264 Fault offset: 0x00000000000cd7e8 Faulting process id: 0x8c0 Faulting application start time: 0xsidebar.exe0 Faulting application path: sidebar.exe1 Faulting module path: sidebar.exe2 Report Id: sidebar.exe3 Error: (12/08/2014 08:31:13 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 10.0.9200.17148 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2894 Start Time: 01d0134b6539eb21 Termination Time: 0 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: Error: (12/08/2014 06:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1686870 Error: (12/08/2014 06:28:37 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1686870 System errors: ============= Error: (12/11/2014 11:21:21 AM) (Source: BROWSER) (EventID: 8032) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{711245CD-18C2-443B-A0BB-719A0DEE65F4}. The backup browser is stopping. Error: (12/11/2014 10:20:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/11/2014 10:19:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Norton Online Backup service failed to start due to the following error: %%2 Error: (12/11/2014 10:19:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CGPS Service service failed to start due to the following error: %%2 Error: (12/11/2014 10:17:44 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Windows 7 for x64-based Systems (KB3013126). Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3003057). Error: (12/11/2014 08:09:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 for x64-based Systems (KB3008923). Error: (12/11/2014 08:05:20 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (12/11/2014 08:04:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BHDrvx64 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz Percentage of memory in use: 41% Total physical RAM: 6077.86 MB Available physical RAM: 3527.24 MB Total Pagefile: 12153.9 MB Available Pagefile: 8990.91 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:443.56 GB) (Free:354.84 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:456.37 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:21.91 GB) (Free:3.16 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 2FBFE761) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=443.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8F773DF0) Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top