[Inactive-A] HELP! - Page 2
Page 2 of 5 FirstFirst 1234 ... LastLast
Results 16 to 30 of 62

Thread: [Inactive-A] HELP!

  1. #16
    Join Date
    Jul 2003
    Posts
    130
    ***PS


    Attempted to DL AVAST, as I thought I was supposed to (?)

    Still infected

  2. #17
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Very good

    See if you can start normally and...

    ...complete all steps listed here: http://discussions.virtualdr.com/sho...d-4-28-2013%29

  3. #18
    Join Date
    Jul 2003
    Posts
    130

    No dice !

    Quote Originally Posted by laurelj View Post
    ***PS


    Attempted to DL AVAST, as I thought I was supposed to (?)

    Still infected
    Nope....sucker is still there. Thought I was home free.
    I can start normally, but will not allow me to install/DL AV...claims it has detected a virus and therefore deleted it. (aaaararrrgh!)

  4. #19
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Use another working computer to download following tool and use USB flash drive to transfer it to sick computer.

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.



    NOTE. Install Panda USB Vaccine, or BitDefender’s USB Immunizer on GOOD computer to protect it from any infected USB device.

  5. #20
    Join Date
    Jul 2003
    Posts
    130
    Broni...

    you said:

    "***************
    Use another working computer to download following tool and use USB flash drive to transfer it to sick computer.

    Please download Farbar Recovery Scan Tool...."

    I did use another pC> Should I start over and proceed with all your post instructs ? I WANT TO MAKE SURE YOU KNOW THAT I USED ANOTHER COMPUTER BEFORE PROCEEDING.

    thx

    OOPS sorry caps

  6. #21
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    I'm not sure what you mean by "start over".

    Just run Farbar Recovery Scan Tool on sick computer and post its log.

  7. #22
    Join Date
    Jul 2003
    Posts
    130

    done

    Quote Originally Posted by Broni View Post
    I'm not sure what you mean by "start over".

    Just run Farbar Recovery Scan Tool on sick computer and post its log.

    YES!

    I did Broni. Posted all plus add'l early his morning.

  8. #23
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    What do you mean?
    I don't see any logs posted.

  9. #24
    Join Date
    Jul 2003
    Posts
    130

    Very odd! part 1 of 2

    Quote Originally Posted by Broni View Post
    What do you mean?
    I don't see any logs posted.
    That's strange Broni- I posted then 2x/ very very long.

    OK, here goes nothing , again - WAIT! I SEE IT!

    Look-

    "The text that you have entered is too long (55137 characters). Please shorten it to 50000 characters long."

    SO, it was not posting. I will put one part right here and part 2 in another post. Hope you can follow this .

    THX again ( and again )
    =====================================


    scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2013
    Ran by laurelhome (administrator) on 22-07-2013 06:41:36
    Running from F:\
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
    (Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
    (Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
    (Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
    (Microsoft Corporation) C:\Windows\System32\StikyNot.exe
    () C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Logitech, Inc.) C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe
    (Logitech, Inc.) C:\Users\laurelhome\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe
    (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060320 2010-02-09] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.)
    HKCU\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6129496 2011-01-12] (Logitech Inc.)
    HKCU\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
    HKCR\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-2943752849-2961130617-1043429671-1000\$bec1570b88464ad800917278f134618e\o. ATTENTION! ====> ZeroAccess?
    MountPoints2: {196a8023-4233-11e1-a417-f80f4133d8bd} - F:\setup.exe -a
    HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Hotkey Utility] - C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-18] ()
    HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2012-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-03-03] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] - "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [3478752 2012-12-18] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.)
    HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()
    HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe /default [154144 2010-07-29] ()

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://emachines.msn.com
    URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
    SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
    SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
    SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=AEMTDF&pc=MAEM&src=IE-SearchBox
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
    SearchScopes: HKCU - {E62605CF-E767-4017-9873-08FDA48B89E3} URL = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=0172A40B-8305-4C72-BCC5-7641E6119EF2&apn_sauid=46E7ED9D-59F0-4215-9F21-965456984CCD
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File
    BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
    BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
    Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
    Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
    Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts.../ieawsdc32.cab
    DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite....x/qtplugin.cab
    DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto.com/upload/activ...eX_Control.cab
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    ==================== Services (Whitelisted) =================

    R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
    R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
    R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
    R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-16] (Symantec Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()

    ==================== Drivers (Whitelisted) ====================

    R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
    R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20120302.001\BHDrvx64.sys [1157240 2012-03-02] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2012-02-03] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2012-02-03] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20120307.002\IDSvia64.sys [488568 2012-03-06] (Symantec Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
    S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\ENG64.SYS [117880 2012-01-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
    S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20120308.002\EX64.SYS [2048632 2012-01-07] (Symantec Corporation)
    S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
    R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-01-07] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-07-21 20:10 - 2013-07-21 20:10 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
    2013-07-21 09:13 - 2013-07-21 09:13 - 00000000 ____D C:\FRST
    2013-07-20 09:29 - 2013-07-20 09:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
    2013-07-18 06:32 - 2013-07-18 19:49 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
    2013-07-14 08:41 - 2013-07-14 08:41 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
    2013-07-11 03:08 - 2013-06-11 19:43 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-07-11 03:08 - 2013-06-11 19:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-07-11 03:08 - 2013-06-11 19:42 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-07-11 03:08 - 2013-06-11 19:26 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-07-11 03:08 - 2013-06-11 19:26 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-07-11 03:08 - 2013-06-11 19:26 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-07-11 03:08 - 2013-06-11 19:25 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-07-11 03:08 - 2013-06-11 19:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-07-11 03:08 - 2013-06-11 18:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-07-11 03:08 - 2013-06-11 18:50 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-07-11 03:08 - 2013-06-06 23:22 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-07-11 03:08 - 2013-06-06 22:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-07-10 18:36 - 2013-07-10 18:36 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
    2013-07-10 18:33 - 2013-07-20 07:06 - 00000000 ____D C:\Users\laurelhome\Desktop\library
    2013-07-10 07:27 - 2013-06-04 23:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-07-10 07:27 - 2013-06-04 02:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
    2013-07-10 07:27 - 2013-06-04 00:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
    2013-07-10 07:27 - 2013-05-06 02:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
    2013-07-10 07:27 - 2013-05-06 00:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
    2013-07-10 07:27 - 2013-04-09 19:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
    2013-07-10 07:27 - 2013-04-02 18:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
    2013-07-07 17:41 - 2013-07-07 17:41 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
    2013-07-06 13:27 - 2013-07-06 13:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
    2013-07-05 06:55 - 2013-07-05 06:56 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
    2013-07-04 08:02 - 2013-07-04 08:02 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
    2013-07-01 07:16 - 2013-07-01 07:32 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
    2013-06-30 19:34 - 2013-06-30 19:34 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
    2013-06-25 13:54 - 2013-06-25 13:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
    2013-06-25 13:41 - 2013-06-25 13:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
    2013-06-25 13:26 - 2013-06-25 13:26 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
    2013-06-25 12:59 - 2013-06-25 12:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
    2013-06-25 12:57 - 2013-06-25 12:57 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
    2013-06-25 12:33 - 2013-07-21 20:11 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi

    ==================== One Month Modified Files and Folders =======

    2013-07-22 06:39 - 2012-05-03 09:47 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Skype
    2013-07-22 06:31 - 2013-04-02 20:06 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-07-22 06:24 - 2013-04-02 20:06 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-07-22 06:24 - 2012-09-02 19:46 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-07-21 21:45 - 2012-01-07 17:02 - 00000000 __SHD C:\Recovery
    2013-07-21 21:21 - 2009-07-14 00:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-07-21 21:21 - 2009-07-14 00:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-07-21 21:17 - 2009-07-14 01:13 - 00727310 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-07-21 21:17 - 2009-07-07 03:39 - 01545620 _____ C:\Windows\WindowsUpdate.log
    2013-07-21 21:13 - 2012-01-07 18:08 - 00065536 _____ C:\Windows\system32\Ikeext.etl
    2013-07-21 21:13 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-07-21 21:13 - 2009-07-14 00:51 - 00040219 _____ C:\Windows\setupact.log
    2013-07-21 21:13 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\tracing
    2013-07-21 21:13 - 2009-07-07 03:38 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-07-21 20:11 - 2013-06-25 12:33 - 00000000 ____D C:\Users\laurelhome\Desktop\JULY2013 gi
    2013-07-21 20:10 - 2013-07-21 20:10 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{DFA8F153-70DE-4A34-A7BA-ABC5DB8F73B4}
    2013-07-21 17:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
    2013-07-21 09:13 - 2013-07-21 09:13 - 00000000 ____D C:\FRST
    2013-07-20 09:31 - 2013-04-20 12:48 - 00000000 __HDC C:\Users\LAUREL~1\AppData\Local\~0
    2013-07-20 09:29 - 2013-07-20 09:29 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\Tific
    2013-07-20 07:06 - 2013-07-10 18:33 - 00000000 ____D C:\Users\laurelhome\Desktop\library
    2013-07-18 21:44 - 2013-04-02 20:06 - 00003902 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2013-07-18 21:44 - 2013-04-02 20:06 - 00003650 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2013-07-18 21:44 - 2012-01-07 17:02 - 00000000 ____D C:\Users\laurelhome
    2013-07-18 19:51 - 2012-11-08 19:03 - 00000000 ___RD C:\Program Files (x86)\Skype
    2013-07-18 19:51 - 2011-03-31 05:13 - 00000000 ____D C:\ProgramData\Skype
    2013-07-18 19:49 - 2013-07-18 06:32 - 00000000 ____D C:\ProgramData\8ed1d93e-4c6e-0000-d386-0c0060e123bc
    2013-07-18 19:49 - 2011-03-31 05:24 - 00000000 ____D C:\ProgramData\Norton
    2013-07-18 19:49 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
    2013-07-18 19:47 - 2012-01-07 19:09 - 00000000 __RHD C:\MSOCache
    2013-07-17 19:24 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
    2013-07-14 08:53 - 2012-08-19 16:24 - 00000000 ____D C:\Users\laurelhome\Desktop\jwlry
    2013-07-14 08:43 - 2013-06-17 19:37 - 00000000 ____D C:\Users\laurelhome\Desktop\H.POTTER
    2013-07-14 08:41 - 2013-07-14 08:41 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{868E3F65-8A3A-4BFD-86EC-8F9134A9BC1D}
    2013-07-12 15:34 - 2012-01-08 18:39 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\CrashDumps
    2013-07-11 17:38 - 2012-10-17 17:58 - 00000000 ____D C:\Users\laurelhome\Desktop\recipes
    2013-07-11 03:35 - 2009-07-14 00:45 - 00416200 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-07-11 03:34 - 2013-03-14 03:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-07-11 03:34 - 2013-03-14 03:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-07-11 03:33 - 2010-11-21 03:17 - 00000000 ____D C:\Program Files\Windows Journal
    2013-07-11 03:10 - 2012-01-18 18:29 - 78185248 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-07-11 03:09 - 2012-08-25 07:10 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-07-10 18:36 - 2013-07-10 18:36 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{6E94EC52-CCEB-4DFC-9175-73DAB384E5DE}
    2013-07-07 17:41 - 2013-07-07 17:41 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{65421385-239C-41C1-9070-535CD5EA22EA}
    2013-07-06 13:27 - 2013-07-06 13:27 - 00009734 _____ C:\Users\laurelhome\Documents\groceries.xlsx
    2013-07-06 11:14 - 2012-01-07 17:13 - 00000000 ____D C:\Users\laurelhome\AppData\Roaming\SoftGrid Client
    2013-07-05 21:29 - 2013-04-16 22:59 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2013
    2013-07-05 21:28 - 2012-01-14 23:53 - 00000000 ____D C:\Users\laurelhome\Desktop\gipics january 2012
    2013-07-05 21:27 - 2012-11-06 17:45 - 00000000 ____D C:\Users\laurelhome\Desktop\coaster
    2013-07-05 21:25 - 2012-09-05 05:57 - 00000000 ____D C:\Users\laurelhome\Desktop\favs
    2013-07-05 21:24 - 2012-09-03 22:19 - 00000000 ____D C:\Users\laurelhome\Desktop\gpics
    2013-07-05 06:56 - 2013-07-05 06:55 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{AB507790-7C65-4EB2-AD72-5F897E0FCA24}
    2013-07-04 09:52 - 2012-10-28 18:32 - 00000000 ____D C:\Users\laurelhome\Desktop\halloween2012
    2013-07-04 08:02 - 2013-07-04 08:02 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{CC6971E9-18BD-4012-BBDD-288A57C5F028}
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 105 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 104 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 103 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 096 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 095 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 055 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 053 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 052 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 051 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001696 _____ C:\Users\laurelhome\Desktop\lake george 117 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001691 _____ C:\Users\laurelhome\Desktop\lake george 101 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001687 _____ C:\Users\laurelhome\Desktop\lake george 091 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001686 _____ C:\Users\laurelhome\Desktop\lake george 054 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001671 _____ C:\Users\laurelhome\Desktop\lake george 100 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 093 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 092 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 090 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 089 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 088 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 087 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 086 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 081 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 079 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 078 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 077 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 076 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 072 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 070 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 067 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 066 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 065 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 064 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 063 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 062 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 061 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 060 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 059 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 058 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001669 _____ C:\Users\laurelhome\Desktop\lake george 057 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001666 _____ C:\Users\laurelhome\Desktop\lake george 116 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 111 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001654 _____ C:\Users\laurelhome\Desktop\lake george 102 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001651 _____ C:\Users\laurelhome\Desktop\lake george 068 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 080 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001624 _____ C:\Users\laurelhome\Desktop\lake george 073 - Shortcut.lnk
    2013-07-04 08:00 - 2012-08-19 15:45 - 00001595 _____ C:\Users\laurelhome\Desktop\lake george 069 - Shortcut.lnk
    2013-07-04 08:00 - 2012-04-06 19:43 - 00000000 ____D C:\Users\laurelhome\Desktop\april 2012
    2013-07-04 07:57 - 2012-02-26 11:13 - 00000000 ____D C:\Users\laurelhome\Desktop\giannafeb2012
    2013-07-04 07:56 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 050 - Shortcut.lnk
    2013-07-04 07:56 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 049 - Shortcut.lnk
    2013-07-04 07:56 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 048 - Shortcut.lnk
    2013-07-04 07:56 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 047 - Shortcut.lnk
    2013-07-04 07:56 - 2012-08-19 15:45 - 00001701 _____ C:\Users\laurelhome\Desktop\lake george 046 - Shortcut.lnk
    2013-07-03 17:31 - 2012-07-29 18:47 - 00000000 ____D C:\Users\laurelhome\Desktop\gbday
    2013-07-03 17:30 - 2012-07-26 22:09 - 00000000 ____D C:\Users\laurelhome\Desktop\cuban pete
    2013-07-03 17:29 - 2012-11-25 08:57 - 00000000 ____D C:\Users\laurelhome\Desktop\NOVDEC2012
    2013-07-03 17:26 - 2012-08-19 15:42 - 00000000 ____D C:\Users\laurelhome\Desktop\lake george pics2012
    2013-07-01 07:32 - 2013-07-01 07:16 - 00000000 ____D C:\Users\laurelhome\Desktop\LG2013
    2013-07-01 07:30 - 2012-12-02 09:40 - 00000000 ____D C:\Users\laurelhome\Desktop\Le
    2013-07-01 07:16 - 2012-08-05 07:48 - 00000000 ____D C:\Users\laurelhome\Desktop\hoedown
    2013-06-30 19:34 - 2013-06-30 19:34 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{AF3E7684-9DA7-4D75-8A87-11E3C7CAB3A1}
    2013-06-25 13:54 - 2013-06-25 13:54 - 00002239 _____ C:\Users\laurelhome\Documents\My Movie.wlmp
    2013-06-25 13:41 - 2013-06-25 13:41 - 00002249 _____ C:\Users\laurelhome\Documents\THEMOVIE.wlmp
    2013-06-25 13:26 - 2013-06-25 13:26 - 00000000 ____D C:\Users\laurelhome\Desktop\FILMS
    2013-06-25 13:26 - 2012-01-14 23:55 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\Windows Live
    2013-06-25 12:59 - 2013-06-25 12:59 - 00000000 ____D C:\Users\laurelhome\Documents\movies
    2013-06-25 12:57 - 2013-06-25 12:57 - 00000000 ____D C:\Users\LAUREL~1\AppData\Local\{4EF8E7D8-283E-464A-9C3D-8DC80526189A}
    2013-06-22 08:42 - 2012-12-09 15:38 - 00000000 ____D C:\Users\laurelhome\Desktop\pics3

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
    C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


    LastRegBack: 2013-07-21 17:27

    ==================== End Of Log ============================

  10. #25
    Join Date
    Jul 2003
    Posts
    130
    PART 2 ...add'l log :

    *Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2013
    Ran by laurelhome at 2013-07-22 06:42:20
    Running from F:\
    Boot Mode: Normal
    ==========================================================


    ==================== Installed Programs =======================


    Acrobat.com (x32 Version: 2.0.0)
    Acrobat.com (x32 Version: 2.0.0.0)
    Adobe Acrobat XI Pro (x32 Version: 11.0.02)
    Adobe AIR (x32 Version: 3.2.0.2070)
    Adobe Download Assistant (x32 Version: 1.2.5)
    Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
    Adobe Reader 9.5.3 MUI (x32 Version: 9.5.3)
    Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95)
    Apple Application Support (x32 Version: 2.1.7)
    Apple Mobile Device Support (Version: 5.1.1.4)
    Apple Software Update (x32 Version: 2.1.3.127)
    Ask Toolbar (x32 Version: 1.15.2.0)
    Ask Toolbar Updater (HKCU Version: 1.2.1.23037)
    Avery Template - U_0088_01_P (x32 Version: 1.0.0.0)
    Avery Template (x32 Version: 2.0.0.0)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
    Bing Bar (x32 Version: 7.1.391.0)
    Bonjour (Version: 3.0.0.10)
    Browser Manager (x32)
    Build-a-lot 2 (x32 Version: 2.2.0.95)
    CameraHelperMsi (x32 Version: 13.31.1038.0)
    Chuzzle Deluxe (x32 Version: 2.2.0.95)
    Coupon Printer for Windows (x32 Version: 5.0.0.1)
    Create and Print Plugin 4.0.8045 (x32 Version: 4.0.8045)
    D3DX10 (x32 Version: 15.4.2368.0902)
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95)
    Dora's World Adventure (x32 Version: 2.2.0.95)
    eBay Worldwide (x32 Version: 2.1.0901)
    eMachines Games (x32 Version: 1.0.2.4)
    eMachines Recovery Management (x32 Version: 5.00.3002)
    eMachines Registration (x32 Version: 1.03.3003)
    eMachines ScreenSaver (x32 Version: 1.1.0221.2011)
    eMachines Updater (x32 Version: 1.02.3005)
    erLT (x32 Version: 1.20.138.34)
    Final Drive: Nitro (x32 Version: 2.2.0.95)
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
    Google Drive (x32 Version: 1.10.4769.632)
    Google Update Helper (x32 Version: 1.3.21.153)
    Hotkey Utility (x32 Version: 2.05.3014)
    Identity Card (x32 Version: 1.00.3006)
    iTunes (Version: 10.6.1.7)
    Java Auto Updater (x32 Version: 2.0.4.1)
    Java(TM) 6 Update 33 (x32 Version: 6.0.330)
    Jewel Quest Heritage (x32 Version: 2.2.0.95)
    Junk Mail filter update (x32 Version: 15.4.3502.0922)
    Logitech Vid HD (x32 Version: 7.2 (7248))
    Logitech Webcam Software (x32 Version: 2.0)
    LWS Facebook (x32 Version: 13.31.1038.0)
    LWS Gallery (x32 Version: 13.31.1038.0)
    LWS Help_main (x32 Version: 13.31.1044.0)
    LWS Launcher (x32 Version: 13.31.1038.0)
    LWS Motion Detection (x32 Version: 13.30.1395.0)
    LWS Pictures And Video (x32 Version: 13.31.1038.0)
    LWS Twitter (x32 Version: 13.30.1346.0)
    LWS Video Mask Maker (x32 Version: 13.30.1379.0)
    LWS VideoEffects (Version: 13.30.1379.0)
    LWS Webcam Software (x32 Version: 13.31.1038.0)
    LWS WLM Plugin (x32 Version: 1.30.1201.0)
    LWS YouTube Plugin (x32 Version: 13.31.1038.0)
    Mesh Runtime (x32 Version: 15.4.5722.2)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Office 2007 Service Pack 3 (SP3) (x32)
    Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
    Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000)
    Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
    Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
    Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft PowerPoint Viewer (x32 Version: 14.0.6029.1000)
    Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (x32 Version: 12.0.4518.1014)
    Microsoft Silverlight (Version: 5.1.20513.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    MSVCRT (x32 Version: 15.4.2862.0708)
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
    MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
    MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
    Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95)
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95)
    Nero Control Center 10 (x32 Version: 10.2.11100.1.1)
    Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
    Nero Core Components 10 (x32 Version: 2.0.18100.8.8)
    Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
    Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
    Nero Express 10 (x32 Version: 10.2.12000.21.100)
    Nero Express 10 Help (CHM) (x32 Version: 10.5.10200)
    Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
    Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
    Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
    Nero Update (x32 Version: 1.0.0018)
    NOOK for PC (x32 Version: 2.5.1.237)
    Norton Internet Security (x32 Version: 18.7.2.3)
    Norton Online Backup (x32 Version: 2.1.17869)
    NVIDIA Control Panel 307.83 (Version: 307.83)
    NVIDIA Display Control Panel (Version: 1.10)
    NVIDIA Drivers (Version: 1.10.57.35)
    NVIDIA ForceWare Network Access Manager (Version: 1.00.7316)
    NVIDIA ForceWare Network Access Manager (x32 Version: 1.00.7316)
    NVIDIA Graphics Driver 307.83 (Version: 307.83)
    NVIDIA Install Application (Version: 2.1002.109.706)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6684)
    NVIDIA Update 1.10.8 (Version: 1.10.8)
    NVIDIA Update Components (Version: 1.10.8)
    Penguins! (x32 Version: 2.2.0.95)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
    Poker Superstars III (x32 Version: 2.2.0.95)
    Polar Bowler (x32 Version: 2.2.0.95)
    Polar Golfer (x32 Version: 2.2.0.95)
    QuickTime (x32 Version: 7.71.80.42)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6045)
    rosoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Skype Click to Call (x32 Version: 6.10.13089)
    Skype™ 6.3 (x32 Version: 6.3.107)
    Times Reader (x32 Version: 2.055)
    Torchlight (x32 Version: 2.2.0.95)
    Update for 2007 Microsoft Office System (KB967642) (x32)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
    Update for Microsoft Office Access 2007 Help (KB963663) (x32)
    Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
    Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (x32)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
    Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
    Update for Microsoft Office Script Editor Help (KB963671) (x32)
    Update for Microsoft Office Word 2007 Help (KB963665) (x32)
    Update Installer for WildTangent Games App (x32)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95)
    Welcome Center (x32 Version: 1.02.3102)
    WildTangent Games App (eMachines Games) (x32 Version: 4.0.5.36)
    Windows Live (x32 Version: 15.4.3502.0922)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3508.1109)
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
    Windows Live Installer (x32 Version: 15.4.3502.0922)
    Windows Live Language Selector (Version: 15.4.3508.1109)
    Windows Live Mail (x32 Version: 15.4.3502.0922)
    Windows Live Mesh (x32 Version: 15.4.3502.0922)
    Windows Live Messenger (x32 Version: 15.4.3502.0922)
    Windows Live MIME IFilter (Version: 15.4.3502.0922)
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
    Windows Live Photo Common (x32 Version: 15.4.3502.0922)
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
    Windows Live Remote Client (Version: 15.4.5722.2)
    Windows Live Remote Client Resources (Version: 15.4.5722.2)
    Windows Live Remote Service (Version: 15.4.5722.2)
    Windows Live Remote Service Resources (Version: 15.4.5722.2)
    Windows Live SOXE (x32 Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
    Windows Live Writer (x32 Version: 15.4.3502.0922)
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
    Zuma's Revenge (x32 Version: 2.2.0.95)

    ==================== Restore Points =========================

    22-06-2013 01:16:24 Windows Update
    28-06-2013 20:36:14 Windows Update
    02-07-2013 19:35:28 Windows Update
    11-07-2013 07:00:27 Windows Update
    12-07-2013 07:00:42 Windows Update
    18-07-2013 23:12:45 Removed Microsoft Silverlight
    18-07-2013 23:45:19 Restore Operation
    19-07-2013 07:00:28 Windows Update
    20-07-2013 13:33:15 Removed Google Drive
    20-07-2013 13:33:56 Removed Microsoft Silverlight
    22-07-2013 10:36:01 Windows Update

    ==================== Hosts content: ==========================

    2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {1CA7128E-30EA-4913-A808-533FCB43E386} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
    Task: {46832764-5FB8-47FE-AB42-190EAC864330} - System32\Tasks\{0C03772E-5937-4BA1-B198-6AF0BFB6C124} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2012-01-04] (Microsoft Corporation)
    Task: {5EB001A2-04A1-46C2-A34F-38EB92785FC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-02] (Google Inc.)
    Task: {71653504-7262-4D89-BCEA-42130FBBD5E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
    Task: {7568CC5D-70A4-49B8-80CD-D2B14F1C273A} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
    Task: {8779A99A-29D7-4744-9CE5-5C9961408F19} - System32\Tasks\{B501207D-AA37-4033-BE24-D7C55898B4AA} => C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE [2012-01-04] (Microsoft Corporation)
    Task: {8911135F-B48D-4655-B525-794EC9C90D8A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
    Task: {AD27F4C8-EF50-441A-A314-D1FB1B3A5114} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
    Task: {AE034620-66AA-466F-9167-3B11B707345C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {B45F2B1D-D296-4AAE-9812-584F45C2EAA7} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] ()
    Task: {BE161AA7-CDB0-4B3D-B7DF-267875ABD199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-02] (Google Inc.)
    Task: {C6495316-7FB7-4E5E-89C1-373CE5DE2F03} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
    Task: {CF91354F-FAAA-4FB4-BB79-F54C7B6936AB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (07/22/2013 06:40:04 AM) (Source: Application Hang) (User: )
    Description: The program FRST64.exe version 3.3.8.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

    Process ID: 16e8

    Start Time: 01ce86c7bf1e4910

    Termination Time: 4

    Application Path: F:\FRST64.exe

    Report Id: 0990d8f1-f2bb-11e2-89d4-f80f4133d8bd

    Error: (07/22/2013 06:24:40 AM) (Source: Application Error) (User: )
    Description: Faulting application name: FlashPlayerUpdateService.exe, version: 11.6.602.180, time stamp: 0x51a4ab8c
    Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
    Exception code: 0xc0000005
    Fault offset: 0x0002e243
    Faulting process id: 0x848
    Faulting application start time: 0xFlashPlayerUpdateService.exe0
    Faulting application path: FlashPlayerUpdateService.exe1
    Faulting module path: FlashPlayerUpdateService.exe2
    Report Id: FlashPlayerUpdateService.exe3

    Error: (07/21/2013 09:37:22 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 5070

    Error: (07/21/2013 09:37:22 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 5070

    Error: (07/21/2013 09:37:22 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (07/21/2013 09:37:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4071

    Error: (07/21/2013 09:37:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4071

    Error: (07/21/2013 09:37:21 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (07/21/2013 09:37:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3073

    Error: (07/21/2013 09:37:20 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3073


    System errors:
    =============
    Error: (07/21/2013 09:18:25 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 09:17:35 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 09:17:14 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 09:13:35 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 08:02:55 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 07:52:26 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 07:46:53 PM) (Source: Service Control Manager) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.

    Error: (07/21/2013 07:45:23 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 05:49:07 PM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (07/21/2013 09:41:46 AM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.


    Microsoft Office Sessions:
    =========================
    Error: (05/23/2013 07:54:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 121 seconds with 60 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Percentage of memory in use: 36%
    Total physical RAM: 2815.37 MB
    Available physical RAM: 1785.42 MB
    Total Pagefile: 5628.92 MB
    Available Pagefile: 3682.58 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.81 MB

    ==================== Drives ================================

    Drive c: (eMachines) (Fixed) (Total:911.88 GB) (Free:852.95 GB) NTFS (Disk=0 Partition=3)
    Drive f: (OPTIMA PRO) (Removable) (Total:1.92 GB) (Free:0.34 GB) FAT (Disk=2 Partition=1)

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 932 GB) (Disk ID: 35D5C1F3)
    Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=912 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 2 GB) (Disk ID: 814DAD2E)
    Partition 1: (Not Active) - (Size=2 GB) - (Type=06)

    ==================== End Of Log ============================

  11. #26
    Join Date
    Jul 2003
    Posts
    130

    and 1 more thing

    MS SILVERLIGHT ?

  12. #27
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    Why are you trying to download Avast since I can see Norton Internet Security running?
    You can't be running two AV programs.

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST/FRST64 and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Re-run FRST one more time and post new log.
    Attached Files Attached Files

  13. #28
    Join Date
    Jul 2003
    Posts
    130
    [QUOTE=Broni;1433521] Why are you trying to download Avast since I can see Norton Internet Security running?
    You can't be running two AV programs.

    Broni!
    I think it is quite obvious by now, that I have NO clue what I am doing!

    Actually, I thought I had Norton AV free with xfinity , but it keeps asking me to subscribe and I get messages saying I am not protected so I thought it had expired.
    IF it was working, I am not too happy it let this snake in !

    OK, will follow your instructions.
    THX

  14. #29
    Join Date
    Jul 2003
    Posts
    130

    weary

    Getting weary, Broni- bet u r too!


    Did what you said . Did the DL on to the f drive but then out it on my desktop and pout the FRST64 etc ... all in same folder on my desk top.

    here is the log :


    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-07-2013
    Ran by SYSTEM at 2013-07-24 17:47:48 Run:2
    Running from H:\
    Boot Mode: Recovery
    ==============================================

    Error: The HKCR key should be fixed outside recovery mode.
    MountPoints2: {196a8023-4233-11e1-a417-f80f4133d8bd} - F:\setup.exe -a => Error: The entry should be fixed outside recovery mode.
    URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File => Error: The entry should be fixed outside recovery mode.
    BHO-x32: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File => Error: The entry should be fixed outside recovery mode.
    BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File => Error: The entry should be fixed outside recovery mode.
    Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File => Error: The entry should be fixed outside recovery mode.
    Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File => Error: The entry should be fixed outside recovery mode.
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File => Error: The entry should be fixed outside recovery mode.
    Error: DeleteJunctionsIndirectory: C:\Program Files\Windows Defender => entry should be fixed outside recovery mode.
    Task: {CF91354F-FAAA-4FB4-BB79-F54C7B6936AB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File => Error: The entry should be fixed outside recovery mode.

    ==== End of Fixlog ====

    BUT THEN, I tried to run 1 more x and message came saying there is no fixlist as they must be in the same place , but they are ..all in folder on my desktop. HAD to DL into drive first as I was doing so from non infected PC.

    sigh

  15. #30
    Join Date
    Dec 2007
    Location
    Daly City, CA
    Posts
    22,550
    You did it incorrectly.
    Leave USB flash drive alone.

    We're are working from your Desktop now not from recovery mode.

    My instructions should be pretty clear...

    Download attached fixlist.txt file and save it to the Desktop.
    Please re-read and redo.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •