Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't Remove Free Cause TB


  • This topic is locked This topic is locked
8 replies to this topic

#1 kellis1231

kellis1231

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:09:07 AM

Posted 11 November 2014 - 08:14 AM

Each morning after Malawarebytes runs on my computer, i am told that it finds a potential threat called pup.freecausetb.a on my computer.  i have tried to remove this but am unable.  Can you please help.  i have attached the attach.text file and posted the dds.text file below.  Please let me know if there is any additional info i may provide.

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17207  BrowserJavaVersion: 10.55.2
Run by Kathy at 7:06:22 on 2014-11-11
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8065.1840 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
C:\Windows\system32\WLANExt.exe
C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\atashost.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\o2flash.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Google\Update\1.3.25.5\GoogleCrashHandler64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
C:\Users\Kathy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Users\Kathy\AppData\Local\Apps\2.0\VQP2MOR1.74X\15T8Q0MT.TM7\dell..tion_0f612f649c4a10af_0005.0005_9914611622934cec\DellSystemDetect.exe
C:\Program Files (x86)\AWS\WeatherBug\Weather.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\Kathy\AppData\Local\Akamai\netsession_win.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Kathy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSPortMonitorCommunicator.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\splwow64.exe
C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Sage\Peachtree\Peachw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_189_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AcroBroker.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://nbcnews.com/
uSearch Bar = Preserve
uProxyOverride = <local>
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: FCToolbarURLSearchHook Class: {0401d021-6884-38a4-799a-42218374d1cc} - C:\Program Files (x86)\Verizon Point Builder\Helper.dll
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Verizon Point Builder: {8FA4A50E-A321-F5F4-39B4-2657AF170F0A} - C:\Program Files (x86)\Verizon Point Builder\Toolbar.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: &RoboForm Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [PeachtreePrefetcher.exe] C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe /configfile:peachtreeprefetcher.winstart.config
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [Sprint SmartView] "C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe" -a
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [ItalusUploader] C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Kathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Kathy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SMARTS~1.LNK - C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\YWNMON~1.LNK - C:\Program Files (x86)\Open JDK Explorer\ywnmon32.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: HideSCAVolume = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: DisableCAD = dword:1
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html
IE: Fill Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html
IE: Save Forms - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html
IE: Show RoboForm Toolbar - C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
Trusted Zone: dell.com
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://qtinstall.apple.com/qtactivex/qtplugin.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\2656C6B696E6E2833653E2765756374737 : DHCPNameServer = 192.168.169.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\3416D696C6C65637 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\7516473707163656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\A454646475144535F4E484F4D45435 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\A47584F575966496 : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\C4453475946494 : DHCPNameServer = 10.254.11.2 192.1.168.40
TCP: Interfaces\{048152AF-FDB7-41B8-9192-5026B23AE17D}\D41646463707163656 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{48698ABD-E98B-47DB-ADF9-261D74EA942C} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{DC00BABB-1224-480B-A18B-1105D491CB0B} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{DC500135-1F63-4F26-9A40-EF6E735DC776} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Authentication Packages =  msv1_0 wvauth
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RoboForm Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: &RoboForm Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
x64-Run: [TdmNotify] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
x64-Run: [DFEPApplication] C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: spba - C:\Program Files\Common Files\SPBA\homefus2.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2013-9-29 20464]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2013-9-29 22128]
R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2013-12-3 117544]
R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2011-11-30 163840]
R2 DFEPService;Dell Feature Enhancement Pack Service;C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2012-8-15 2280504]
R2 EmbassyService;EmbassyService;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [2013-3-11 231792]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-9-29 13632]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-9-29 167736]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-10 1871160]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-10 968504]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 PbaDrvSvc_x64;Dell PBA x64 Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [2013-1-21 21504]
R2 psqlWGE;Pervasive PSQL Workgroup Engine;C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [2013-1-8 436040]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [2013-2-26 1773056]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2013-9-29 176096]
R3 dcdbas;System Management Driver;C:\Windows\System32\drivers\dcdbas64.sys [2012-9-23 39016]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-9-29 331264]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-9-29 358896]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-9-29 792560]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-10-15 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-10 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-10 63704]
R3 O2SDJRDR;O2SDJRDR;C:\Windows\System32\drivers\o2sdjw7x64.sys [2013-9-29 85336]
R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2013-9-29 68208]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-8 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 WvPCR;WvPCR;C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [2013-3-8 254824]
S3 CASprint;Sprint Con App Svc;C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [2008-10-15 124160]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-9-29 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-2 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:\Windows\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;HTC Diagnostic Port;C:\Windows\System32\drivers\HtcVComV64.sys [2010-3-8 121800]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-10 111616]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 366600]
S3 O2MDFRDR;O2MDFRDR;C:\Windows\System32\drivers\o2mdfw7x64.sys [2013-9-29 72808]
S3 O2MDRRDR;O2MDRRDR;C:\Windows\System32\drivers\O2MDRw7x64.sys [2013-9-29 74984]
S3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;C:\Windows\System32\PCTINDIS5X64.sys [2008-10-15 43032]
S3 Sage 50 SmartPosting 2015;Sage 50 SmartPosting 2015;C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2015.exe [2014-2-10 335664]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 swHMnet00;NETGEAR WMI USB-NDIS HM miniport device;C:\Windows\System32\drivers\swHMnet00.sys [2013-4-30 377616]
S3 swHMser00;NETGEAR QMI USB Device for IPT Legacy Serial Port Communication;C:\Windows\System32\drivers\swHMser00.sys [2013-4-1 269872]
S3 swHMserIPT00;NETGEAR QMI USB Device for IPT2 Legacy Serial Port Communication;C:\Windows\System32\drivers\swHMserIPT00.sys [2013-4-1 269872]
S3 swHMwdmbusIPT00SER64;NETGEAR USB Bus Service IPT2;C:\Windows\System32\drivers\swHMwdmbusIPT00.sys [2013-7-11 115448]
S3 swiwdmbx;NETGEAR USB Bus Service;C:\Windows\System32\drivers\swiwdmbx.sys [2013-4-18 114424]
S3 swiwdmbxhs;NETGEAR HS USB Bus Service;C:\Windows\System32\drivers\swiwdmbxhs.sys [2013-4-18 114424]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
.
=============== Created Last 30 ================
.
2014-11-11 08:01:07 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BE918A76-854A-4F6B-872E-5BE8C5228F03}\offreg.dll
2014-11-11 07:59:20 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BE918A76-854A-4F6B-872E-5BE8C5228F03}\mpengine.dll
2014-11-10 14:44:53 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-10 07:28:04 5 ----a-w- C:\Windows\SysWow64\lMMLDeleteUserData42107612FX.tmp
2014-10-17 23:11:16 -------- d-----w- C:\Program Files\iPod
2014-10-17 23:11:15 -------- d-----w- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-17 23:11:15 -------- d-----w- C:\Program Files\iTunes
2014-10-17 23:11:15 -------- d-----w- C:\Program Files (x86)\iTunes
.
==================== Find3M  ====================
.
2014-11-11 12:04:09 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-11-09 14:42:28 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-09 14:42:28 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-01 16:11:26 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-10-01 16:11:16 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-10-01 16:11:12 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-09-24 06:04:12 3675824 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2014-08-26 17:14:38 122584 ----a-w- C:\Windows\System32\drivers\48230029.sys
2014-08-16 04:35:00 6112072 ----a-w- C:\Windows\System32\usbaaplrc.dll
2014-08-16 04:35:00 54784 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
.
============= FINISH:  7:07:37.33 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:07 AM

Posted 16 November 2014 - 10:00 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555688 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Bootsektor

Bootsektor

  • Malware Response Team
  • 216 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Northern Germany
  • Local time:04:07 PM

Posted 17 November 2014 - 01:57 AM

Hello and :welcome: on bleeping computer
My name is Sandra and I will help you with your problem.
  • Please follow my instructions in the order they are given
  • Read the instructions carefully before you start. If you get in trouble or do not understand what is to do then stop with the execution and describe the problem as good as you can
  • Do only run Scans which I advise to you
  • Do not do crossposting (Posting in different forums)
  • Do not de- or install software during removal, expect I advisted that to you
  • Please post all logfiles as a reply instead of attaching them unless I asked you for do so. If the files are too big then use more posts, thanks
  • Please keep in mind that we are all doing this here in our freetime, if I do not reply within 48 hours, feel free to send me a PM
Please notice: I am Malware Study Hall Senior, that means all of my answers will reviewed by an expert before I can post them here. Therefore it could be, that there is a little delay in my answering.

Step 1

Scan with FRST
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was runing from.
  • Please copy and paste these logs in your next reply.

regards,

 

Sandra


#4 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:09:07 AM

Posted 17 November 2014 - 08:11 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Kathy (administrator) on KATHY-DELL on 17-11-2014 07:00:28
Running from C:\Users\Kathy\Desktop
Loaded Profile: Kathy (Available profiles: Kathy)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(O2Micro International) C:\Windows\System32\o2flash.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSPortMonitorCommunicator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
(Sage Software, Inc.) C:\Program Files (x86)\Sage\Peachtree\Peachw.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\POWERPNT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_223_ActiveX.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [698712 2013-02-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1702912 2013-02-05] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7469568 2012-01-18] (Dell Inc.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [371024 2013-03-05] (Wave Systems Corp.)
HKLM\...\Run: [DFEPApplication] => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe [7077432 2012-08-15] (Dell Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [132920 2013-05-30] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [462974 2011-12-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [PeachtreePrefetcher.exe] => C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe [320816 2014-08-27] (Sage Software, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Sprint SmartView] => C:\Program Files (x86)\Sprint\Sprint SmartView\SprintSV.exe [17664 2008-10-15] (Sprint)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ItalusUploader] => C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe [398336 2013-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\MountPoints2: {0f0e9eea-f702-11e3-93a3-f01faf44cea5} - E:\win\setup.exe -ap
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\MountPoints2: {325c6722-0bf1-11e4-941e-f01faf44cea5} - E:\win\setup.exe -ap
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\MountPoints2: {57529b4d-268f-11e4-86fc-f01faf44cea5} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\MountPoints2: {57529ca3-268f-11e4-86fc-f01faf44cea5} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\MountPoints2: {eb51258e-3730-11e3-b1e5-f01faf44cea5} - E:\WIN\setup.exe
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ywnmon32.exe.lnk
ShortcutTarget: ywnmon32.exe.lnk -> C:\Program Files (x86)\Open JDK Explorer\ywnmon32.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-131966151-3302212014-2491148485-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://nbcnews.com/
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
HKU\S-1-5-21-131966151-3302212014-2491148485-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.weather.com/weather/today/USTX0512:1:US
https://www.google.com/
URLSearchHook: HKCU - Default Value = {0401d021-6884-38a4-799a-42218374d1cc}
URLSearchHook: HKCU - FCToolbarURLSearchHook Class - {0401d021-6884-38a4-799a-42218374d1cc} - C:\Program Files (x86)\Verizon Point Builder\Helper.dll ()
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BF9ED46-938F-47F1-89E9-C1FF6BB3C666} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9BF9ED46-938F-47F1-89E9-C1FF6BB3C666} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - {9BF9ED46-938F-47F1-89E9-C1FF6BB3C666} URL =
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Verizon Point Builder -> {8FA4A50E-A321-F5F4-39B4-2657AF170F0A} -> C:\Program Files (x86)\Verizon Point Builder\Toolbar.dll ()
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-131966151-3302212014-2491148485-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKU\S-1-5-21-131966151-3302212014-2491148485-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://qtinstall.apple.com/qtactivex/qtplugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-13]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.nbcnews.com/
CHR StartupUrls: Default -> "hxxp://www.nbcnews.com/", "hxxp://www.weather.com/weather/today/78628:4:US"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-24]
CHR Extension: (Google Drive) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-24]
CHR Extension: (Google Search) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-24]
CHR Extension: (Houzz Bookmarklet) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjpekndimioildjhjfglcdgpahjoich [2014-07-31]
CHR Extension: (Awesome Weather Widget [ANTP]) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\goeepbfnllchoihkoiecpkkekbpfiboc [2014-07-15]
CHR Extension: (Pin It Button) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-10-26]
CHR Extension: (Lose It!) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn [2014-05-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-03]
CHR Extension: (Awesome New Tab Page) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2014-07-15]
CHR Extension: (Google Wallet) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24]
CHR Extension: (Instagram for Chrome) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-11-02]
CHR Extension: (Gmail) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-24]
CHR Extension: (RoboForm) - C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-05-18]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-05-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [163840 2011-11-30] (Broadcom Corporation) [File not signed]
S3 CASprint; C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe [124160 2008-10-15] (PCTEL)
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [167736 2013-05-30] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2013-07-18] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-07-18] (Microsoft Corporation)
R2 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 psqlWGE; C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe [436040 2013-01-08] (Pervasive Software Inc.)
S3 Sage 50 SmartPosting 2015; C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2015.exe [335664 2014-08-27] (Sage Software, Inc.)
S3 SprintRcAppSvc; C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe [111872 2008-10-15] (PCTEL)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed]
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6157312 2012-01-18] (Dell Inc.) [File not signed]
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2008-10-15] (PCTEL Inc.)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [30336 2007-01-18] (Research in Motion Ltd)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
S3 swHMnet00; C:\Windows\System32\DRIVERS\swHMnet00.sys [377616 2013-04-30] (Sierra Wireless Incorporated)
S3 swHMser00; C:\Windows\System32\DRIVERS\swHMser00.sys [269872 2013-04-01] (Sierra Wireless Incorporated)
S3 swHMserIPT00; C:\Windows\System32\DRIVERS\swHMserIPT00.sys [269872 2013-04-01] (Sierra Wireless Incorporated)
S3 swHMwdmbusIPT00SER64; C:\Windows\System32\DRIVERS\swHMwdmbusIPT00.sys [115448 2013-07-11] (NETGEAR)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx.sys [114424 2013-04-18] (Sierra Wireless Inc.)
S3 swiwdmbxhs; C:\Windows\System32\DRIVERS\swiwdmbxhs.sys [114424 2013-04-18] (Sierra Wireless Inc.)
S3 swmsflt; C:\Windows\System32\drivers\swmsflt.sys [28808 2008-10-15] ()
S3 SWNC5E00; C:\Windows\System32\DRIVERS\SWNC5E00.sys [202248 2008-10-15] (Sierra Wireless Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 07:00 - 2014-11-17 07:01 - 00031497 _____ () C:\Users\Kathy\Desktop\FRST.txt
2014-11-17 06:59 - 2014-11-17 07:00 - 00000000 ____D () C:\FRST
2014-11-17 06:55 - 2014-11-17 06:55 - 02117120 _____ (Farbar) C:\Users\Kathy\Desktop\FRST64.exe
2014-11-17 06:54 - 2014-11-17 06:54 - 02117120 _____ (Farbar) C:\Users\Kathy\Downloads\FRST64.exe
2014-11-17 06:50 - 2014-11-17 06:53 - 00000000 ___HT () C:\Users\Kathy\Documents\~archive.pst.tmp
2014-11-16 18:58 - 2014-11-17 00:25 - 00589824 ___HT () C:\Users\Kathy\Documents\~Outlook.pst.tmp
2014-11-15 11:14 - 2014-11-15 11:14 - 00000165 ____H () C:\Users\Kathy\Desktop\~$cash.xlsx
2014-11-11 07:07 - 2014-11-11 07:08 - 00042278 _____ () C:\Users\Kathy\Desktop\attach.txt
2014-11-11 07:07 - 2014-11-11 07:08 - 00029353 _____ () C:\Users\Kathy\Desktop\dds.txt
2014-11-11 07:05 - 2014-11-11 07:05 - 00688992 ____R (Swearware) C:\Users\Kathy\Downloads\dds.com
2014-11-10 01:28 - 2014-11-10 01:28 - 00000005 _____ () C:\Windows\SysWOW64\lMMLDeleteUserData42107612FX.tmp
2014-11-09 11:14 - 2014-11-09 11:14 - 00000000 ____D () C:\Users\Kathy\Documents\Donna Reimbursements
2014-11-09 07:39 - 2014-11-09 07:39 - 00000010 _____ () C:\Users\Kathy\Downloads\{8248247F-6DD7-40D0-B721-D959BDA147D4}.tmp
2014-11-06 20:55 - 2014-11-06 20:55 - 789212003 _____ () C:\Windows\MEMORY.DMP
2014-11-06 20:55 - 2014-11-06 20:55 - 00283400 _____ () C:\Windows\Minidump\110614-46035-01.dmp
2014-11-02 18:43 - 2014-11-02 18:43 - 00094855 _____ () C:\Users\Kathy\Downloads\reportError.jsp&configFile=WFServletConfig.xml
2014-11-01 09:10 - 2014-11-01 09:10 - 00126400 _____ () C:\Users\Kathy\Desktop\PUNCH LIST MASTER 103114.xlsx
2014-10-31 16:54 - 2014-10-31 16:54 - 00000003 _____ () C:\Users\Kathy\Downloads\text_0.txt
2014-10-31 16:54 - 2014-10-31 16:54 - 00000003 _____ () C:\Users\Kathy\Downloads\text_0 (1).txt
2014-10-28 12:10 - 2014-10-28 12:10 - 00003540 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - 0442f75b81c44a068858513c33650c2189ccdeef81a44255959ace909bf47c50
2014-10-28 12:04 - 2014-10-28 12:04 - 00003540 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - 3a027e4ed566437f8c8683334529c87be8c0bf88c18847e4b0238df93b27d826
2014-10-28 11:59 - 2014-10-28 11:59 - 00003540 _____ () C:\Windows\System32\Tasks\HP AR Program Upload - 872628b619f948758711f6353e2ed7dc70d8103fee33408580c9449a46d610a4
2014-10-25 06:43 - 2014-10-25 06:43 - 00093309 _____ () C:\Users\Kathy\Desktop\PUNCH LIST - Horton 102514.xlsx
2014-10-24 06:04 - 2014-10-24 06:04 - 00319405 _____ () C:\Users\Kathy\Downloads\13037_Zen_Garden.zip
2014-10-23 11:13 - 2014-10-23 11:13 - 04899147 _____ () C:\Users\Kathy\Downloads\chemcore_images(homeplace).zip
2014-10-23 11:10 - 2014-10-23 11:10 - 01683842 _____ () C:\Users\Kathy\Downloads\chemcore_line-drawings(homeplace).zip
2014-10-22 20:22 - 2014-10-22 20:22 - 00014557 _____ () C:\Users\Kathy\Desktop\Copy of Window Changes- spreadsheet.xlsx
2014-10-22 17:52 - 2014-10-22 17:52 - 00462848 _____ () C:\Users\Kathy\Downloads\IMG_1031.jpeg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-17 07:00 - 2014-08-06 18:04 - 00005014 _____ () C:\Windows\System32\Tasks\WSCEAA
2014-11-17 06:58 - 2013-10-12 16:27 - 1757586432 _____ () C:\Users\Kathy\Documents\Outlook.pst
2014-11-17 06:55 - 2013-09-29 06:02 - 02005469 _____ () C:\Windows\WindowsUpdate.log
2014-11-17 06:53 - 2012-08-12 14:22 - 2030994432 _____ () C:\Users\Kathy\Documents\archive.pst
2014-11-17 06:48 - 2013-10-10 09:57 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-17 06:04 - 2014-07-10 21:01 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-17 06:04 - 2013-09-29 06:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-17 05:57 - 2013-12-22 09:06 - 00000000 ____D () C:\Users\Kathy\AppData\Local\9E9E7438-E028-458B-AC97-7C766FC765BB.aplzod
2014-11-16 11:48 - 2013-10-10 09:57 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 13:04 - 2013-09-29 06:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-15 13:04 - 2013-09-29 06:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-15 13:04 - 2013-09-29 06:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-15 11:02 - 2012-08-12 14:01 - 00000000 ____D () C:\Users\Kathy\Documents\Backcharges
2014-11-15 10:49 - 2013-02-11 14:03 - 00000000 ____D () C:\Users\Kathy\Documents\Personal
2014-11-14 21:12 - 2013-12-03 18:52 - 00000000 ____D () C:\Users\Kathy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-14 21:12 - 2013-12-03 18:51 - 00000000 ____D () C:\Users\Kathy\AppData\Roaming\Dropbox
2014-11-14 21:12 - 2012-08-12 14:08 - 00000000 ___RD () C:\Users\Kathy\Documents\My Dropbox
2014-11-14 19:09 - 2009-07-13 22:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 19:09 - 2009-07-13 22:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 11:43 - 2013-10-10 09:57 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-14 11:43 - 2013-10-10 09:57 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 17:10 - 2009-07-13 23:13 - 00787770 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 17:04 - 2014-07-24 13:00 - 00019861 _____ () C:\Windows\setupact.log
2014-11-13 17:04 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 17:04 - 2009-07-13 22:45 - 00478056 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 17:03 - 2014-07-24 13:00 - 00016084 _____ () C:\Windows\PFRO.log
2014-11-13 17:03 - 2013-10-10 09:57 - 00000000 ____D () C:\Program Files\Google
2014-11-13 17:03 - 2013-10-10 09:57 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-13 17:01 - 2013-10-12 20:39 - 02660027 _____ () C:\Windows\PeachWLog.XML
2014-11-13 16:52 - 2014-07-24 12:57 - 00003596 _____ () C:\Windows\certutil.log
2014-11-13 11:36 - 2014-07-25 01:12 - 00000000 ___RD () C:\Users\Kathy\Google Drive
2014-11-12 20:56 - 2012-08-12 14:08 - 00000000 ____D () C:\Users\Kathy\Documents\Loans
2014-11-12 20:56 - 2012-08-12 14:01 - 00000000 ____D () C:\Users\Kathy\Documents\Customer Files and Master Forms
2014-11-12 15:12 - 2013-12-20 11:25 - 00014302 _____ () C:\Users\Kathy\Desktop\cash.xlsx
2014-11-12 15:12 - 2013-05-08 06:27 - 00000000 ____D () C:\Users\Kathy\Documents\Financials 13
2014-11-10 07:05 - 2013-10-10 08:13 - 00121192 _____ () C:\Users\Kathy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-10 01:29 - 2014-08-18 17:27 - 00000000 ____D () C:\Users\Kathy\AppData\Local\HTC MediaHub
2014-11-10 01:28 - 2014-08-18 17:27 - 00000000 ____D () C:\Users\Kathy\AppData\Roaming\HTC
2014-11-10 01:28 - 2014-08-18 17:16 - 00000000 ____D () C:\Program Files (x86)\HTC
2014-11-10 01:28 - 2014-08-18 17:15 - 00000000 ____D () C:\ProgramData\HTC
2014-11-10 01:26 - 2014-08-18 17:16 - 00046184 _____ () C:\Windows\DPINST.LOG
2014-11-10 01:23 - 2013-10-10 09:56 - 00000000 ____D () C:\Users\Kathy\AppData\Local\Google
2014-11-09 10:41 - 2012-08-12 14:21 - 00000000 ____D () C:\Users\Kathy\Documents\RECEIPTS
2014-11-09 10:02 - 2012-08-12 14:21 - 00000000 ____D () C:\Users\Kathy\Documents\Vendor
2014-11-09 09:56 - 2013-10-10 16:50 - 00000000 ____D () C:\Users\Kathy\AppData\Local\Adobe
2014-11-06 21:05 - 2012-08-12 14:21 - 00000000 ____D () C:\Users\Kathy\Documents\PT BACKUPS
2014-11-06 20:55 - 2013-10-12 11:24 - 00000000 ____D () C:\Windows\Minidump
2014-11-04 11:45 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-11-03 13:47 - 2014-07-15 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-02 03:15 - 2013-11-19 11:51 - 00000000 ____D () C:\Users\Kathy\AppData\Local\WeatherBug
2014-11-01 09:03 - 2012-08-12 14:01 - 00000000 ____D () C:\Users\Kathy\Documents\American Express
2014-10-30 05:25 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-25 05:45 - 2014-07-10 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-25 05:45 - 2014-07-10 21:00 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

Files to move or delete:
====================
C:\Users\Kathy\gotomypc_626.exe

Some content of TEMP:
====================
C:\Users\Kathy\AppData\Local\Temp\00zhwaid.dll
C:\Users\Kathy\AppData\Local\Temp\02ezr3md.dll
C:\Users\Kathy\AppData\Local\Temp\045mghl3.dll
C:\Users\Kathy\AppData\Local\Temp\0dm3uhjb.dll
C:\Users\Kathy\AppData\Local\Temp\0ht3ghvf.dll
C:\Users\Kathy\AppData\Local\Temp\0jouwiqt.dll
C:\Users\Kathy\AppData\Local\Temp\0qqetifi.dll
C:\Users\Kathy\AppData\Local\Temp\1cf3dtlu.dll
C:\Users\Kathy\AppData\Local\Temp\1jgr4irc.dll
C:\Users\Kathy\AppData\Local\Temp\1lpstvpa.dll
C:\Users\Kathy\AppData\Local\Temp\1toslboc.dll
C:\Users\Kathy\AppData\Local\Temp\1ufqita1.dll
C:\Users\Kathy\AppData\Local\Temp\1zoijvek.dll
C:\Users\Kathy\AppData\Local\Temp\2huqawqb.dll
C:\Users\Kathy\AppData\Local\Temp\2jwftc1u.dll
C:\Users\Kathy\AppData\Local\Temp\2vcnyevl.dll
C:\Users\Kathy\AppData\Local\Temp\3eg3p15b.dll
C:\Users\Kathy\AppData\Local\Temp\3ek0hcrq.dll
C:\Users\Kathy\AppData\Local\Temp\3iauf02x.dll
C:\Users\Kathy\AppData\Local\Temp\3sr5o4ck.dll
C:\Users\Kathy\AppData\Local\Temp\42zskiij.dll
C:\Users\Kathy\AppData\Local\Temp\4rgguaof.dll
C:\Users\Kathy\AppData\Local\Temp\4w01aaq3.dll
C:\Users\Kathy\AppData\Local\Temp\52ttuzpx.dll
C:\Users\Kathy\AppData\Local\Temp\54e2bf4b.dll
C:\Users\Kathy\AppData\Local\Temp\555s2lcu.dll
C:\Users\Kathy\AppData\Local\Temp\5bxwykio.dll
C:\Users\Kathy\AppData\Local\Temp\5dftx4cn.dll
C:\Users\Kathy\AppData\Local\Temp\5hhupgip.dll
C:\Users\Kathy\AppData\Local\Temp\5mkf5nth.dll
C:\Users\Kathy\AppData\Local\Temp\5rplxprg.dll
C:\Users\Kathy\AppData\Local\Temp\5xarbssk.dll
C:\Users\Kathy\AppData\Local\Temp\abcjntpq.dll
C:\Users\Kathy\AppData\Local\Temp\abdujasm.dll
C:\Users\Kathy\AppData\Local\Temp\amvsovk0.dll
C:\Users\Kathy\AppData\Local\Temp\atepgnkx.dll
C:\Users\Kathy\AppData\Local\Temp\banwuaio.dll
C:\Users\Kathy\AppData\Local\Temp\bkrzk4fb.dll
C:\Users\Kathy\AppData\Local\Temp\bksw35nq.dll
C:\Users\Kathy\AppData\Local\Temp\bu1mstp3.dll
C:\Users\Kathy\AppData\Local\Temp\bwxa4zvm.dll
C:\Users\Kathy\AppData\Local\Temp\c4jnscue.dll
C:\Users\Kathy\AppData\Local\Temp\cuzegwei.dll
C:\Users\Kathy\AppData\Local\Temp\cw2j4db4.dll
C:\Users\Kathy\AppData\Local\Temp\d2wnj3qp.dll
C:\Users\Kathy\AppData\Local\Temp\d3fhnavq.dll
C:\Users\Kathy\AppData\Local\Temp\d4ktv311.dll
C:\Users\Kathy\AppData\Local\Temp\d53hwoi5.dll
C:\Users\Kathy\AppData\Local\Temp\dc01wcfz.dll
C:\Users\Kathy\AppData\Local\Temp\dfus2z0q.dll
C:\Users\Kathy\AppData\Local\Temp\di1otc0z.dll
C:\Users\Kathy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3exrfd.dll
C:\Users\Kathy\AppData\Local\Temp\eidbqgko.dll
C:\Users\Kathy\AppData\Local\Temp\eifas033.dll
C:\Users\Kathy\AppData\Local\Temp\epilxwac.dll
C:\Users\Kathy\AppData\Local\Temp\evgus2r2.dll
C:\Users\Kathy\AppData\Local\Temp\evgyrl2d.dll
C:\Users\Kathy\AppData\Local\Temp\evxff4yv.dll
C:\Users\Kathy\AppData\Local\Temp\ew00lnvk.dll
C:\Users\Kathy\AppData\Local\Temp\ewtcvvhw.dll
C:\Users\Kathy\AppData\Local\Temp\ezymmci0.dll
C:\Users\Kathy\AppData\Local\Temp\fabpr5gb.dll
C:\Users\Kathy\AppData\Local\Temp\ffblr4rn.dll
C:\Users\Kathy\AppData\Local\Temp\fnmxhbgd.dll
C:\Users\Kathy\AppData\Local\Temp\fqeqeljq.dll
C:\Users\Kathy\AppData\Local\Temp\frdjtmiw.dll
C:\Users\Kathy\AppData\Local\Temp\fwijs1fm.dll
C:\Users\Kathy\AppData\Local\Temp\g2amcvpg.dll
C:\Users\Kathy\AppData\Local\Temp\gfrbi4yo.dll
C:\Users\Kathy\AppData\Local\Temp\gmkf2w1w.dll
C:\Users\Kathy\AppData\Local\Temp\gtvqermn.dll
C:\Users\Kathy\AppData\Local\Temp\gzi1szms.dll
C:\Users\Kathy\AppData\Local\Temp\h5sc2d03.dll
C:\Users\Kathy\AppData\Local\Temp\i0pbo5sy.dll
C:\Users\Kathy\AppData\Local\Temp\iltimrba.dll
C:\Users\Kathy\AppData\Local\Temp\ioshsflf.dll
C:\Users\Kathy\AppData\Local\Temp\iug1dxgp.dll
C:\Users\Kathy\AppData\Local\Temp\iuhxjneq.dll
C:\Users\Kathy\AppData\Local\Temp\jdebaaxe.dll
C:\Users\Kathy\AppData\Local\Temp\k20tm5yi.dll
C:\Users\Kathy\AppData\Local\Temp\k4ktn0cx.dll
C:\Users\Kathy\AppData\Local\Temp\kbf5dbmz.dll
C:\Users\Kathy\AppData\Local\Temp\kc3qtynw.dll
C:\Users\Kathy\AppData\Local\Temp\kic1plo5.dll
C:\Users\Kathy\AppData\Local\Temp\kriolrjv.dll
C:\Users\Kathy\AppData\Local\Temp\l4yncwcj.dll
C:\Users\Kathy\AppData\Local\Temp\lsoocmux.dll
C:\Users\Kathy\AppData\Local\Temp\lsxxgs4x.dll
C:\Users\Kathy\AppData\Local\Temp\lyvznz1n.dll
C:\Users\Kathy\AppData\Local\Temp\medwykbw.dll
C:\Users\Kathy\AppData\Local\Temp\mq0tyyj0.dll
C:\Users\Kathy\AppData\Local\Temp\mqltbvvs.dll
C:\Users\Kathy\AppData\Local\Temp\mquvwjvo.dll
C:\Users\Kathy\AppData\Local\Temp\mw2ciqn4.dll
C:\Users\Kathy\AppData\Local\Temp\nau0dlxh.dll
C:\Users\Kathy\AppData\Local\Temp\nig1btwp.dll
C:\Users\Kathy\AppData\Local\Temp\o0fgfk2e.dll
C:\Users\Kathy\AppData\Local\Temp\ochelper.exe
C:\Users\Kathy\AppData\Local\Temp\ocr21feu.dll
C:\Users\Kathy\AppData\Local\Temp\of4tt2if.dll
C:\Users\Kathy\AppData\Local\Temp\ok3by5oj.dll
C:\Users\Kathy\AppData\Local\Temp\or5achjb.dll
C:\Users\Kathy\AppData\Local\Temp\orkuusp5.dll
C:\Users\Kathy\AppData\Local\Temp\otra0nj1.dll
C:\Users\Kathy\AppData\Local\Temp\oucjqiro.dll
C:\Users\Kathy\AppData\Local\Temp\oyqzxy3i.dll
C:\Users\Kathy\AppData\Local\Temp\pe2z4aay.dll
C:\Users\Kathy\AppData\Local\Temp\pkmwbsku.dll
C:\Users\Kathy\AppData\Local\Temp\puxja0xz.dll
C:\Users\Kathy\AppData\Local\Temp\pvy4y4mc.dll
C:\Users\Kathy\AppData\Local\Temp\pwtvv2hv.dll
C:\Users\Kathy\AppData\Local\Temp\pxja5zaj.dll
C:\Users\Kathy\AppData\Local\Temp\q0wwe3vg.dll
C:\Users\Kathy\AppData\Local\Temp\q5bjvw3n.dll
C:\Users\Kathy\AppData\Local\Temp\qepw22jt.dll
C:\Users\Kathy\AppData\Local\Temp\r1p30jsz.dll
C:\Users\Kathy\AppData\Local\Temp\rog0z4df.dll
C:\Users\Kathy\AppData\Local\Temp\rp5mmrfs.dll
C:\Users\Kathy\AppData\Local\Temp\rq1vxu3c.dll
C:\Users\Kathy\AppData\Local\Temp\sjb44pkl.dll
C:\Users\Kathy\AppData\Local\Temp\t2ythros.dll
C:\Users\Kathy\AppData\Local\Temp\tdx2g4d3.dll
C:\Users\Kathy\AppData\Local\Temp\tespqwli.dll
C:\Users\Kathy\AppData\Local\Temp\ticthkqg.dll
C:\Users\Kathy\AppData\Local\Temp\ttsgsw4t.dll
C:\Users\Kathy\AppData\Local\Temp\twovptzw.dll
C:\Users\Kathy\AppData\Local\Temp\ty1fqagv.dll
C:\Users\Kathy\AppData\Local\Temp\u31gii54.dll
C:\Users\Kathy\AppData\Local\Temp\u3w0g10q.dll
C:\Users\Kathy\AppData\Local\Temp\uulpvtsw.dll
C:\Users\Kathy\AppData\Local\Temp\v00rfqku.dll
C:\Users\Kathy\AppData\Local\Temp\vhvlftjm.dll
C:\Users\Kathy\AppData\Local\Temp\vxcg35jg.dll
C:\Users\Kathy\AppData\Local\Temp\vywtb5og.dll
C:\Users\Kathy\AppData\Local\Temp\w0ogco3s.dll
C:\Users\Kathy\AppData\Local\Temp\wrn2cokq.dll
C:\Users\Kathy\AppData\Local\Temp\wvmunqqq.dll
C:\Users\Kathy\AppData\Local\Temp\wzirn4rd.dll
C:\Users\Kathy\AppData\Local\Temp\xb21ebqa.dll
C:\Users\Kathy\AppData\Local\Temp\xgq1q15r.dll
C:\Users\Kathy\AppData\Local\Temp\xngr0fsi.dll
C:\Users\Kathy\AppData\Local\Temp\ydr0jljh.dll
C:\Users\Kathy\AppData\Local\Temp\yhsqrand.dll
C:\Users\Kathy\AppData\Local\Temp\ylzcuryo.dll
C:\Users\Kathy\AppData\Local\Temp\yrxvcpjm.dll
C:\Users\Kathy\AppData\Local\Temp\ysyobhje.dll
C:\Users\Kathy\AppData\Local\Temp\zb3php0a.dll
C:\Users\Kathy\AppData\Local\Temp\zcbzwdu2.dll
C:\Users\Kathy\AppData\Local\Temp\zhisynzm.dll
C:\Users\Kathy\AppData\Local\Temp\zhsslhlv.dll
C:\Users\Kathy\AppData\Local\Temp\zm2ogmsl.dll
C:\Users\Kathy\AppData\Local\Temp\zuncjohh.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-15 00:17

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2014 03
Ran by Kathy at 2014-11-17 07:01:27
Running from C:\Users\Kathy\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
941Express 2014 (HKLM-x32\...\{443970AC-5D4F-411F-A5CF-39A92DF5E417}) (Version: 5.3.8 - Lewis Software Associates LLC)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.10 - Adobe Systems)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec WinBio FingerPrint Software 64-bit (Version: 3.4.2.1016 - AuthenTec, Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0C518F4B-8D5A-47A6-A1E2-B3F371486118}) (Version: 15.2.1.3 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Crystal Reports 2008 Runtime SP1 (HKLM-x32\...\{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}) (Version: 12.1.0.882 - Business Objects)
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00003.072 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell)
Dell System Detect (HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\9204f5692a8faf3b) (Version: 5.5.0.19 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.127 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.03.00.078 - Wave Systems Corp.) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.100.82.124 - Dell Inc.)
eDrawings 2014 x64 (HKLM\...\{64B02BFF-CA6E-4E97-9F45-0BA62DB1EE99}) (Version: 14.4.105 - Dassault Systèmes SolidWorks Corp)
EMBASSY Client Core (Version: 01.03.00.123 - Wave Systems Corp.) Hidden
ERAS Connector (Version: 02.09.05.0335 - Wave Systems Corp) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Designjet ePrint & Share (HKLM-x32\...\{4D1B7E4E-47B1-40E3-9E15-C50E42D81610}) (Version: 1.0.7 - Hewlett-Packard)
HP Designjet T120 and T520 ePrinter Series (HKLM-x32\...\HPAmpereXL) (Version:  - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{BF09A017-54F4-46BC-AF54-F6DA0D7486D3}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Basic Device Software (HKLM\...\{B407F586-D027-45C3-9109-CC2943E839FA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Help (HKLM-x32\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6600 Product Improvement Study (HKLM\...\{9DD732B9-9B16-4F28-8E21-4AB5E40AF7DE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP T120 and T520 series ICC Profiles (HKLM\...\{4F9E7F57-1D06-4B50-9691-813F87C655B8}) (Version: 2.0.0 - Hewlett Packard, Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Web Registration (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.2.0.0 - Hewlett Packard, Co.)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Media Manager for WALKMAN 1.2 (HKLM-x32\...\{5A6ED905-D19D-4954-8499-0DAF386460F7}) (Version: 1.2.771 - Sony)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR 341U USB Modem Driver Package (HKLM-x32\...\AC341UDrvInstaller) (Version: 1.2.1306.3859 - NETGEAR)
NETGEAR 34xU IPT2 USB Modem Driver Package (HKLM-x32\...\AC34xUIPT2DrvInstaller) (Version: 3.1.1310.3939-4 - NETGEAR)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
O2Micro OZ776 SCR Driver (Version: 2.1.4.223GS - O2Micro) Hidden
O2Micro OZ776 SCR Driver (x32 Version: 2.1.4.223GS - O2Micro) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PBA Driver-x64 (Version: 1.0.1.8 - Dell Inc.) Hidden
Pervasive PSQL v11 Workgroup (32-bit) (x32 Version: 11.30.057 - Pervasive Software) Hidden
Pervasive PSQL v11 Workgroup (32-bit) SP3 (HKLM-x32\...\Pervasive PSQL v11 Workgroup (32-bit)) (Version: 11.30.057 - Pervasive Software)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Preboot Manager (Version: 03.05.00.043 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.03.00.032 - Wave Systems Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RoboForm 7-9-6-7 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-6-7 - Siber Systems)
Sage 50 Accounting 2014 (x32 Version: 21.01.00 - Sage Software, Inc.) Hidden
Sage 50 Accounting 2015 (HKLM-x32\...\InstallShield_{F3A0C9F5-77DD-4DE2-A2DF-7DB0687BA092}) (Version: 22.00.00 - Sage Software, Inc.)
Sage 50 Accounting 2015 (x32 Version: 22.00.00 - Sage Software, Inc.) Hidden
Sage 50 Accounting Tax Forms (x32 Version: 13.4.18 - Sage Software SB, Inc.) Hidden
Sage 50 Accounting Update (x32 Version: 19.01.001 - Sage Software, Inc.) Hidden
Sage Integration Services (HKLM-x32\...\Integration Services) (Version: 2.2.2240 - Sage Technology)
SAP Crystal Reports runtime engine for .NET Framework 4 (32-bit) (HKLM-x32\...\{AAD476D7-FC64-40BC-85EA-0C1FD98D8375}) (Version: 13.0.3.612 - SAP)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
Spotify (HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Sprint SmartView (HKLM\...\{0FFD55FA-40CE-4B7F-9001-A06930C63FA2}) (Version: 1.20.0016.0 - Sprint)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0036 - ST Microelectronics)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
toolkit32for64bit (x32 Version: 7.70.13.0001 - Wave Systems Corp) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trusted Drive Manager (Version: 5.0.2.24 - Wave Systems Corp.) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.70.13.0001 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.024 - Wave Systems Corp) Hidden
WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.11 - Earth Networks, Inc.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Movie Maker Packages (HKU\S-1-5-21-131966151-3302212014-2491148485-1000\...\Windows Live Movie Maker Packages) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-131966151-3302212014-2491148485-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kathy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

08-11-2014 08:17:38 Windows Update
10-11-2014 07:25:53 Removed HTC Driver Installer.
11-11-2014 14:45:13 Windows Update
15-11-2014 01:53:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {016DEF64-9C27-4D56-B0F7-62409564F95D} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-05-18] (Siber Systems)
Task: {079268D0-E6ED-46A9-97B0-9725EC72FA7D} - System32\Tasks\{BAF90461-1558-483C-B247-B61763E791EB} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {18324AA8-2139-4FE1-ADF2-AD60BF452B4F} - System32\Tasks\HP AR Program Upload - 0442f75b81c44a068858513c33650c2189ccdeef81a44255959ace909bf47c50 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {19B088D7-FB8F-40C0-890B-4E48CA707853} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {203D9AB3-BCD2-4EA2-BAFC-E2019D00AF3B} - System32\Tasks\HP AR Program Upload - 3a027e4ed566437f8c8683334529c87be8c0bf88c18847e4b0238df93b27d826 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {3E79E237-C3D1-4902-B121-1223293287C6} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-11-28] (Wave Systems Corp.)
Task: {400A130F-DDFC-44F8-8EB3-9C8D435869E8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5BDCD759-01A6-4FA7-9801-084DA2930C98} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {61390C5D-D7EB-4DFC-A142-5E953C8C9403} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMKMMMMMKJMJOJLMLMCNOJMMNJJJCNLMIMMJNJCNNJKJGMMJCNKJHMLMMMIMLMOJMMGMJMNJMJJNJICMIMCNGMCNJMFMOMPMCNPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMNMOMGMJNHICMEKMICNJJCKJNBJCMELOJLIHJGIJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMLMIMGMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {70B2C942-6966-42D6-92CD-26AEED9A487F} - System32\Tasks\HP AR Program Upload - 872628b619f948758711f6353e2ed7dc70d8103fee33408580c9449a46d610a4 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {76F048E0-9199-413E-BF58-756FA799B468} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {7B3E6A28-AADE-4B22-9BEB-352B8E289285} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C0B03D8-92D3-4453-8153-298DE5F100E5} - System32\Tasks\HP AR Program Upload - c5ea692fb7b84b929e18cae417b0a8181551af9ea6b64bed96cdf760de3b5daf => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {9B1A48EB-EA03-4914-84F9-6FD630C3AB5F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {9E74EAF3-C876-4262-A35F-DC47E16D958F} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {A23433BA-BB51-4B36-A85D-BB30F4B64C02} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {AA688F74-48B3-4DC4-A4B3-D1DCED29DA37} - System32\Tasks\HP AR Program Upload - 8b31bdc747f34bc68b1bcdea80e70df39ad5ebb5f9854604b34db023e9ade137 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {B6C57E90-F82D-4E23-83DF-8EB3035A7FE5} - System32\Tasks\{11EB03D0-AEAA-44E5-AB3C-7B6826032098} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {B77F0C54-F220-400D-9F71-83E627C77C16} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {BC272648-0FDD-4176-9EDE-1DE0A69B5324} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-15] (Adobe Systems Incorporated)
Task: {C4778A02-7D5D-4CF4-8836-5222D14D5419} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {C814A457-658D-49D6-B181-E2397B9CA410} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {CE4A4AE8-68D4-4D9B-B2F5-763DF22FE79A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E362EE60-A629-4D92-9856-2C451BDF2C8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10] (Google Inc.)
Task: {E7FE1340-6D9E-4455-A838-48C67899F39E} - System32\Tasks\{1ED96AE0-EBBF-4263-8533-653CD259D30E} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {F45EB40D-9C0D-41F4-87FE-B05314A36E21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-11 09:05 - 2013-03-11 09:05 - 00231792 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2013-03-11 09:04 - 2013-03-11 09:04 - 00039280 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2012-05-11 08:47 - 2012-05-11 08:47 - 00003072 _____ () C:\Program Files (x86)\Security Innovation\SI TSS\bin\TspPopup_ENU.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-09-29 07:46 - 2012-03-26 21:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-05 10:29 - 2014-04-05 10:29 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2f069b57965f456c3c25fb82419a363d\IsdiInterop.ni.dll
2013-09-29 06:09 - 2012-05-30 12:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-09-29 06:07 - 2013-05-13 19:15 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-05-08 05:22 - 2014-05-08 05:22 - 00305520 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll
2012-07-27 14:51 - 2012-07-27 14:51 - 06549432 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\authplay.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-05-08 05:21 - 2014-05-08 05:21 - 02897280 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2011-02-18 09:04 - 2011-02-18 09:04 - 00196448 _____ () C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL
2014-10-11 12:05 - 2014-10-11 12:05 - 00237352 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-11-14 21:12 - 2014-11-14 21:12 - 00043008 _____ () c:\users\kathy\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp3exrfd.dll
2013-08-23 13:01 - 2013-08-23 13:01 - 25100288 _____ () C:\Users\Kathy\AppData\Roaming\Dropbox\bin\libcef.dll
2013-02-14 14:46 - 2013-02-14 14:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-10-27 22:44 - 2014-10-21 22:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 22:44 - 2014-10-21 22:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 22:44 - 2014-10-21 22:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 22:44 - 2014-10-21 22:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-27 22:44 - 2014-10-21 22:05 - 14902600 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2013-12-20 10:59 - 2013-12-20 10:59 - 01633280 _____ () C:\Program Files (x86)\Verizon Point Builder\Toolbar.dll
2013-12-20 11:00 - 2013-12-20 10:59 - 01633280 _____ () C:\Users\Kathy\AppData\LocalLow\FCTB000101035\Toolbar\Toolbar.dll
2013-12-20 10:59 - 2013-12-20 10:59 - 00361472 _____ () C:\Program Files (x86)\Verizon Point Builder\Helper.dll
2013-12-20 11:00 - 2013-12-20 10:59 - 00361472 _____ () C:\Users\Kathy\AppData\LocalLow\FCTB000101035\Toolbar\Helper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:58A5270D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-131966151-3302212014-2491148485-500 - Administrator - Disabled)
Guest (S-1-5-21-131966151-3302212014-2491148485-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-131966151-3302212014-2491148485-1007 - Limited - Enabled)
Kathy (S-1-5-21-131966151-3302212014-2491148485-1000 - Administrator - Enabled) => C:\Users\Kathy

==================== Faulty Device Manager Devices =============

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6600
Description: Officejet 6600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6600
Description: Officejet 6600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6600
Description: Officejet 6600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6600
Description: Officejet 6600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Deskjet 3050 J610 series
Description: Deskjet 3050 J610 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6600
Description: Officejet 6600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Designjet T120
Description: HP Designjet T120
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Officejet 6500 E710n-z
Description: Officejet 6500 E710n-z
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/16/2014 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (11/15/2014 09:14:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MDCrashReportTool.exe, version: 17.922.0.67, time stamp: 0x543300bf
Faulting module name: objc.dll, version: 1.528.0.120, time stamp: 0x5400227d
Exception code: 0xc0000005
Fault offset: 0x00006bed
Faulting process id: 0xb44
Faulting application start time: 0xMDCrashReportTool.exe0
Faulting application path: MDCrashReportTool.exe1
Faulting module path: MDCrashReportTool.exe2
Report Id: MDCrashReportTool.exe3

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: DNSServiceResolve          54:ea:a8:b3:24:4a@fe80::56ea:a8ff:feb3:244a._apple-mobdev2._tcp.local.

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Client unresponsive; aborting connection

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 608 seconds, 4 replies waiting

Error: (11/15/2014 03:34:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 592 seconds, 4 replies waiting

Error: (11/15/2014 03:34:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 580 seconds, 4 replies waiting

Error: (11/15/2014 03:34:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 576 seconds, 4 replies waiting

Error: (11/15/2014 03:34:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 562 seconds, 4 replies waiting

Error: (11/15/2014 03:34:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 555 seconds, 3 replies waiting

System errors:
=============
Error: (11/17/2014 02:32:07 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.187.2359.0).

Error: (11/17/2014 02:31:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.187.2359.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.3.0216.00

 Source Path: 4.3.0216.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (11/17/2014 02:31:28 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Microsoft Network Inspection service depends the following service: NisDrv. This service might not be installed.

Error: (11/17/2014 02:31:28 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Microsoft Network Inspection service depends the following service: NisDrv. This service might not be installed.

Error: (11/17/2014 02:31:28 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

 Feature: %%886

 Error Code: 0x80070433

 Error description: The dependency service does not exist or has been marked for deletion.

 Reason: %%858

Error: (11/17/2014 02:31:28 AM) (Source: Microsoft Antimalware) (EventID: 2003) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update the engine.

 New Engine Version:

 Previous Engine Version: 2.1.10302.0

 Engine Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Error Code: %NT AUTHORITY601

 Error description: %NT AUTHORITY602

Error: (11/17/2014 02:31:28 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 110.31.0.0

 Update Source: %NT AUTHORITY15

 Update Stage: 4.3.0216.00

 Source Path: 4.3.0216.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (11/16/2014 07:54:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.187.2347.0).

Error: (11/16/2014 07:54:25 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.187.2347.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.3.0216.00

 Source Path: 4.3.0216.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (11/16/2014 07:54:17 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The Microsoft Network Inspection service depends the following service: NisDrv. This service might not be installed.

Microsoft Office Sessions:
=========================
Error: (11/16/2014 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (11/15/2014 09:14:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MDCrashReportTool.exe17.922.0.67543300bfobjc.dll1.528.0.1205400227dc000000500006bedb4401d0000ec25a2f26C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dlla030b6e8-6d3e-11e4-9311-f01faf44cea5

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: DNSServiceResolve          54:ea:a8:b3:24:4a@fe80::56ea:a8ff:feb3:244a._apple-mobdev2._tcp.local.

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Client unresponsive; aborting connection

Error: (11/15/2014 03:35:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 608 seconds, 4 replies waiting

Error: (11/15/2014 03:34:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 592 seconds, 4 replies waiting

Error: (11/15/2014 03:34:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 580 seconds, 4 replies waiting

Error: (11/15/2014 03:34:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 576 seconds, 4 replies waiting

Error: (11/15/2014 03:34:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 562 seconds, 4 replies waiting

Error: (11/15/2014 03:34:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 296: Could not write data to client after 555 seconds, 3 replies waiting

==================== Memory info ===========================

Processor: Intel® Core™ i7-3540M CPU @ 3.00GHz
Percentage of memory in use: 59%
Total physical RAM: 8065.02 MB
Available physical RAM: 3290.85 MB
Total Pagefile: 16128.22 MB
Available Pagefile: 9604.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.99 GB) (Free:106.75 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 4345202F)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=750 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 Bootsektor

Bootsektor

  • Malware Response Team
  • 216 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Northern Germany
  • Local time:04:07 PM

Posted 18 November 2014 - 08:17 AM

Hello kellis1231,

In which browser do you have the issue with freecause?

You have installed Malwarebytes on your computer, did you perform a scan with it, are there created logs?

You have CCleaner installed on your computer, please do not use registry cleaner, they can be really dangerous for your system.

Step 1
We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.
  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.
A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

Java 7 Update 55
Windows Live Movie Maker Packages



Additional instructions can be found here if needed.

Step 2
We need to run a fix with FRST:
  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log ( Fixlog.txt ) in the same location the tool was run, please post it to your reply
Step 3
Please restart FRST.
  • Check also addition.txt then press Scan.
  • When the scan is finished, two new logfiles FRST.txt and additon.txt will be created and saved on your desktop.
  • Please post the content of the logfiles here in your thread.

Attached Files


regards,

 

Sandra


#6 kellis1231

kellis1231
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:georgetown tx
  • Local time:09:07 AM

Posted 19 November 2014 - 08:37 AM

I am having a problem running the program. When I run FRST, I get message saying "Scan completed. the "FRST.txt" is saved in the same location FRST tool is run". However, when I select "FIX", I get message saying "No fixlist.txt found. The fixlist should be in the same folder/directory the tool is located". I have verified that both the tool and the fixlist.txt is in the same directory on my desktop. I open that folder and can see both the tool and the file. what am I doing wrong?

#7 Bootsektor

Bootsektor

  • Malware Response Team
  • 216 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Northern Germany
  • Local time:04:07 PM

Posted 19 November 2014 - 04:00 PM

Hello kellis1231,

Have you checked, if you have misspelled the filename fixlist.txt?

Please download a new version of FRST and have a new try with the fixlist if my above given advice did not work, also try to download the fixlist again and perform a new fix. Thank you.

regards,

 

Sandra


#8 Bootsektor

Bootsektor

  • Malware Response Team
  • 216 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Northern Germany
  • Local time:04:07 PM

Posted 22 November 2014 - 04:28 PM

Hello kellis1231,

Are you still with me?

Please notice:
If you do not reply within the next 48 hours, I assume that you do not need my help anymore and this topic will be closed.

regards,

 

Sandra


#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,929 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:05:07 PM

Posted 27 November 2014 - 03:15 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users