Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot see Norton windows/screens


  • This topic is locked This topic is locked
23 replies to this topic

#1 TerriDen

TerriDen

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 20 January 2014 - 09:25 PM

I"m not sure, but suspect I have malware. We have had trouble installing new software for printers, anti-virus, fitbit, etc. because we can't see the set-up software once it starts.  The screen is just black.  Managed to get Norton installed (our Avast registration ended during all this), but we cannot see any of the Norton screens/windows.  It shows on the bar below that there are windows up, but the computer won't see them.

 

I have verified that the drivers for graphics card and processor are up to speed.  All online resources are pointing to malware.

 

I have a HP Pavilion dv6 running Windows 7.

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:57 PM

Posted 25 January 2014 - 09:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/521519 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 27 January 2014 - 11:34 AM

We are having trouble seeing certain things on the computer.  We added Norton, but cannot see the windows that it has - so we cannot do anything to control or understand it.  We cannot see the set up windows for most software we have tried to add, including software to install a Canon printer, Fitbit, and a software installer from Century Link.[/size]
 
According to computer, graphics card is functional and all drivers up to date.   We do not have the original windows disk since we lost our home office in recent flood.
 
Thanks for your help!!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16526 BrowserJavaVersion: 10.45.2
Run by McCarthy at 9:23:07 on 2014-01-27
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5609.3217 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Windows\System32\dinotify.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP SimplePass\TouchControl.exe
C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll
BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll
uRun: [Google Update] "C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [HP Photosmart 7520 series (NET)] "C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN36J491BD05YZ:NW" -scfn "HP Photosmart 7520 series (NET)" -AutoStart 1
uRun: [eFax 4.4] "C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe" /R
uRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\6849d06b-6497-4425-b405-496659b85a4a.exe /check
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
mRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\McCarthy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EFAX44~1.LNK - C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00107-0002-0007-ABCDEFFEDCBC} - <orphaned>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807} : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807}\0756B6F656F60756E6 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807}\3456E647572797C496E6B653930343 : DHCPNameServer = 192.168.0.1 205.171.2.65
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807}\34F62707F627164756255636F676E6964796F6E6 : DHCPNameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807}\4456E6E6977237F57457563747F575946494 : DHCPNameServer = 66.82.4.8 66.82.4.12
TCP: Interfaces\{83C3CDF0-60B6-49F4-A28F-C05BD635B807}\45562727964454E6 : DHCPNameServer = 192.168.0.1 205.171.2.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coieplg.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coieplg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qn
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NISx64\1501000.012\symds64.sys [2014-1-13 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NISx64\1501000.012\symefa64.sys [2014-1-13 1147480]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [2014-1-22 1526488]
R1 ccSet_NIS;NIS Settings Manager;C:\Windows\System32\drivers\NISx64\1501000.012\ccsetx64.sys [2014-1-13 162392]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140124.001\IDSviA64.sys [2014-1-25 521944]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NISx64\1501000.012\ironx64.sys [2014-1-13 264280]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NISx64\1501000.012\symnets.sys [2014-1-13 590936]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-27 235520]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-1-26 361984]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-11-13 55936]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\drivers\appexDrv.sys [2012-5-5 189760]
R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-7-13 249648]
R2 Fitbit Connect;Fitbit Connect Service;C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [2013-10-2 1384992]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-2-7 1641768]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 Motorola Device Manager;Motorola Device Manager Service;C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [2013-3-25 121144]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\nis.exe [2014-1-13 275696]
R2 PST Service;PST Service;C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [2013-3-9 65657]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-5 46136]
R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-1-14 137648]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2011-10-27 259688]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-5 646248]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-5 56448]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-21 162408]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-9-15 195320]
S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-16 227904]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2013-1-7 401856]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-01-21 06:15:07 -------- d-----w- C:\Users\McCarthy\AppData\Local\{584DD102-DDEC-4061-B32D-0B8C112CB6C1}
2014-01-16 02:13:26 -------- d-----w- C:\Program Files\iPod
2014-01-16 02:13:22 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-16 02:13:22 -------- d-----w- C:\Program Files\iTunes
2014-01-16 02:13:22 -------- d-----w- C:\Program Files (x86)\iTunes
2014-01-15 04:49:27 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 04:49:27 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 04:49:27 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 04:49:27 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 04:49:27 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 04:49:27 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-15 04:49:27 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 04:49:27 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 04:49:26 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-01-13 23:59:39 858200 ----a-w- C:\Windows\System32\drivers\NISx64\1501000.012\srtsp64.sys
2014-01-13 23:59:39 590936 ----a-w- C:\Windows\System32\drivers\NISx64\1501000.012\symnets.sys
2014-01-13 23:59:39 493656 ----a-r- C:\Windows\System32\drivers\NISx64\1501000.012\symds64.sys
2014-01-13 23:59:39 36952 ----a-r- C:\Windows\System32\drivers\NISx64\1501000.012\srtspx64.sys
2014-01-13 23:59:39 264280 ----a-r- C:\Windows\System32\drivers\NISx64\1501000.012\ironx64.sys
2014-01-13 23:59:39 23568 ----a-r- C:\Windows\System32\drivers\NISx64\1501000.012\symelam.sys
2014-01-13 23:59:39 162392 ----a-w- C:\Windows\System32\drivers\NISx64\1501000.012\ccsetx64.sys
2014-01-13 23:59:39 1147480 ----a-w- C:\Windows\System32\drivers\NISx64\1501000.012\symefa64.sys
2014-01-13 23:59:17 -------- d-----w- C:\Windows\System32\drivers\NISx64\1501000.012
2014-01-13 03:56:08 177752 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-01-13 03:56:08 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2014-01-13 03:54:54 -------- d-----w- C:\Windows\System32\drivers\NISx64
2014-01-13 03:54:52 -------- d-----w- C:\Program Files (x86)\Norton Internet Security
2014-01-13 03:54:42 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2014-01-13 03:44:11 -------- d-----w- C:\ProgramData\PCSettings
2014-01-13 01:11:21 -------- d-----w- C:\ProgramData\FitbitConnect
2014-01-13 01:11:21 -------- d-----w- C:\Program Files (x86)\Fitbit Connect
2014-01-08 20:31:46 -------- d-----w- C:\Users\McCarthy\AppData\Local\Programs
2014-01-07 17:10:11 -------- d-----w- C:\Users\McCarthy\AppData\Roaming\j2 Global
2014-01-07 17:09:32 -------- d-----w- C:\Users\McCarthy\AppData\Roaming\eFax Messenger
2014-01-07 17:09:19 -------- d-----w- C:\ProgramData\eFax Messenger 4.4 Output
2014-01-07 17:07:07 -------- d-----w- C:\Program Files (x86)\eFax Messenger 4.4
2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2014-01-02 17:37:09 -------- d-----w- C:\Users\McCarthy\AppData\Roaming\WildTangent
2013-12-29 16:24:25 -------- d-----w- C:\Users\McCarthy\AppData\Local\{16ECCC05-FD9A-4CDC-B918-03ABF6F1FBD3}
.
==================== Find3M ====================
.
2013-12-17 18:42:32 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-17 18:42:32 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-05 02:24:56 447888 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2013-11-15 01:37:29 2334720 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-15 01:29:03 1392128 ----a-w- C:\Windows\System32\wininet.dll
2013-11-15 01:28:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-15 01:22:21 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-15 01:20:47 599040 ----a-w- C:\Windows\System32\vbscript.dll
2013-11-15 01:18:03 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-14 22:50:50 1806848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-14 22:42:41 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-14 22:42:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-14 22:38:54 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-11-14 22:38:16 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-11-14 22:35:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-11-11 12:50:16 267936 ------w- C:\Windows\System32\MpSigStub.exe
2013-11-04 16:23:08 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-31 07:46:12 131232 ----a-w- C:\Windows\System32\drivers\aswFW.sys
2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll
2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
.
============= FINISH: 9:23:39.66 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 6/15/2012 5:27:26 PM
System Uptime: 1/26/2014 2:02:04 PM (19 hours ago)
.
Motherboard: Hewlett-Packard | | 182D
Processor: AMD A6-4400M APU with Radeon™ HD Graphics | Socket FT1 | 2700/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 577 GiB total, 457.392 GiB free.
D: is FIXED (NTFS) - 19 GiB total, 2.094 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {24619924-aa9e-486f-99f9-847a5986b6be}
Description: Validity Sensors (WBF) (PID=0018)
Device ID: USB\VID_138A&PID_0018\427184707D56
Manufacturer: Validity Sensors, Inc.
Name: Validity Sensors (WBF) (PID=0018)
PNP Device ID: USB\VID_138A&PID_0018\427184707D56
Service: WUDFRd
.
==== System Restore Points ===================
.
RP278: 1/18/2014 12:40:15 AM - Windows Update
RP279: 1/18/2014 7:56:38 AM - Windows Modules Installer
RP280: 1/18/2014 7:57:17 AM - Windows Modules Installer
RP281: 1/18/2014 7:57:59 AM - Windows Modules Installer
RP282: 1/18/2014 7:58:32 AM - Windows Modules Installer
RP283: 1/19/2014 9:56:54 AM - Windows Update
RP284: 1/20/2014 9:52:40 AM - Windows Update
RP285: 1/21/2014 8:10:51 AM - Windows Update
RP286: 1/22/2014 1:38:20 PM - Windows Update
RP287: 1/23/2014 7:57:08 AM - Windows Update
RP288: 1/24/2014 8:54:36 AM - Windows Update
RP289: 1/25/2014 10:58:25 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe Digital Editions 2.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.9) MUI
Adobe Shockwave Player 11.6
Amazon MP3 Downloader 1.0.17
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Quick Stream
AMD Steady Video Plug-In
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Artweaver Free 3.1
Atheros Driver Installation Program
AuthenTec TrueAPI 64-bit
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blio
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Corel Paint it! - Content
Corel Paint it! - Core
Corel Paint it! - ICA
Corel Paint it! - Langauge
Cradle of Rome 2
CyberLink YouCam
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dora's World Adventure
eFax Messenger
ESU for Microsoft Windows 7 SP1
Evernote v. 4.5.2
Farm Frenzy
Farmscapes
FATE
Final Drive Fury
Fitbit Connect
Google Chrome
Google Drive
Google Earth
Google Update Helper
Google+ Auto Backup
GoToMeeting 5.1.0.880
Hewlett-Packard ACLM.NET v1.2.1.1
Hoyle Card Games
HP 3D DriveGuard
HP Application Assistant
HP Auto
HP Client Services
HP CoolSense
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP MovieStore
HP On Screen Display
HP Photo Creations
HP Photosmart 7520 series Basic Device Software
HP Photosmart 7520 series Help
HP Power Manager
HP Quick Launch
HP Recovery Manager
HP Security Assistant
HP Setup
HP Setup Manager
HP SimplePass
HP Software Framework
HP Support Assistant
HP Update
iCloud
IDT Audio
IPM
iTunes
Java 7 Update 45
Java Auto Updater
Jewel Match 3
Jewel Quest Mysteries: The Seventh Gate Collector's Edition
John Deere Drive Green
Junk Mail filter update
Learning Lodge™
Letters from Nowhere 2
Luxor HD
Mah Jong Medley
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Motorola Device Manager
Motorola Device Software Update
Motorola Mobile Drivers Installation 6.0.0
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Norton Internet Security
OpenOffice.org 3.4
opensource
OverDrive Media Console
Paint it!
Penguins!
Picasa 3
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
QuickTime
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
RollerCoaster Tycoon 3: Platinum
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SketchUp 8
Skype Click to Call
Skype™ 6.6
swMSM
Synaptics Pointing Device Driver
The Treasures of Mystery Island: The Ghost Ship
Torchlight
TurboTax 2012
TurboTax 2012 wcoiper
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wrapper
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update Installer for WildTangent Games App
Validity WBF DDK
Virtual Villagers 4 - The Tree of Life
VTech Download Agent Library
WildTangent Games App for HP
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/24/2014 8:52:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
1/23/2014 2:18:00 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer KATEVAN-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{83C3CDF0-60B6-49F4-A28F-C05BD635B807}. The master browser is stopping or an election is being forced.
1/20/2014 9:55:09 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.
1/20/2014 5:43:39 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================

Attached Files


Edited by Oh My, 30 January 2014 - 09:38 AM.
Posted logs


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 09:41 AM

Greetings TerriDen and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far and I apologize for the extended delay. While I review the information you have already posted please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Edited by Oh My, 30 January 2014 - 09:43 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 11:31 AM

Thanks so much, Gary.  Please call me Terri.  I really appreciate your help since I'm worried I'm leaving my computer unprotected.  My Norton is now showing a red X.  I think it needs the product key, but I can't get to any screen to input it.  I should also mention that I use Chrome. But I tried downloading internet Explorer and it won't work either - just mostly black screen.

 

Not to the logs - here are the results of the FRST scan:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by McCarthy (administrator) on MCCARTHY-HP on 30-01-2014 09:25:55
Running from C:\Users\McCarthy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\nis.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\nis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(j2 Global Communications, Inc.) C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-13] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-10-15] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-01-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\6849d06b-6497-4425-b405-496659b85a4a.exe /check
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [AgentMonitor] - C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040 2013-06-20] ()
HKLM-x32\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3264544 2013-10-02] (Fitbit, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-14] (Hewlett-Packard)
HKCU\...\Run: [Google Update] - C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-15] (Google Inc.)
HKCU\...\Run: [HP Photosmart 7520 series (NET)] - C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [eFax 4.4] - C:\Program Files (x86)\eFax Messenger 4.4\J2GDllCmd.exe [95744 2012-08-29] (j2 Global Communications, Inc.)
HKCU\...\Run: [Fitbit Connect] - C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3264544 2013-10-02] (Fitbit, Inc.)
Startup: C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eFax 4.4.lnk
ShortcutTarget: eFax 4.4.lnk -> C:\Program Files (x86)\eFax Messenger 4.4\J2GTray.exe (j2 Global Communications, Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT/1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/ig
CHR Plugin: (Shockwave Flash) - C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017300.dll (Amazon.com, Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Simple Pass) - C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
CHR Plugin: (Java™ Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\McCarthy\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (YouTube) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-15]
CHR Extension: (Google Cast) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-01-13]
CHR Extension: (Google Search) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-15]
CHR Extension: (Website Logon) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2012-10-27]
CHR Extension: (avast! Online Security) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-06-06]
CHR Extension: (Website Logon) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-05-11]
CHR Extension: (Skype Click to Call) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-07-16]
CHR Extension: (Norton Identity Protection) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-01-13]
CHR Extension: (Google Wallet) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-15]
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2014-01-20]
CHR StartMenuInternet: Google Chrome - C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-01-26] (Advanced Micro Devices, Inc.)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1384992 2013-10-02] (Fitbit, Inc.)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-16] (WildTangent)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144 2013-03-25] (Motorola Mobility LLC)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [31360 2012-01-18] (Advanced Micro Devices, Inc.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55936 2011-11-13] (Advanced Micro Devices)
R2 APXACC; C:\Windows\System32\DRIVERS\appexDrv.sys [189760 2012-02-05] (AppEx Networks Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20140121.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-01-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-01-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20140127.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140127.002\ENG64.SYS [126040 2014-01-13] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20140127.002\EX64.SYS [2099288 2014-01-13] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-13] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-07-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 motandroidusb; System32\Drivers\motoandroid.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-30 09:25 - 2014-01-30 09:26 - 00023939 _____ C:\Users\McCarthy\Desktop\FRST.txt
2014-01-30 09:25 - 2014-01-30 09:25 - 00000000 ____D C:\FRST
2014-01-30 09:24 - 2014-01-30 09:24 - 02079744 _____ (Farbar) C:\Users\McCarthy\Desktop\FRST64.exe
2014-01-29 11:42 - 2014-01-29 11:42 - 00000000 ____D C:\Users\McCarthy\AppData\Local\{B1488625-48DE-4565-BF78-98343C4E2838}
2014-01-27 09:32 - 2014-01-27 09:32 - 00026931 _____ C:\Users\McCarthy\Desktop\DDS.txt
2014-01-27 09:32 - 2014-01-27 09:32 - 00011421 _____ C:\Users\McCarthy\Desktop\Attach.txt
2014-01-20 23:15 - 2014-01-20 23:15 - 00000000 ____D C:\Users\McCarthy\AppData\Local\{584DD102-DDEC-4061-B32D-0B8C112CB6C1}
2014-01-20 19:11 - 2014-01-20 19:11 - 00688992 ____R (Swearware) C:\Users\McCarthy\Desktop\dds.com
2014-01-15 19:14 - 2014-01-15 19:14 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-15 19:14 - 2014-01-15 19:14 - 00001783 _____ C:\ProgramData\Desktop\iTunes.lnk
2014-01-15 19:13 - 2014-01-15 19:14 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-15 19:13 - 2014-01-15 19:14 - 00000000 ____D C:\Program Files\iTunes
2014-01-15 19:13 - 2014-01-15 19:14 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-15 19:13 - 2014-01-15 19:13 - 00000000 ____D C:\Program Files\iPod
2014-01-14 21:49 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 21:49 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 21:49 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 21:49 - 2013-11-26 03:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 21:43 - 2014-01-14 21:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-12 20:56 - 2014-01-14 21:37 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2014-01-12 20:56 - 2014-01-14 21:37 - 00002501 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-12 20:56 - 2014-01-14 21:37 - 00002501 _____ C:\ProgramData\Desktop\Norton Internet Security.lnk
2014-01-12 20:56 - 2014-01-12 20:56 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-01-12 20:56 - 2014-01-12 20:56 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-01-12 20:56 - 2014-01-12 20:56 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2014-01-12 20:54 - 2014-01-14 21:37 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2014-01-12 20:54 - 2014-01-12 20:54 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2014-01-12 20:44 - 2014-01-12 20:44 - 00000000 ____D C:\ProgramData\PCSettings
2014-01-12 20:40 - 2014-01-12 20:57 - 00000000 ____D C:\Users\McCarthy\Desktop\Norton Internet Security 2014 - 1 User - 3 Licenses (Download)
2014-01-12 18:11 - 2014-01-15 13:27 - 00000000 ____D C:\Program Files (x86)\Fitbit Connect
2014-01-12 18:11 - 2014-01-12 18:11 - 00000000 ____D C:\ProgramData\FitbitConnect
2014-01-08 13:31 - 2014-01-08 13:31 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-07 19:20 - 2014-01-28 14:18 - 00000000 ____D C:\Users\McCarthy\Documents\Musical
2014-01-07 10:10 - 2014-01-07 10:10 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\j2 Global
2014-01-07 10:09 - 2014-01-07 10:09 - 00000999 _____ C:\Users\McCarthy\Desktop\eFax Compose Fax 4.4.lnk
2014-01-07 10:09 - 2014-01-07 10:09 - 00000992 _____ C:\Users\McCarthy\Desktop\eFax Messenger 4.4.lnk
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\eFax Messenger
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 ____D C:\ProgramData\eFax Messenger 4.4 Output
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 _____ C:\Windows\system32\eFax_4_4_Port
2014-01-07 10:08 - 2014-01-07 10:10 - 00000000 ____D C:\Users\McCarthy\Documents\eFax Messenger 4.4
2014-01-07 10:08 - 2014-01-07 10:08 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFax Messenger 4.4
2014-01-07 10:07 - 2014-01-07 10:09 - 00000000 ____D C:\Program Files (x86)\eFax Messenger 4.4
2014-01-07 10:06 - 2014-01-07 10:06 - 05635416 _____ (j2 Global) C:\Users\McCarthy\Desktop\msgrplus.exe
2014-01-06 12:23 - 2014-01-06 12:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-02 10:37 - 2014-01-02 10:37 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\WildTangent
2013-12-31 22:57 - 2013-12-31 22:57 - 00768328 _____ C:\Windows\Minidump\123113-29671-01.dmp
 
==================== One Month Modified Files and Folders =======
 
2014-01-30 09:26 - 2014-01-30 09:25 - 00023939 _____ C:\Users\McCarthy\Desktop\FRST.txt
2014-01-30 09:25 - 2014-01-30 09:25 - 00000000 ____D C:\FRST
2014-01-30 09:24 - 2014-01-30 09:24 - 02079744 _____ (Farbar) C:\Users\McCarthy\Desktop\FRST64.exe
2014-01-30 09:22 - 2013-06-06 06:28 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 09:22 - 2012-06-15 19:37 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002UA.job
2014-01-30 09:22 - 2012-06-15 19:37 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002Core.job
2014-01-30 09:22 - 2012-06-15 16:33 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7FCC082D-C5D9-4C4E-83FB-0D0301B3365B}
2014-01-30 09:22 - 2012-06-15 16:26 - 01979263 _____ C:\Windows\WindowsUpdate.log
2014-01-30 09:22 - 2012-03-09 19:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-29 14:49 - 2013-06-06 06:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-29 11:42 - 2014-01-29 11:42 - 00000000 ____D C:\Users\McCarthy\AppData\Local\{B1488625-48DE-4565-BF78-98343C4E2838}
2014-01-29 11:25 - 2009-07-13 22:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-29 10:57 - 2009-07-13 21:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-29 10:57 - 2009-07-13 21:45 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-29 10:49 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-29 10:49 - 2009-07-13 21:51 - 00098142 _____ C:\Windows\setupact.log
2014-01-29 10:37 - 2012-06-20 21:14 - 00000000 ____D C:\Users\McCarthy\AppData\Local\CrashDumps
2014-01-29 07:37 - 2013-12-12 06:46 - 00346552 _____ C:\Windows\IE11_main.log
2014-01-29 07:36 - 2013-05-26 06:29 - 01037670 _____ C:\Windows\IE10_main.log
2014-01-28 14:18 - 2014-01-07 19:20 - 00000000 ____D C:\Users\McCarthy\Documents\Musical
2014-01-27 20:17 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-27 09:32 - 2014-01-27 09:32 - 00026931 _____ C:\Users\McCarthy\Desktop\DDS.txt
2014-01-27 09:32 - 2014-01-27 09:32 - 00011421 _____ C:\Users\McCarthy\Desktop\Attach.txt
2014-01-27 09:29 - 2013-01-24 19:49 - 00000000 ____D C:\Users\McCarthy\Documents\Tax
2014-01-27 09:00 - 2012-10-27 16:06 - 00000000 ____D C:\Program Files (x86)\HP SimplePass
2014-01-26 13:38 - 2013-12-14 12:30 - 00003204 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMcCarthy
2014-01-26 13:38 - 2013-12-14 12:30 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForMcCarthy.job
2014-01-25 12:50 - 2012-07-21 12:03 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-25 12:50 - 2012-06-16 15:36 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-24 16:59 - 2013-10-11 08:29 - 00000000 ____D C:\Users\McCarthy\Documents\Flood
2014-01-24 10:03 - 2013-01-24 19:46 - 00000000 ____D C:\Users\McCarthy\Documents\Recipes
2014-01-24 07:43 - 2010-11-20 20:47 - 01603088 _____ C:\Windows\PFRO.log
2014-01-21 12:34 - 2013-05-17 15:01 - 00000000 ____D C:\Users\McCarthy\Documents\ID Dresses
2014-01-20 23:15 - 2014-01-20 23:15 - 00000000 ____D C:\Users\McCarthy\AppData\Local\{584DD102-DDEC-4061-B32D-0B8C112CB6C1}
2014-01-20 19:11 - 2014-01-20 19:11 - 00688992 ____R (Swearware) C:\Users\McCarthy\Desktop\dds.com
2014-01-20 15:04 - 2012-06-24 13:37 - 00000000 ____D C:\Users\McCarthy\AppData\Local\Adobe
2014-01-16 09:59 - 2010-11-20 20:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-15 20:20 - 2013-09-14 19:25 - 00000000 ____D C:\Users\McCarthy\Desktop\Camera 91413
2014-01-15 19:14 - 2014-01-15 19:14 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-15 19:14 - 2014-01-15 19:14 - 00001783 _____ C:\ProgramData\Desktop\iTunes.lnk
2014-01-15 19:14 - 2014-01-15 19:13 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-15 19:14 - 2014-01-15 19:13 - 00000000 ____D C:\Program Files\iTunes
2014-01-15 19:14 - 2014-01-15 19:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-15 19:13 - 2014-01-15 19:13 - 00000000 ____D C:\Program Files\iPod
2014-01-15 13:27 - 2014-01-12 18:11 - 00000000 ____D C:\Program Files (x86)\Fitbit Connect
2014-01-15 07:38 - 2009-07-13 21:45 - 00385168 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 07:22 - 2013-08-21 06:27 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 07:19 - 2012-07-09 19:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-14 21:48 - 2013-03-09 15:55 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-14 21:48 - 2013-03-09 15:55 - 00002019 _____ C:\ProgramData\Desktop\Adobe Reader X.lnk
2014-01-14 21:43 - 2014-01-14 21:43 - 00000000 ____D C:\Windows\System32\Tasks\Norton Internet Security
2014-01-14 21:37 - 2014-01-12 20:56 - 00003234 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2014-01-14 21:37 - 2014-01-12 20:56 - 00002501 _____ C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-01-14 21:37 - 2014-01-12 20:56 - 00002501 _____ C:\ProgramData\Desktop\Norton Internet Security.lnk
2014-01-14 21:37 - 2014-01-12 20:54 - 00000000 ____D C:\Windows\system32\Drivers\NISx64
2014-01-12 20:57 - 2014-01-12 20:40 - 00000000 ____D C:\Users\McCarthy\Desktop\Norton Internet Security 2014 - 1 User - 3 Licenses (Download)
2014-01-12 20:56 - 2014-01-12 20:56 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-01-12 20:56 - 2014-01-12 20:56 - 00008222 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-01-12 20:56 - 2014-01-12 20:56 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2014-01-12 20:54 - 2014-01-12 20:54 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2014-01-12 20:54 - 2012-05-05 00:40 - 00000000 ____D C:\ProgramData\Norton
2014-01-12 20:52 - 2013-10-30 17:19 - 00001677 _____ C:\Windows\CenturyLinkInstallerSetup.log
2014-01-12 20:52 - 2012-03-09 19:32 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-12 20:44 - 2014-01-12 20:44 - 00000000 ____D C:\ProgramData\PCSettings
2014-01-12 18:11 - 2014-01-12 18:11 - 00000000 ____D C:\ProgramData\FitbitConnect
2014-01-09 15:27 - 2013-03-05 12:11 - 00000000 ____D C:\Users\McCarthy\Documents\Katevan
2014-01-09 11:15 - 2012-08-03 11:37 - 00013126 _____ C:\Users\McCarthy\Documents\numbers 2.odt
2014-01-08 13:31 - 2014-01-08 13:31 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-08 11:57 - 2012-06-16 21:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-07 20:56 - 2013-12-04 12:33 - 00000000 ____D C:\Users\McCarthy\Documents\Receipts
2014-01-07 10:10 - 2014-01-07 10:10 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\j2 Global
2014-01-07 10:10 - 2014-01-07 10:08 - 00000000 ____D C:\Users\McCarthy\Documents\eFax Messenger 4.4
2014-01-07 10:09 - 2014-01-07 10:09 - 00000999 _____ C:\Users\McCarthy\Desktop\eFax Compose Fax 4.4.lnk
2014-01-07 10:09 - 2014-01-07 10:09 - 00000992 _____ C:\Users\McCarthy\Desktop\eFax Messenger 4.4.lnk
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\eFax Messenger
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 ____D C:\ProgramData\eFax Messenger 4.4 Output
2014-01-07 10:09 - 2014-01-07 10:09 - 00000000 _____ C:\Windows\system32\eFax_4_4_Port
2014-01-07 10:09 - 2014-01-07 10:07 - 00000000 ____D C:\Program Files (x86)\eFax Messenger 4.4
2014-01-07 10:09 - 2012-06-15 16:32 - 00000000 ___RD C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-07 10:08 - 2014-01-07 10:08 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFax Messenger 4.4
2014-01-07 10:06 - 2014-01-07 10:06 - 05635416 _____ (j2 Global) C:\Users\McCarthy\Desktop\msgrplus.exe
2014-01-06 12:23 - 2014-01-06 12:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-05 21:33 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-02 10:37 - 2014-01-02 10:37 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\WildTangent
2014-01-02 10:37 - 2012-03-09 19:13 - 00000000 ____D C:\ProgramData\WildTangent
2014-01-02 10:37 - 2012-03-09 19:13 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2013-12-31 22:57 - 2013-12-31 22:57 - 00768328 _____ C:\Windows\Minidump\123113-29671-01.dmp
2013-12-31 22:57 - 2012-07-07 18:04 - 667829542 _____ C:\Windows\MEMORY.DMP
2013-12-31 22:57 - 2012-07-07 18:04 - 00000000 ____D C:\Windows\Minidump
2013-12-31 08:48 - 2013-12-09 15:22 - 00000000 ____D C:\Users\McCarthy\AppData\Roaming\HpUpdate
 
Some content of TEMP:
====================
C:\Users\McCarthy\AppData\Local\Temp\13-9_mobility_win7_win8_64_dd_ccc_whql.exe
C:\Users\McCarthy\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\McCarthy\AppData\Local\Temp\Extract.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\McCarthy\AppData\Local\Temp\MSETUP4.EXE
C:\Users\McCarthy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56878.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56929.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57103.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57232.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57275.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57698.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57966.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58419.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58420.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58540.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58900.exe
C:\Users\McCarthy\AppData\Local\Temp\sp58915.exe
C:\Users\McCarthy\AppData\Local\Temp\SP59202.exe
C:\Users\McCarthy\AppData\Local\Temp\SP60051.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61037.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61399.exe
C:\Users\McCarthy\AppData\Local\Temp\uninstall.exe
C:\Users\McCarthy\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Test Account\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Test Account\AppData\Local\Temp\uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-01-29 17:41
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01
Ran by McCarthy at 2014-01-30 09:26:51
Running from C:\Users\McCarthy\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Norton Internet Security (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
Adobe Digital Editions 2.0 (x32 Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.3.633 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
AMD Quick Stream (Version: 3.3.14.0 - AppEx Networks)
AMD Steady Video Plug-In  (Version: 2.03.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Artweaver Free 3.1 (x32 Version: 3.1 - Boris Eyrich Software)
Atheros Driver Installation Program (x32 Version: 9.2 - Atheros)
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.831.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (x32 Version: 2.2.8530 - K-NFB Reading Technology, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0126.1905.34079 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0126.1906.34079 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Corel Paint it! - Content (x32 Version: 1.0 - Your Company Name) Hidden
Corel Paint it! - Core (x32 Version: 1.0 - Corel Corporation) Hidden
Corel Paint it! - ICA (x32 Version: 1.0 - Corel Corporation) Hidden
Corel Paint it! - Langauge (x32 Version: 1.0 - Your Company Name) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (x32 Version: 3.5.2.4725 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.2.4725 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eFax Messenger (x32 Version: 4.4.2.533 - j2 Global)
ESU for Microsoft Windows 7 SP1 (x32 Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (x32 Version: 4.5.2.5904 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (x32 Version: 1.0.0.4065 - Fitbit Inc.)
Google Chrome (HKCU Version: 32.0.1700.102 - Google Inc.)
Google Drive (x32 Version: 1.13.5782.599 - Google, Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
GoToMeeting 5.1.0.880 (HKCU Version: 5.1.0.880 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP 3D DriveGuard (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Application Assistant (Version: 1.0.409.3882 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP CoolSense (x32 Version: 2.10.51 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP Games (x32 Version: 1.0.2.5 - WildTangent)
HP Launch Box (Version: 1.1.5 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 2.1.096 - Hewlett-Packard) Hidden
HP MovieStore (x32 Version: 2.1.21096.0 - Hewlett-Packard Company)
HP On Screen Display (x32 Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (x32 Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series Basic Device Software (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (x32 Version: 28.0.0 - Hewlett Packard)
HP Power Manager (x32 Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (x32 Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (Version: 2.0.2 - Hewlett-Packard Company)
HP Setup (x32 Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass (x32 Version: 6.0.100.272 - Hewlett-Packard)
HP Software Framework (x32 Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (x32 Version: 5.003.003.001 - Hewlett-Packard)
iCloud (Version: 2.1.2.8 - Apple Inc.)
IDT Audio (x32 Version: 1.0.6418.0 - IDT)
IPM (x32 Version: 1.0 - Corel Corporation) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Learning Lodge™ (x32 Version:  - VTech)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Motorola Device Manager (x32 Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.02.1402 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0 - Motorola Inc.) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Norton Internet Security (x32 Version: 21.1.0.18 - Symantec Corporation)
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
OverDrive Media Console (x32 Version: 3.2.20 - OverDrive, Inc.)
Paint it! (x32 Version: 1.0 - Corel Corporation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (x32 Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.49.927.2011 - Realtek)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SketchUp 8 (x32 Version: 3.0.16846 - Trimble Navigation Limited)
Skype Click to Call (x32 Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.6 (x32 Version: 6.6.106 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TurboTax 2012 (x32 Version: 2012.0 - Intuit, Inc)
TurboTax 2012 wcoiper (x32 Version: 012.000.1407 - Intuit Inc.) Hidden
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2083 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Validity WBF DDK (Version: 4.3.301.0 - Validity Sensors, Inc.)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
WildTangent Games App for HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
18-01-2014 14:57:59 Windows Modules Installer
18-01-2014 14:58:32 Windows Modules Installer
19-01-2014 16:56:54 Windows Update
20-01-2014 16:52:40 Windows Update
21-01-2014 15:10:51 Windows Update
22-01-2014 20:38:20 Windows Update
23-01-2014 14:57:08 Windows Update
24-01-2014 15:54:36 Windows Update
25-01-2014 17:58:25 Windows Update
28-01-2014 14:50:35 Windows Update
29-01-2014 14:35:05 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00862D84-582C-43DB-8FC9-B13E57D806A4} - System32\Tasks\{5FD4EBDA-2B9A-4060-A73B-426716B65911} => E:\MSETUP4.EXE <==== ATTENTION
Task: {08012D35-25AE-41E0-99F8-4EABAE3B7047} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1CBBEFE6-BA34-4019-A325-1806CBDBD0ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {255DB369-B6A6-4BDD-B004-081FBA0879A1} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {31CD77F0-A721-4B9C-B2B3-5C5AF1685A01} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {3F857922-EB2E-4929-8A2F-A2DB3F76C673} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-17] (Adobe Systems Incorporated)
Task: {54131D0B-84AF-47A9-AFF7-DD4F5670E537} - System32\Tasks\{940FFAD0-5F10-4C1D-82BF-3439FE0026FB} => E:\MSETUP4.EXE <==== ATTENTION
Task: {55BB3962-768F-4299-ACE7-E132CE5EEF7B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {569B337C-7B50-4D23-924A-CBB8B6390BB3} - System32\Tasks\HPCeeScheduleForMcCarthy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {71FFF323-6CC0-4A4F-8D90-ED96A4951B2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002Core => C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {793FD6BA-A670-45E0-BDBA-0307ED81678B} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {83CEFDDF-E02D-48EA-BDF6-6468FD587998} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {864CA51B-D092-49CE-93C8-22FD34192FF2} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-11-28] (CyberLink)
Task: {94160101-EA38-4CB4-977B-F469FAB717E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {942C18AD-78FD-4F6A-8C71-6C9946C47B58} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002UA => C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-15] (Google Inc.)
Task: {96A86BE8-8B92-479D-AECE-5A48C8A48E2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {A4792F89-8A1D-4A72-BB1C-489785413694} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe
Task: {ACA451CB-6C28-48B6-B39F-771025E435DC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {CFD93E02-6523-48B0-AD1D-FD9E97369F69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-06] (Google Inc.)
Task: {E07ACBE8-E55F-4217-AF6B-0B12D5E2A211} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {E0939702-5793-4ACA-8B1F-264D73AD59CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {E5CE59AB-41B5-492B-9234-023A0D26EEE0} - System32\Tasks\{3EB69B07-6943-42BD-843A-8C1A80D10EFE} => E:\MSETUP4.EXE <==== ATTENTION
Task: {E93D431C-655F-4D38-9944-469F4CAA36AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN36J491BD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {EE914721-CB54-44E0-AA54-39FAA18B13D6} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {FDD898AC-CE9E-4C91-BFBB-B71E5BB204EE} - System32\Tasks\{F5E7C35B-0C86-43B7-A82C-C68EFDC81FA9} => E:\MSETUP4.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002Core.job => C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2088171266-2809148316-2211315154-1002UA.job => C:\Users\McCarthy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMcCarthy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-05 11:58 - 2013-04-05 11:58 - 00021320 _____ () C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsPS64.dll
2012-01-26 18:54 - 2012-01-26 18:54 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-01-26 18:59 - 2012-01-26 18:59 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-25 12:44 - 2013-03-25 12:44 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2013-08-11 19:37 - 2010-06-23 18:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2013-08-11 19:37 - 2010-07-13 06:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2013-08-11 19:37 - 2010-06-01 19:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2013-08-11 19:37 - 2010-06-01 19:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2013-08-11 19:37 - 2013-08-08 23:01 - 09849200 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2013-08-11 19:37 - 2010-06-01 19:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2013-08-11 19:37 - 2010-06-01 19:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2013-08-11 19:37 - 2010-07-05 02:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2013-08-11 19:37 - 2010-11-11 02:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2013-08-11 19:37 - 2010-06-01 22:05 - 00025600 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qgif4.dll
2013-08-11 19:37 - 2010-06-01 22:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2014-01-28 19:19 - 2014-01-22 22:56 - 00715544 _____ () C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
2014-01-28 19:19 - 2014-01-22 22:56 - 00100120 _____ () C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\libegl.dll
2014-01-28 19:19 - 2014-01-22 22:56 - 04055320 _____ () C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-28 19:19 - 2014-01-22 22:57 - 00399640 _____ () C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-28 19:19 - 2014-01-22 22:55 - 01634584 _____ () C:\Users\McCarthy\AppData\Local\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Faulty Device Manager Devices =============
 
Name: Validity Sensors (WBF) (PID=0018)
Description: Validity Sensors (WBF) (PID=0018)
Class Guid: {24619924-aa9e-486f-99f9-847a5986b6be}
Manufacturer: Validity Sensors, Inc.
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12059
 
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12059
 
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10983
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10983
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9985
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9985
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:08:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8362
 
 
System errors:
=============
Error: (01/24/2014 08:52:59 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NIS service.
 
Error: (01/23/2014 02:18:00 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer KATEVAN-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{83C3CDF0-60B6-49F4-A28F-C05BD635B807}.
The master browser is stopping or an election is being forced.
 
Error: (01/20/2014 05:43:39 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/20/2014 09:55:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 10 for Windows 7 for x64-based Systems.
 
Error: (01/17/2014 07:55:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR11.
 
Error: (01/17/2014 07:55:48 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR11.
 
Error: (01/17/2014 07:55:47 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR11.
 
Error: (01/14/2014 08:15:51 AM) (Source: volsnap) (User: )
Description: The shadow copy of volume C: being created failed to install.
 
Error: (01/10/2014 04:37:45 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.0.3 with the system
having network hardware address D8-9D-67-04-AD-D0. Network operations on this system may
be disrupted as a result.
 
Error: (01/09/2014 09:57:26 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 192.168.0.3 with the system
having network hardware address D8-9D-67-04-AD-D0. Network operations on this system may
be disrupted as a result.
 
 
Microsoft Office Sessions:
=========================
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12059
 
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12059
 
Error: (01/29/2014 03:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10983
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10983
 
Error: (01/29/2014 03:09:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9985
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9985
 
Error: (01/29/2014 03:09:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/29/2014 03:08:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8362
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 31%
Total physical RAM: 5609.37 MB
Available physical RAM: 3851.39 MB
Total Pagefile: 11216.91 MB
Available Pagefile: 8773.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:576.59 GB) (Free:455.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.29 GB) (Free:2.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 2A3DD743)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=577 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
 
==================== End Of Log ============================
 


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 04:16 PM

Greetings Terri,

I want to thank you again for your patience. Now that we are working on your computer I trust you will find I will be very attentive to your replies.

You should only have one Antivirus program on your computer. I am assuming you no longer want Avast and want to get Norton up and running instead. If that is the case please run the Avast steps below. If I have this wrong do not run it.

Please do these things for me.

===================================================

Removing Avast Antivirus

--------------------
  • Download avast! Uninstall Utility to your desktop
  • Reboot your computer into Safe Mode (Press F8)
  • Double click on the aswclear icon
  • On the avast! Software Uninstall Utility select the avast version installed on your computer
  • If the folder path is not automatically listed you can select it by clicking on the "..." button and expanding Select folder to get to the avast folder as is detailed below

other-04b-en_a6_aswclear_pathselection_1


other-05b-en_a6_aswclear_pathselection_2

  • Click OK, Uninstall then Yes
  • Once completed you will see "Program was Successfully Removed"
  • Click Yes to restart your computer
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
C:\Users\McCarthy\AppData\Local\Temp\13-9_mobility_win7_win8_64_dd_ccc_whql.exe
C:\Users\McCarthy\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\McCarthy\AppData\Local\Temp\Extract.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\McCarthy\AppData\Local\Temp\MSETUP4.EXE
C:\Users\McCarthy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56878.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56929.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57103.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57232.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57275.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57698.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57966.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58419.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58420.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58540.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58900.exe
C:\Users\McCarthy\AppData\Local\Temp\sp58915.exe
C:\Users\McCarthy\AppData\Local\Temp\SP59202.exe
C:\Users\McCarthy\AppData\Local\Temp\SP60051.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61037.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61399.exe
C:\Users\McCarthy\AppData\Local\Temp\uninstall.exe
C:\Users\McCarthy\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Test Account\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Test Account\AppData\Local\Temp\uninstall.exe
Task: {00862D84-582C-43DB-8FC9-B13E57D806A4} - System32\Tasks\{5FD4EBDA-2B9A-4060-A73B-426716B65911} => E:\MSETUP4.EXE <==== ATTENTION
Task: {54131D0B-84AF-47A9-AFF7-DD4F5670E537} - System32\Tasks\{940FFAD0-5F10-4C1D-82BF-3439FE0026FB} => E:\MSETUP4.EXE <==== ATTENTION
Task: {E5CE59AB-41B5-492B-9234-023A0D26EEE0} - System32\Tasks\{3EB69B07-6943-42BD-843A-8C1A80D10EFE} => E:\MSETUP4.EXE <==== ATTENTION
Task: {FDD898AC-CE9E-4C91-BFBB-B71E5BB204EE} - System32\Tasks\{F5E7C35B-0C86-43B7-A82C-C68EFDC81FA9} => E:\MSETUP4.EXE <==== ATTENTION
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did avast! uninstall properly (if applicable)?
  • AdwCleaner log
  • Junkware log
  • Fixlog

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 06:15 PM

Thanks, Gary.  I've run all the programs.  Avast successfully uninstalled.  Here are the other logs.

 

# AdwCleaner v3.018 - Report created 30/01/2014 at 15:44:02
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : McCarthy - MCCARTHY-HP
# Running from : C:\Users\McCarthy\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\McCarthy\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Test Account\AppData\Local\Temp\Uninstall.exe
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16526
 
 
-\\ Google Chrome v
 
[ File : C:\Users\McCarthy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3027 octets] - [30/01/2014 15:44:02]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3087 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by McCarthy on Thu 01/30/2014 at 15:58:10.21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{08D17179-680F-4D99-8138-228C4AE4C6E8}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{0A5AE1EA-FAA4-48E6-AF2C-EAAD0BDEB299}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{1027531E-ED4C-4333-B197-CB9B3F375F09}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{1161E630-D037-4BEC-8D73-59FD7690AD5D}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{16ECCC05-FD9A-4CDC-B918-03ABF6F1FBD3}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{19ED6475-18AD-4CA2-967C-3D8D1DFDFC5F}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{2488B858-D92B-442D-8D9E-482650F96E63}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{356C6317-63A5-46AE-9878-BB197F074938}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{4CC102EC-DE0F-4B84-9F39-608E0CDB35BD}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{584DD102-DDEC-4061-B32D-0B8C112CB6C1}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{59C494CD-3F8D-4412-B9DE-16AFE42E338C}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{68A8C916-2E23-4253-BE0A-F6D61BDFF856}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{6D72F0A7-144F-441B-BC84-167A2E94D66A}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{6EEFC0B1-9E9E-4FCA-858D-E713496B9E00}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{7282D8D2-C244-4C6C-9BEB-1C6004FF1417}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{72CCADC4-6541-46DC-9D8E-ECF6F75D0B15}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{7495C539-DFF0-4F64-A9A6-3BF10004CD7C}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{77EE6A5E-8A30-4EE3-B823-9F760EDDFD08}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{7A173988-090C-4AED-A816-2E61BAA486D7}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{7ABB7BD2-5413-4E3B-99B7-9B530E283915}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{7D290D93-CB51-4E75-810A-6B84BBF199D9}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{813C821E-A24B-463A-92F5-64844D434B8F}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{957517A6-4C5E-4D1D-A304-EAB6D78CD80F}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{A604CCE1-1C78-4E12-8BCB-E6C0BEE1F20D}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{B1488625-48DE-4565-BF78-98343C4E2838}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{D20192B5-9ED4-4F3F-B6E4-9DE388B6A9FE}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{D75375E6-1026-41E8-87C8-03D2E5D22B2A}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{E8131FFC-29DE-4707-ADC8-BB9253BAAFEF}
Successfully deleted: [Empty Folder] C:\Users\McCarthy\appdata\local\{FE2CAD14-C09E-4E85-AB18-2C2D74DDF30E}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/30/2014 at 16:08:02.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-01-2014 01
Ran by McCarthy at 2014-01-30 16:12:27 Run:1
Running from C:\Users\McCarthy\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\Users\McCarthy\AppData\Local\Temp\13-9_mobility_win7_win8_64_dd_ccc_whql.exe
C:\Users\McCarthy\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\McCarthy\AppData\Local\Temp\Extract.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\McCarthy\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe
C:\Users\McCarthy\AppData\Local\Temp\MSETUP4.EXE
C:\Users\McCarthy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56878.exe
C:\Users\McCarthy\AppData\Local\Temp\SP56929.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57103.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57232.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57275.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57698.exe
C:\Users\McCarthy\AppData\Local\Temp\SP57966.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58419.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58420.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58540.exe
C:\Users\McCarthy\AppData\Local\Temp\SP58900.exe
C:\Users\McCarthy\AppData\Local\Temp\sp58915.exe
C:\Users\McCarthy\AppData\Local\Temp\SP59202.exe
C:\Users\McCarthy\AppData\Local\Temp\SP60051.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61037.exe
C:\Users\McCarthy\AppData\Local\Temp\SP61399.exe
C:\Users\McCarthy\AppData\Local\Temp\uninstall.exe
C:\Users\McCarthy\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Test Account\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Test Account\AppData\Local\Temp\uninstall.exe
Task: {00862D84-582C-43DB-8FC9-B13E57D806A4} - System32\Tasks\{5FD4EBDA-2B9A-4060-A73B-426716B65911} => E:\MSETUP4.EXE <==== ATTENTION
Task: {54131D0B-84AF-47A9-AFF7-DD4F5670E537} - System32\Tasks\{940FFAD0-5F10-4C1D-82BF-3439FE0026FB} => E:\MSETUP4.EXE <==== ATTENTION
Task: {E5CE59AB-41B5-492B-9234-023A0D26EEE0} - System32\Tasks\{3EB69B07-6943-42BD-843A-8C1A80D10EFE} => E:\MSETUP4.EXE <==== ATTENTION
Task: {FDD898AC-CE9E-4C91-BFBB-B71E5BB204EE} - System32\Tasks\{F5E7C35B-0C86-43B7-A82C-C68EFDC81FA9} => E:\MSETUP4.EXE <==== ATTENTION
*****************
 
C:\Users\McCarthy\AppData\Local\Temp\13-9_mobility_win7_win8_64_dd_ccc_whql.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\Extract.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\MotorolaDeviceManager_2.0309.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP56878.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP56929.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP57103.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP57232.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP57275.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP57698.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP57966.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP58419.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP58420.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP58540.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP58900.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\sp58915.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP59202.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP60051.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP61037.exe => Moved successfully.
C:\Users\McCarthy\AppData\Local\Temp\SP61399.exe => Moved successfully.
"C:\Users\McCarthy\AppData\Local\Temp\uninstall.exe" => File/Directory not found.
C:\Users\McCarthy\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
C:\Users\Test Account\AppData\Local\Temp\MSETUP4.EXE => Moved successfully.
"C:\Users\Test Account\AppData\Local\Temp\uninstall.exe" => File/Directory not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00862D84-582C-43DB-8FC9-B13E57D806A4} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00862D84-582C-43DB-8FC9-B13E57D806A4} => Key deleted successfully.
C:\Windows\System32\Tasks\{5FD4EBDA-2B9A-4060-A73B-426716B65911} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5FD4EBDA-2B9A-4060-A73B-426716B65911} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54131D0B-84AF-47A9-AFF7-DD4F5670E537} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54131D0B-84AF-47A9-AFF7-DD4F5670E537} => Key deleted successfully.
C:\Windows\System32\Tasks\{940FFAD0-5F10-4C1D-82BF-3439FE0026FB} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{940FFAD0-5F10-4C1D-82BF-3439FE0026FB} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5CE59AB-41B5-492B-9234-023A0D26EEE0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5CE59AB-41B5-492B-9234-023A0D26EEE0} => Key deleted successfully.
C:\Windows\System32\Tasks\{3EB69B07-6943-42BD-843A-8C1A80D10EFE} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3EB69B07-6943-42BD-843A-8C1A80D10EFE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDD898AC-CE9E-4C91-BFBB-B71E5BB204EE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDD898AC-CE9E-4C91-BFBB-B71E5BB204EE} => Key deleted successfully.
C:\Windows\System32\Tasks\{F5E7C35B-0C86-43B7-A82C-C68EFDC81FA9} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5E7C35B-0C86-43B7-A82C-C68EFDC81FA9} => Key deleted successfully.
 
==== End of Fixlog ====


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 07:04 PM

Hi Terri,

Please just confirm for me Norton is not working properly and that you have a Product Key Number. I see a file in your log that indicates that buy just want to make sure before our next step.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 10:41 PM

Gary - Norton is not working now.  It was working before (I think) after the download, but we have never been able to see the windows.  Just that there are windows that it thinks are open according to the icon and bars at the bottom of the screen.  I know that one recently is titled Activation but I can't access it.  I bought the software through Amazon and have the receipt and the activation key.  I just can't access any screen to put it in. 

 

Thanks, Terri



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 10:44 PM

Thanks Terri,

Are your still having issues seeing other things?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 10:48 PM

yes.  certain warnings or other boxes will pop up at the bottom right and I can't see them - just a black box.  If I try to open Internet Explorer, only the ads or certain boxes pop up, the rest of the page is black.  On norton, I don't even get a black box - it doesn't show up, except once earlier today I was able to see a tiny bit of the top right corner of a window - nothing else.

 

Haven't tried to download/install any new software, but that was always a problem.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 10:51 PM

What about other activities like opening a notepad or word document?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 10:57 PM

Those are all fine.  We can open word, chrome, notepad, PDFs, etc. all without problem.  Except for IE, it mainly seems to be with trying to install programs (had to take one printer back since we couldn't install drivers on the computer, but the next printer worked fine).   We couldnt' download the installer program from Century Link to get free Norton software, so I just bought it.  That is the only installed program that we can't open at all.



#14 TerriDen

TerriDen
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:57 PM

Posted 30 January 2014 - 11:04 PM

Does it help to send you a screen shot of what I see (or don't see) with Norton?



#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,422 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:57 PM

Posted 30 January 2014 - 11:07 PM

OK,

I am finishing up for the evening but I would like you to attempt to do this for me. If one step doesn't complete properly move on to the next step and let me know what didn't work.

Yes please attach a screen shot.

===================================================

Windows Repair (All in One) Portable

--------------------
  • From a clean computer download Windows Repair (All in One) Portable onto a USB device
  • Remove the USB device and insert it into your infected computer
  • Press press Ctrl+Shift+Esc at the same time to launch Task Manager
  • Select File, then New Task (Run...)
  • Click the Browse button
  • Click My Computer then locate and click on your USB device
  • Click the down arrow on Files of type: and select All Files
  • Double click on tweaking.com_windows_repair_aio, then click OK
  • Double click the Tweaking.com - Windows Repair folder
  • Double click the blue and white Repair_Windows icon
  • Select Extract all, Next 2 times, then Finish
  • Double click the Tweaking.com - Windows Repair folder
  • Double click Repair_Windows Tweaking.com red toolbox icon
  • Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22001645.gif

  • Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22001646.gif

  • Go to Step 4 and under "System Restore" click on Create button:

p22001644.gif

  • Go to Start Repairs tab and click Start button.

p22001166.gif

  • Please ensure that ONLY the following items are checked (they're all checked by default):

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Remove Policies Set By Infections
Repair Missing Start Menu Icons Removed By Infections
Repair Icons
Remove Temp Files
Unhide Non System Files
Repair Windows Updates
Repair Volume Shadow Copy Service
Set Windows Services To Default Startup
Repair MSI (Windows Installer)
Repair .lnk (Shortcuts) File Association

  • Click on box next to the Restart System when Finished. Then click on Start
  • Your computer will reboot upon completion
  • Copy and paste the contents of the following log in your reply:

C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt


Edited by Oh My, 30 January 2014 - 11:08 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users