Okey-doke. Here's what I got:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Caprice (administrator) on CAPRICE on 21-12-2014 18:11:14
Running from C:\Users\Caprice\Downloads
Loaded Profile: Caprice (Available profiles: Caprice)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2031\g2mstart.exe
(Google Inc.) C:\Users\Caprice\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\Caprice\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2031\g2mcomm.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2031\g2mlauncher.exe
() C:\Program Files (x86)\JL Christmas Market\JL Christmas Market.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\groove.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17499_x64__8wekyb3d8bbwe\glcnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7198424 2013-08-23] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2013-12-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-928018381-13728776-844392014-1001\...\Run: [GoToMeeting] => C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2031\g2mstart.exe [40304 2014-12-05] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-928018381-13728776-844392014-1001\...\Run: [Google Update] => C:\Users\Caprice\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-12-02] (Google Inc.)
HKU\S-1-5-21-928018381-13728776-844392014-1001\...\Run: [Google+ Auto Backup] => C:\Users\Caprice\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-12] (Google Inc.)
Startup: C:\Users\Caprice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Christmas Market.lnk
ShortcutTarget: JL Christmas Market.lnk -> C:\Program Files (x86)\JL Christmas Market\JL Christmas Market.exe ()
Startup: C:\Users\Caprice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\groove.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
HKU\S-1-5-21-928018381-13728776-844392014-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-928018381-13728776-844392014-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
HKU\S-1-5-21-928018381-13728776-844392014-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-928018381-13728776-844392014-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-928018381-13728776-844392014-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-928018381-13728776-844392014-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Caprice\AppData\Roaming\Mozilla\Firefox\Profiles\i3pawdx6.default
FF Homepage: www.tensoft.com
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKU\S-1-5-21-928018381-13728776-844392014-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Caprice\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-928018381-13728776-844392014-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Caprice\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-928018381-13728776-844392014-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Caprice\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.6.0.32\coFFPlgn [2014-12-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-11]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-24] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
S2 0314751411242123mcinstcleanup; C:\Users\Caprice\AppData\Local\Temp\031475~1.EXE -cleanup -nolog [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\BASHDefs\20141209.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\IPSDefs\20141219.001\IDSvia64.sys [637656 2014-11-17] (Symantec Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20141221.002\ENG64.SYS [129752 2014-08-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.6.0.32\Definitions\VirusDefs\20141221.002\EX64.SYS [2137304 2014-08-11] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2014-08-25] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-08-25] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1506000.020\SymELAM.sys [23568 2014-08-25] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-10-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-08-25] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
U3 McAPExe; No ImagePath
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 08:57 - 2014-12-21 08:57 - 02173952 _____ () C:\Users\Caprice\Downloads\AdwCleaner(1).exe
2014-12-21 08:51 - 2014-12-21 08:51 - 00000049 _____ () C:\Users\Caprice\Desktop\Malwarebytes' Anti-Malware.txt
2014-12-21 08:27 - 2014-12-21 08:27 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-21 08:21 - 2014-12-21 16:25 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-21 08:20 - 2014-12-21 15:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-21 08:20 - 2014-12-21 08:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-21 08:20 - 2014-12-21 08:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-21 08:20 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-21 08:20 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-21 08:20 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-21 08:17 - 2014-12-21 08:17 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Caprice\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-21 08:12 - 2014-12-21 08:12 - 00001299 _____ () C:\Users\Caprice\Desktop\JRT.txt
2014-12-21 08:06 - 2014-12-21 08:06 - 00000000 ____D () C:\windows\ERUNT
2014-12-21 08:04 - 2014-12-21 08:04 - 01707646 _____ (Thisisu) C:\Users\Caprice\Downloads\JRT.exe
2014-12-21 08:02 - 2014-12-21 08:02 - 00003149 _____ () C:\Users\Caprice\Desktop\AdwCleaner[S0].txt
2014-12-20 23:30 - 2014-12-21 09:05 - 00000000 ____D () C:\AdwCleaner
2014-12-20 23:28 - 2014-12-20 23:29 - 02166272 _____ () C:\Users\Caprice\Downloads\AdwCleaner.exe
2014-12-20 08:57 - 2014-12-20 08:58 - 00031205 _____ () C:\Users\Caprice\Downloads\Addition.txt
2014-12-20 08:56 - 2014-12-21 18:11 - 00021113 _____ () C:\Users\Caprice\Downloads\FRST.txt
2014-12-20 08:55 - 2014-12-21 18:11 - 00000000 ____D () C:\FRST
2014-12-20 08:54 - 2014-12-20 08:54 - 02122240 _____ (Farbar) C:\Users\Caprice\Downloads\FRST64.exe
2014-12-20 08:22 - 2014-12-20 08:22 - 05198336 _____ (AVAST Software) C:\Users\Caprice\Downloads\aswMBR.exe
2014-12-19 13:21 - 2014-10-30 14:37 - 00129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2014-12-19 13:21 - 2014-10-30 14:34 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2014-12-19 09:22 - 2014-12-19 09:22 - 903432210 _____ () C:\windows\MEMORY.DMP
2014-12-19 09:22 - 2014-12-19 09:22 - 00284880 _____ () C:\windows\Minidump\121914-33937-01.dmp
2014-12-19 09:22 - 2014-12-19 09:22 - 00000000 ____D () C:\windows\Minidump
2014-12-15 09:41 - 2014-12-15 09:41 - 17316504 _____ (Microsoft Corporation) C:\Users\Caprice\Downloads\LMSetup(1).exe
2014-12-15 09:30 - 2014-12-15 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Meeting 2007
2014-12-15 09:29 - 2014-12-15 09:29 - 17316504 _____ (Microsoft Corporation) C:\Users\Caprice\Downloads\LMSetup.exe
2014-12-15 09:29 - 2014-12-15 09:29 - 00000000 ____D () C:\ProgramData\Applications
2014-12-15 09:19 - 2014-12-15 09:20 - 00638888 _____ (Oracle Corporation) C:\Users\Caprice\Downloads\jxpiinstall(1).exe
2014-12-15 09:19 - 2014-12-15 09:19 - 00000000 ____D () C:\ProgramData\Sun
2014-12-15 09:19 - 2014-12-15 09:18 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-15 09:18 - 2014-12-15 09:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-15 09:18 - 2014-12-15 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-15 09:18 - 2014-12-15 09:18 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-15 09:17 - 2014-12-15 09:17 - 00638888 _____ (Oracle Corporation) C:\Users\Caprice\Downloads\jxpiinstall.exe
2014-12-11 21:25 - 2014-12-11 21:25 - 00094003 _____ () C:\Users\Caprice\Downloads\Master (1)
2014-12-11 21:25 - 2014-12-11 21:25 - 00094003 _____ () C:\Users\Caprice\Downloads\Master
2014-12-11 11:34 - 2014-12-11 11:34 - 00000000 ____D () C:\windows\system32\appraiser
2014-12-10 08:11 - 2014-11-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\DeviceSetupStatusProvider.dll
2014-12-10 08:11 - 2014-11-09 17:51 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 08:10 - 2014-12-03 15:37 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-12-10 08:10 - 2014-12-03 15:09 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2014-12-10 08:10 - 2014-12-02 15:09 - 01083392 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-12-10 08:10 - 2014-12-02 15:09 - 00740864 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2014-12-10 08:10 - 2014-12-02 15:09 - 00412672 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2014-12-10 08:10 - 2014-12-02 15:09 - 00396288 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2014-12-10 08:10 - 2014-12-02 15:09 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2014-12-10 08:10 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-12-10 08:10 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-12-10 08:10 - 2014-11-06 20:16 - 01762840 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-12-10 08:10 - 2014-11-06 19:26 - 01489072 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2014-12-10 08:10 - 2014-10-31 15:57 - 01091072 _____ (Microsoft Corporation) C:\windows\system32\MrmCoreR.dll
2014-12-10 08:10 - 2014-10-31 15:47 - 00790528 _____ (Microsoft Corporation) C:\windows\SysWOW64\MrmCoreR.dll
2014-12-10 08:10 - 2014-10-30 15:39 - 01970432 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2014-12-10 08:10 - 2014-10-30 15:38 - 01612992 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2014-12-10 08:10 - 2014-10-12 18:43 - 00238912 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2014-12-10 08:10 - 2014-10-12 18:43 - 00153920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2014-12-10 08:10 - 2014-10-12 18:43 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2014-12-10 08:10 - 2014-10-12 18:43 - 00039744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2014-12-10 08:09 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-12-10 08:09 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-12-10 08:09 - 2014-11-21 18:49 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-12-10 08:09 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-12-10 08:09 - 2014-11-21 18:35 - 00812544 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-12-10 08:09 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-12-10 08:09 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-12-10 08:09 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-12-10 08:09 - 2014-11-21 18:06 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2014-12-10 08:09 - 2014-11-21 18:06 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-12-10 08:09 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-12-10 08:09 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-12-10 08:09 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-12-10 08:09 - 2014-11-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2014-12-10 08:09 - 2014-11-21 17:55 - 00661504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-12-10 08:09 - 2014-11-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-12-10 08:09 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-12-10 08:09 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-12-10 08:09 - 2014-11-21 17:49 - 00373760 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-12-10 08:09 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-12-10 08:09 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-12-10 08:09 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-12-10 08:09 - 2014-11-21 17:34 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2014-12-10 08:09 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-12-10 08:09 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-12-10 08:09 - 2014-11-21 17:29 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2014-12-10 08:09 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-12-10 08:09 - 2014-11-21 17:25 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2014-12-10 08:09 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-12-10 08:09 - 2014-11-21 17:23 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-12-10 08:09 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-12-10 08:09 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-12-10 08:09 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-12-10 08:09 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-12-10 08:09 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-12-10 08:09 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-12-10 08:09 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-12-02 21:41 - 2014-12-02 21:42 - 00000000 ____D () C:\Users\Caprice\AppData\Roaming\com.jacquielawson.marketadventcalendar2014
2014-12-02 21:41 - 2014-12-02 21:41 - 00001012 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JL Christmas Market.lnk
2014-12-02 21:41 - 2014-12-02 21:41 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-12-02 21:41 - 2014-12-02 21:41 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-12-02 21:41 - 2014-12-02 21:41 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-02 21:41 - 2014-12-02 21:41 - 00000000 ____D () C:\Program Files (x86)\JL Christmas Market
2014-12-02 21:41 - 2014-12-02 21:41 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-02 09:03 - 2014-12-02 09:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 07:49 - 2014-12-02 07:49 - 00000880 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928018381-13728776-844392014-1001Core1d00e4784e9103d.job
2014-12-02 07:48 - 2014-12-02 07:49 - 00000880 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928018381-13728776-844392014-1001Core.job
2014-12-02 07:48 - 2014-12-02 07:48 - 00000000 ____D () C:\Users\Caprice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-12-01 06:56 - 2014-12-02 07:48 - 00000000 ____D () C:\Users\Caprice\AppData\Local\Google
2014-12-01 06:56 - 2014-12-01 06:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-12-01 06:56 - 2014-12-01 06:56 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-01 06:55 - 2014-12-01 06:55 - 17385800 _____ (Google Inc.) C:\Users\Caprice\Downloads\picasa39-setup.exe
2014-11-25 13:55 - 2014-11-25 13:55 - 00001079 _____ () C:\Users\Caprice\Downloads\20145325161119.csv
2014-11-24 07:27 - 2014-11-24 07:28 - 01546856 _____ (Skype Technologies S.A.) C:\Users\Caprice\Downloads\SkypeSetup.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 18:10 - 2014-09-10 20:43 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 18:00 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\sru
2014-12-21 17:55 - 2014-11-19 09:06 - 00004978 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CAPRICE-Caprice Caprice
2014-12-21 17:28 - 2014-09-25 08:07 - 00000590 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-928018381-13728776-844392014-1001.job
2014-12-21 15:20 - 2014-09-08 09:02 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{A1B0E98A-3542-442F-B6B5-06F14C0811B1}
2014-12-21 10:17 - 2014-09-08 09:09 - 00003592 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-928018381-13728776-844392014-1001
2014-12-21 09:29 - 2014-09-08 09:04 - 00000000 __RDO () C:\Users\Caprice\SkyDrive
2014-12-21 09:17 - 2013-08-24 13:32 - 00110508 _____ () C:\windows\PFRO.log
2014-12-21 09:17 - 2013-08-22 06:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-12-21 09:17 - 2013-08-22 05:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2014-12-21 08:16 - 2014-09-08 08:58 - 01093135 _____ () C:\windows\WindowsUpdate.log
2014-12-21 08:16 - 2013-08-24 13:59 - 00908670 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-12-21 07:41 - 2014-09-08 09:02 - 00000000 ____D () C:\Users\Caprice\AppData\Local\Packages
2014-12-20 08:35 - 2013-08-22 07:20 - 00000000 ____D () C:\windows\CbsTemp
2014-12-19 13:44 - 2014-10-28 08:16 - 00000000 ____D () C:\Users\Caprice\Documents\Caprice-home
2014-12-19 10:33 - 2014-09-08 09:02 - 00000000 ____D () C:\Users\Caprice
2014-12-19 09:26 - 2013-08-22 05:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-12-19 09:20 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\LiveKernelReports
2014-12-19 08:47 - 2014-11-16 23:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-12-18 21:00 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\AppReadiness
2014-12-18 06:59 - 2014-10-17 07:58 - 00000356 _____ () C:\windows\Tasks\HPCeeScheduleForCaprice.job
2014-12-18 06:59 - 2014-09-10 18:49 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-12-18 06:58 - 2014-09-10 18:49 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-12-15 09:30 - 2014-09-17 15:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-12-14 11:07 - 2014-09-25 08:07 - 00003592 _____ () C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-928018381-13728776-844392014-1001
2014-12-14 00:22 - 2013-08-22 06:46 - 00022566 _____ () C:\windows\setupact.log
2014-12-13 08:50 - 2014-09-22 19:22 - 00000000 ____D () C:\Users\Caprice\AppData\Local\CrashDumps
2014-12-12 07:59 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\rescache
2014-12-11 21:14 - 2013-08-22 07:36 - 00000000 ___HD () C:\windows\ELAMBKUP
2014-12-11 11:34 - 2014-09-14 11:23 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-12-11 11:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\sr-Latn-RS
2014-12-11 11:34 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\system32\sr-Latn-CS
2014-12-11 11:33 - 2013-08-22 07:36 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-12-10 08:39 - 2014-09-11 08:58 - 00000000 ____D () C:\windows\system32\MRT
2014-12-10 08:35 - 2014-09-11 08:58 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-12-09 10:10 - 2014-09-10 20:43 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 07:13 - 2013-08-24 13:38 - 00891920 _____ () C:\windows\system32\PerfStringBackup.INI
2014-12-02 21:39 - 2014-09-08 09:02 - 00000000 ____D () C:\Users\Caprice\AppData\Roaming\Adobe
2014-12-02 21:38 - 2014-09-10 20:42 - 00000000 ____D () C:\Users\Caprice\AppData\Local\Adobe
2014-12-02 21:27 - 2014-09-09 19:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-26 13:10 - 2014-11-17 21:22 - 00714720 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 13:10 - 2014-11-17 21:22 - 00106976 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-23 12:46 - 2014-11-16 23:09 - 00000000 ____D () C:\Users\Caprice\AppData\Roaming\Apple Computer
2014-11-21 23:46 - 2014-11-19 09:13 - 00000000 ___RD () C:\Users\Caprice\OneDrive - Tensoft, Inc-
Some content of TEMP:
====================
C:\Users\Caprice\AppData\Local\Temp\Quarantine.exe
C:\Users\Caprice\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-17 08:33
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Caprice at 2014-12-21 18:12:08
Running from C:\Users\Caprice\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{EE691BD9-2B2C-6BFB-6389-ABAF5AD2A4A1}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{77463C86-BB3A-426E-A6C2-06B4D28C250F}) (Version: 1.0.223 - Citrix)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Curse at Twilight (x32 Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6805 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3103 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4323 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3215 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3215 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3212 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden
Google+ Auto Backup (HKU\S-1-5-21-928018381-13728776-844392014-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GoToMeeting 6.4.8.2093 (HKU\S-1-5-21-928018381-13728776-844392014-1001\...\GoToMeeting) (Version: 6.4.8.2093 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HL-L2360D series (HKLM-x32\...\{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 0.0.13.0 - Brother Industries, Ltd.)
House of 1000 Doors: Family Secrets (x32 Version: 2.2.0.98 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-928018381-13728776-844392014-1001\...\HPConnectedMusic) (Version: 1.1 (build 126) hp - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{8126E380-F9C6-4317-9CEE-9BBDDAB676E5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jacquie Lawson Christmas Market (HKLM-x32\...\com.jacquielawson.marketadventcalendar2014) (Version: 1.0.1 - MicroCourt Limited)
Jacquie Lawson Christmas Market (x32 Version: 1.0.1 - MicroCourt Limited) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{0309B99E-C7EA-414C-AC53-A78061277595}) (Version: 8.0.6362.223 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0 (x86 en-US)) (Version: 34.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinger (HKLM-x32\...\Pinger 1.1.1.2) (Version: 1.1.1.2 - Pinger Inc.)
Pinger (x32 Version: 1.1.1.2 - Pinger Inc.) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.7001 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-928018381-13728776-844392014-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2031\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-928018381-13728776-844392014-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Caprice\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-928018381-13728776-844392014-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Caprice\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
10-12-2014 08:29:14 Windows Update
15-12-2014 09:29:50 Installed Microsoft Office Live Meeting 2007
18-12-2014 20:59:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {094D5E67-B893-48D0-9258-C1B88CA3C572} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-10-22] (Microsoft Corporation)
Task: {1113AA51-F9CC-4453-9D2A-9B3FD258A463} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CAPRICE-Caprice Caprice => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-09-23] (Microsoft Corporation)
Task: {161F9508-CEB4-40E6-889F-E9C92ADA7978} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-04] (CyberLink)
Task: {37D45B29-E787-4159-98E3-5F68D91790E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {399C3F30-8906-4413-9FDE-7A41BCF043FF} - System32\Tasks\ISpeedPC_Daily => C:\Program Files (x86)\iSpeedPC\ISpeedPC.exe
Task: {4F135059-7F71-4EB2-81A3-D45DFA76363B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {52FE5978-D23C-4D31-B59B-F860C285EA0A} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {55A1C57D-956E-401A-9A1A-721986DB24FE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-20] (Symantec Corporation)
Task: {75D6F695-81B5-47B0-AB2E-E07F8F3127CB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7FFA49E4-E456-4896-BA49-196A0084CF05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {8BABC759-21E2-4BA7-98D9-E10C6D563F90} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9A9AFA75-A472-4298-AF7D-B6DB06A78011} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A49CB46E-AA18-4384-90F2-3BAC2D524DC2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A68166B9-F06E-4916-9D1B-5B911DF6980C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {AE430C78-B7F0-4E5A-A3A5-18B7D0A1B461} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {C2864253-A32E-4F77-B79C-90D4156B572E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CD11E4DD-D34B-45F7-AB33-A3D2B8BB05BE} - System32\Tasks\ISpeedPC_LogOn => C:\Program Files (x86)\iSpeedPC\ISpeedPC.exe
Task: {EE6CBD31-3B59-477D-9731-39B102607F86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F9BC062C-AC05-40B9-AF7C-10E69F24E79E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {FE1B9631-489E-413C-8676-EBDB605C9D6B} - System32\Tasks\G2MUpdateTask-S-1-5-21-928018381-13728776-844392014-1001 => C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2093\g2mupdate.exe [2014-12-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {FE718139-55E7-42B3-B9A5-863EB7F8CA39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-928018381-13728776-844392014-1001.job => C:\Users\Caprice\AppData\Local\Citrix\GoToMeeting\2093\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928018381-13728776-844392014-1001Core.job => C:\Users\Caprice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-928018381-13728776-844392014-1001Core1d00e4784e9103d.job => C:\Users\Caprice\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForCaprice.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2013-09-26 11:26 - 2013-09-26 11:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 11:32 - 2013-09-26 11:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 11:28 - 2013-09-26 11:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 11:39 - 2013-09-26 11:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 11:39 - 2013-09-26 11:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-09-17 15:48 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-17 15:55 - 2014-09-23 05:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-26 11:34 - 2013-09-26 11:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-12-02 21:41 - 2014-12-02 21:41 - 00142336 _____ () C:\Program Files (x86)\JL Christmas Market\JL Christmas Market.exe
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-17 15:49 - 2014-09-23 03:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-08-12 14:29 - 2014-08-12 14:29 - 03219456 _____ () C:\Users\Caprice\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
2014-09-20 10:44 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-09-17 15:48 - 2014-11-15 10:35 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-09-17 15:49 - 2014-09-23 03:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
2013-11-12 04:42 - 2013-08-04 23:49 - 00627672 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-09-17 15:48 - 2014-11-15 10:35 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-10-23 08:45 - 2014-11-15 10:36 - 01754296 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2014-09-17 15:51 - 2014-10-14 08:29 - 01032352 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-09-17 15:48 - 2014-10-23 08:46 - 00122024 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2014-09-17 15:48 - 2014-11-15 10:35 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2014-12-02 09:03 - 2014-12-02 09:03 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Caprice\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
========================= Accounts: ==========================
Administrator (S-1-5-21-928018381-13728776-844392014-500 - Administrator - Disabled)
Caprice (S-1-5-21-928018381-13728776-844392014-1001 - Administrator - Enabled) => C:\Users\Caprice
Guest (S-1-5-21-928018381-13728776-844392014-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16640
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16640
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14890
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14890
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13250
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13250
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11656
System errors:
=============
Error: (12/21/2014 10:43:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/21/2014 08:28:52 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:28:21 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:27:51 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:27:21 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:23:05 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:22:35 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:22:05 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:21:35 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Error: (12/21/2014 08:21:05 AM) (Source: DCOM) (EventID: 10010) (User: CAPRICE)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
Microsoft Office Sessions:
=========================
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16640
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 16640
Error: (12/21/2014 03:17:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14890
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14890
Error: (12/21/2014 03:17:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13250
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13250
Error: (12/21/2014 03:17:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/21/2014 03:17:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11656
==================== Memory info ===========================
Processor: AMD A6-5200 APU with Radeon HD Graphics
Percentage of memory in use: 24%
Total physical RAM: 7622.43 MB
Available physical RAM: 5754.04 MB
Total Pagefile: 15302.43 MB
Available Pagefile: 12174.71 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:914.83 GB) (Free:845.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:15.2 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (BACKUP) (Fixed) (Total:465.75 GB) (Free:213.04 GB) NTFS
Drive g: (DATA) (Fixed) (Total:465.75 GB) (Free:0.01 GB) NTFS
Drive h: () (Removable) (Total:0.48 GB) (Free:0.32 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A7750EEE)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 488.7 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 83267D78)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 83267D7B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)
==================== End Of Log ============================