Below are both results
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 03
Ran by Dave at 2014-01-22 17:48:25
Running from C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UTL4XOY
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton 360 Premier Edition (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Norton 360 Premier Edition (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Premier Edition (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (x32 Version: 1.9.1.105 - CinemaNow, Inc.)
Citrix Online Launcher (x32 Version: 1.0.168 - Citrix)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (Version: 2.14 - Piriform)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Eusing Free Registry Cleaner (x32 Version: - Eusing Software)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free Desktop Timer 1.2 (x32 Version: - Drive Software Company)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKCU Version: 6.0.0.1259 - CitrixOnline)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (x32 Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Game Console (x32 Version: - WildTangent) Hidden
HP Games (x32 Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (x32 Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (x32 Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (x32 Version: 11.15.0008 - HP)
HP Setup (x32 Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Information (x32 Version: 10.1.0002 - Hewlett-Packard)
HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
HP Vision Hardware Diagnostics (Version: 2.1.2.27173 - Hewlett-Packard)
Hulu Desktop (HKCU Version: 0.9.14 - Hulu LLC)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KLS Mail Backup 2.0.0.0 (x32 Version: - KirySoft)
Kobo (x32 Version: - )
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (x32 Version: 7.7.6.0 - Eastman Kodak Company)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
LightScribe System Software (x32 Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 en-US) (x32 Version: 17.0.8 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Norton 360 (x32 Version: 21.1.0.18 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (Version: 6.14.12.5987 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice 4.0.0 (x32 Version: 4.00.9702 - Apache Software Foundation)
PDF Complete Special Edition (x32 Version: 4.0.68 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
PictureMover (x32 Version: 3.5.0.28 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PressReader (x32 Version: 5.10.621.0 - NewspaperDirect Inc.)
PrintProjects (x32 Version: 1.0.0.9282 - RocketLife Inc.)
PrivaZer (x32 Version: 2.14.0.0 - Goversoft LLC)
Ralink RT2860 Wireless LAN Card (x32 Version: - Ralink)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6132 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
Speccy (Version: 1.23 - Piriform)
Spybot - Search & Destroy (x32 Version: 2.2.25 - Safer-Networking Ltd.)
thinkorswim from TD AMERITRADE (x32 Version: - TD AMERITRADE, Inc.)
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
16-01-2014 13:10:09 Installed OpenOffice 4.0.1
20-01-2014 18:00:29 Installed Microsoft Garage Mouse without Borders
22-01-2014 22:17:59 Removed Microsoft Garage Mouse without Borders
==================== Hosts content: ==========================
2009-07-13 21:34 - 2014-01-19 09:21 - 00450639 ___RC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
127.0.0.1
www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1
www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1
www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com
127.0.0.1
www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1
www.10sek.com
127.0.0.1
www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1
www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1
www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {11BA9963-DCA4-4D8B-9093-9ABDCC44C9B5} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {18E7D792-D163-47C7-99FC-C6C0ED5125B5} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {1BFFCA99-1BFE-4B27-B095-38FB26741493} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1D50FB5C-81C7-4FDE-8E5A-61F1E505C796} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {26AEA061-6383-47F5-9755-416631948D29} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {2A1ADCDB-8755-4A8D-A431-ABE9E8E8A6BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-01-14] (Microsoft)
Task: {2D375163-2C2C-4EB3-B642-27C88057F72C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {5923D7F2-8D8E-46FF-92F1-8859579F1EF5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.)
Task: {597426FA-D0B5-4B86-B9DB-57D18CACA87C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5A0DADB5-3B47-4A7E-B22C-61EFAFB2235A} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7A5F2EE2-888F-45CD-AC0F-13193351656D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8C1FDB1C-C9F0-43D1-A406-932C560946AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {8C5F1E64-2D30-45CE-85DA-D168C73AAC4E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {95057B49-CEC7-43C8-A39A-1CB0C0F1BCA5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {9FDED6EC-5D96-410F-9246-F4661B5257A0} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {ACBF6B94-BF5F-42CE-B1DA-852765133A67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {B524033C-7850-463E-A573-FF288E4365D9} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {C2CAB3EF-ADE4-4F22-AEEA-37C2FD9CD9FB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-08] (Google Inc.)
Task: {DA4F1D8D-A67F-4404-A3FA-AF88833CB1E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {E76CD1B3-68DD-4E22-8353-801A5536626C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {E814800F-1662-4C1E-96C4-D3F8387478BB} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
Task: {EA764A3D-5BBA-4A0B-9AFD-7B9FEB4822CA} - System32\Tasks\HPCeeScheduleForDave => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {F0E521FD-966C-4261-ABAC-91573EDC4578} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F829E44C-6834-40E2-BA9D-E22B2A80B63A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDave.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-10-27 08:22 - 2012-08-23 09:38 - 00574840 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-27 08:22 - 2013-05-16 09:55 - 00113496 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-27 08:22 - 2013-05-16 09:55 - 00416600 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-27 08:22 - 2013-05-16 09:55 - 00161112 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-27 08:22 - 2012-04-03 16:06 - 00565640 ____C () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-06-02 21:05 - 2010-06-17 19:00 - 12286520 _____ () C:\Users\Dave\AppData\Roaming\PictureMover\Bin\Core.dll
2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2013-06-02 21:05 - 2010-06-17 19:11 - 01699384 _____ () C:\Users\Dave\AppData\Roaming\PictureMover\EN-US\Presentation.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-02-09 20:58 - 2010-02-09 20:58 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-08-08 08:31 - 2013-08-08 08:31 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-08 08:31 - 2013-08-08 08:31 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-08 08:31 - 2013-08-08 08:31 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/22/2014 05:35:13 PM) (Source: Application Hang) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.16428 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1650
Start Time: 01cf17b87b194512
Termination Time: 93
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id:
Error: (01/22/2014 06:51:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (01/20/2014 07:35:08 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (01/19/2014 09:14:15 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1116
Exception code: 0xc0000409
Fault offset: 0x00037039
Faulting process id: 0xa58
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
System errors:
=============
Error: (01/22/2014 04:19:14 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/21/2014 08:34:22 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 107.
Error: (01/21/2014 00:34:22 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: An SSL 3.0 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
Microsoft Office Sessions:
=========================
Error: (01/22/2014 05:35:13 PM) (Source: Application Hang)(User: )
Description: IEXPLORE.EXE11.0.9600.16428165001cf17b87b19451293C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (01/22/2014 06:51:19 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (01/20/2014 07:35:08 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllC:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (01/19/2014 09:14:15 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.16428525b664cKERNELBASE.dll6.1.7601.1822951fb1116c000040900037039a5801cf15232404fbb1C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\syswow64\KERNELBASE.dll8ede8b6d-8178-11e3-b865-6431501a68d1
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 6143.29 MB
Available physical RAM: 3937.75 MB
Total Pagefile: 12284.75 MB
Available Pagefile: 9752.99 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:686.46 GB) (Free:475.61 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.44 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 461BD980)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=686 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 03
Ran by Dave (administrator) on DAVE-HP on 22-01-2014 17:47:57
Running from C:\Users\Dave\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6UTL4XOY
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(CinemaNow, Inc.) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
() C:\Program Files (x86)\Free Desktop Timer\DesktopTimer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [568888 2010-01-18] ()
HKLM\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [EKStatusMonitor] - C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-13] (PDF Complete Inc)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] - C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-09-06] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Conime] - %windir%\system32\conime.exe
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-14] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKCU\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKCU\...\Run: [FreeDesktopTimer] - C:\Program Files (x86)\Free Desktop Timer\DesktopTimer.exe [623616 2013-01-26] ()
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.aol.com/
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {2473503D-FB8E-493D-A6A1-150AE96499BC} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {BC29273D-26E1-4A54-944F-9E02E8FBBE73} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {CDA7E37D-89A7-4417-8089-B21DD14C2659} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {826387D0-CD09-4BEA-B68A-522921C2C6DE} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {2473503D-FB8E-493D-A6A1-150AE96499BC} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {BC29273D-26E1-4A54-944F-9E02E8FBBE73} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {CDA7E37D-89A7-4417-8089-B21DD14C2659} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {8727E826-4AC4-43F8-BD4C-DAB2DCD00078} URL = http://www.google.com/search?q={searchTerms}&rlz=
SearchScopes: HKCU - {2473503D-FB8E-493D-A6A1-150AE96499BC} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {69C5F084-6650-4F1B-A44E-D0BBC45058D1} URL =
SearchScopes: HKCU - {826387D0-CD09-4BEA-B68A-522921C2C6DE} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291325&CUI=UN76274196718415191&UM=2
SearchScopes: HKCU - {8727E826-4AC4-43F8-BD4C-DAB2DCD00078} URL = http://www.google.com/search?q={searchTerms}&rlz=
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=US&ver=20&locale=en_US&gct=kwd&qsrc=2869
SearchScopes: HKCU - {BC29273D-26E1-4A54-944F-9E02E8FBBE73} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {CDA7E37D-89A7-4417-8089-B21DD14C2659} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203}
http://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\6034yzij.default
FF user.js: detected! => C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\6034yzij.default\user.js
FF DefaultSearchEngine: KeyBar 1.12 Customized Web Search
FF SelectedSearchEngine: KeyBar 1.12 Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3291325&octid=CT3291325&SearchSource=61&CUI=UN32528972811498319&UM=2&UP=SPF8E93286-1E15-4C26-9A93-5AAE7F076999
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3291325&SearchSource=2&CUI=UN32528972811498319&UM=2&q=
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Dave\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @hulu.com/Hulu Desktop - C:\Users\Dave\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll (Hulu LLC)
FF Plugin HKCU: tdameritrade.com/thinkorswim - C:\Program Files (x86)\thinkTDA\npthinkorswim.dll (TD Ameritrade)
FF Plugin HKCU: tdameritrade.com/tossc - C:\Program Files (x86)\thinkTDA\nptossc.dll (TD Ameritrade)
FF Extension: KeyBar 1.12 - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\6034yzij.default\Extensions\{0134af61-7a0c-4649-aeca-90d776060cb3} [2013-10-13]
FF Extension: Yahoo! Toolbar - C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\6034yzij.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-06]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-08]
==================== Services (Whitelisted) =================
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.1.0.18\N360.exe [264360 2013-10-08] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-13] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140110.001\BHDrvx64.sys [1526488 2013-12-17] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-12-06] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140121.001\IDSvia64.sys [521944 2014-01-20] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140122.003\ENG64.SYS [126040 2013-12-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140122.003\EX64.SYS [2099288 2013-12-06] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-07] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-22 17:46 - 2014-01-22 17:46 - 00000000 ___DC C:\FRST
2014-01-22 17:32 - 2014-01-22 17:32 - 00024345 ____C C:\Users\Dave\Desktop\farbar-recovery-scan-tool.htm
2014-01-22 06:33 - 2014-01-22 06:33 - 00000052 ____C C:\Windows\SysWOW64\DOErrors.log
2014-01-20 16:55 - 2014-01-20 16:55 - 00051000 ____C C:\Users\Dave\Desktop\DennisBorden - $500,000 ING
2014-01-20 16:53 - 2014-01-20 16:53 - 00051000 ____C C:\Users\Dave\Downloads\DennisBorden - $500,000 ING
2014-01-19 09:25 - 2014-01-21 06:19 - 00004044 ____C C:\Windows\PFRO.log
2014-01-19 09:25 - 2014-01-19 09:25 - 00302944 ____C C:\Windows\system32\FNTCACHE.DAT
2014-01-19 09:21 - 2013-12-08 15:29 - 00450639 ____C C:\Windows\system32\Drivers\etc\hosts.20140119-092110.backup
2014-01-19 07:58 - 2014-01-22 16:20 - 00000448 ____C C:\Windows\setupact.log
2014-01-19 07:58 - 2014-01-19 07:58 - 00000000 ____C C:\Windows\setuperr.log
2014-01-18 20:26 - 2014-01-18 20:26 - 00068920 ____C C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 19:43 - 2014-01-18 19:43 - 00000000 ___DC C:\Program Files (x86)\PrivaZer
2014-01-16 08:08 - 2014-01-16 08:08 - 00000000 ___DC C:\Users\Dave\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-15 06:19 - 2014-01-15 08:24 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 06:19 - 2014-01-15 08:24 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00343040 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00325120 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00099840 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00030720 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00025600 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 06:19 - 2013-11-26 20:41 - 00007808 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-03 16:15 - 2014-01-03 16:17 - 32080958 ____C C:\Users\Dave\Desktop\Bigalow Screening 1-2-14.avi
==================== One Month Modified Files and Folders =======
2014-01-22 17:46 - 2014-01-22 17:46 - 00000000 ___DC C:\FRST
2014-01-22 17:32 - 2014-01-22 17:32 - 00024345 ____C C:\Users\Dave\Desktop\farbar-recovery-scan-tool.htm
2014-01-22 17:31 - 2009-07-14 00:32 - 00000000 ___DC C:\Windows\system32\FxsTmp
2014-01-22 17:30 - 2013-06-02 23:17 - 00000000 ___DC C:\Users\Dave\.thinkorswim
2014-01-22 17:30 - 2013-06-02 23:17 - 00000000 ___DC C:\Program Files (x86)\thinkTDA
2014-01-22 17:18 - 2013-12-08 09:07 - 00000894 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 17:03 - 2013-06-03 09:08 - 00000830 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 17:01 - 2013-06-12 16:40 - 00000000 ___DC C:\ProgramData\Kodak
2014-01-22 16:28 - 2009-07-13 23:45 - 00018736 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 16:28 - 2009-07-13 23:45 - 00018736 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 16:24 - 2010-09-08 12:09 - 01644570 ____C C:\Windows\WindowsUpdate.log
2014-01-22 16:21 - 2013-08-29 16:33 - 00003358 ____C C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000
2014-01-22 16:21 - 2013-08-29 16:33 - 00003222 ____C C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000
2014-01-22 16:21 - 2010-09-08 12:10 - 00000000 ___DC C:\ProgramData\PDFC
2014-01-22 16:20 - 2014-01-19 07:58 - 00000448 ____C C:\Windows\setupact.log
2014-01-22 16:20 - 2013-12-08 09:06 - 00000890 ____C C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 16:20 - 2013-10-29 20:36 - 00000328 ____C C:\Windows\Tasks\HPCeeScheduleForDave.job
2014-01-22 16:20 - 2013-06-04 23:12 - 00000000 ___DC C:\ProgramData\NVIDIA
2014-01-22 16:20 - 2009-07-14 00:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2014-01-22 06:33 - 2014-01-22 06:33 - 00000052 ____C C:\Windows\SysWOW64\DOErrors.log
2014-01-22 06:33 - 2013-10-29 20:36 - 00003180 ____C C:\Windows\System32\Tasks\HPCeeScheduleForDave
2014-01-22 06:33 - 2013-06-26 05:19 - 00000000 ____C C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-22 06:32 - 2013-06-05 09:37 - 00000000 ___DC C:\Users\Dave\AppData\Roaming\HP Support Assistant
2014-01-22 06:32 - 2013-06-03 21:20 - 00000000 ___DC C:\Users\Dave\AppData\Roaming\HpUpdate
2014-01-22 06:23 - 2013-08-03 07:14 - 00003336 ____C C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2625895798-646920419-2108830663-1000
2014-01-22 06:23 - 2013-08-03 07:14 - 00003200 ____C C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2625895798-646920419-2108830663-1000
2014-01-21 06:19 - 2014-01-19 09:25 - 00004044 ____C C:\Windows\PFRO.log
2014-01-20 19:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2014-01-20 16:55 - 2014-01-20 16:55 - 00051000 ____C C:\Users\Dave\Desktop\DennisBorden - $500,000 ING
2014-01-20 16:53 - 2014-01-20 16:53 - 00051000 ____C C:\Users\Dave\Downloads\DennisBorden - $500,000 ING
2014-01-20 12:19 - 2009-07-14 00:13 - 00799374 ____C C:\Windows\system32\PerfStringBackup.INI
2014-01-19 09:25 - 2014-01-19 09:25 - 00302944 ____C C:\Windows\system32\FNTCACHE.DAT
2014-01-19 08:04 - 2013-06-06 21:25 - 00000000 ___DC C:\Users\Dave\Desktop\Kids
2014-01-19 07:58 - 2014-01-19 07:58 - 00000000 ____C C:\Windows\setuperr.log
2014-01-18 20:26 - 2014-01-18 20:26 - 00068920 ____C C:\Users\Dave\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-18 20:25 - 2013-10-08 15:17 - 00000000 ___DC C:\Users\Dave\AppData\Local\PrivaZer
2014-01-18 19:44 - 2013-10-25 06:38 - 00001887 ____C C:\Users\Public\Desktop\PrivaZer.lnk
2014-01-18 19:43 - 2014-01-18 19:43 - 00000000 ___DC C:\Program Files (x86)\PrivaZer
2014-01-17 19:59 - 2013-10-27 08:22 - 00000000 ___DC C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-16 08:08 - 2014-01-16 08:08 - 00000000 ___DC C:\Users\Dave\Desktop\OpenOffice 4.0.1 (en-US) Installation Files
2014-01-15 19:36 - 2013-09-19 10:55 - 00000000 ___DC C:\Users\Dave\AppData\Local\Citrix
2014-01-15 19:17 - 2013-12-15 19:57 - 00000000 ___DC C:\Users\Dave\Documents\12-15-2013
2014-01-15 19:14 - 2013-06-07 19:18 - 00000000 ___DC C:\Users\Dave\AppData\Local\CrashDumps
2014-01-15 08:24 - 2014-01-15 06:19 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 08:24 - 2014-01-15 06:19 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 08:24 - 2013-08-03 02:00 - 00000000 ___DC C:\Windows\system32\MRT
2014-01-15 08:22 - 2013-06-03 00:08 - 86054176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-13 16:17 - 2013-06-07 10:02 - 00000000 ___DC C:\Users\Dave\AppData\Local\Google
2014-01-13 12:51 - 2009-07-13 22:20 - 00000000 ___DC C:\Windows\PolicyDefinitions
2014-01-11 19:38 - 2009-07-13 22:20 - 00000000 ___DC C:\Windows\LiveKernelReports
2014-01-11 12:09 - 2009-07-13 22:20 - 00000000 ___DC C:\Windows\system32\NDF
2014-01-03 16:17 - 2014-01-03 16:15 - 32080958 ____C C:\Users\Dave\Desktop\Bigalow Screening 1-2-14.avi
2014-01-03 12:14 - 2013-09-20 18:45 - 00000000 ___DC C:\Users\Dave\Desktop\Odin
2013-12-31 20:28 - 2013-06-09 07:21 - 00000000 ___DC C:\Users\Dave\Documents\My Backups
2013-12-24 07:03 - 2013-06-09 07:35 - 00000000 ___DC C:\Users\Dave\AppData\Local\Mozilla
2013-12-23 07:27 - 2009-07-14 00:08 - 00032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 19:33
==================== End Of Log ============================