Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Error messages and networking issues


  • This topic is locked This topic is locked
12 replies to this topic

#1 kmorrissey

kmorrissey

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 12 November 2015 - 01:28 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by kellymorrissey (administrator) on KELSXPS13 (12-11-2015 10:23:42)
Running from C:\Users\kellymorrissey\Desktop
Loaded Profiles: kellymorrissey (Available Profiles: kellymorrissey)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Intel Corporation) C:\Windows\Temp\irstrtsv\scrncap.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3058848 2012-07-24] (Dell Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95216 2012-08-15] (Sensible Vision )
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2012-08-15] (Sensible Vision )
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-03-17] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [SansaDispatch] => C:\Users\kellymorrissey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-22] (SanDisk Corporation)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Amazon Music] => C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-07-06] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-06] (Siber Systems)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "K:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2013-12-13]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-05-25]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CDBFA0C6-75CD-4636-B36A-D71CC6990F56}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D893EF84-B2D2-490D-BE2D-E20A3F71D48A}: [DhcpNameServer] 13.36.0.102
Tcpip\..\Interfaces\{E4484736-1D43-4FAB-8A5A-06EAFFB6A32D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> DefaultScope {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-06] (Siber Systems Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2012-08-15] (Sensible Vision )
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148
FF Homepage: hxxp://www.bing.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Garmin Communicator - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-10-15] [not signed]
FF Extension: duplicatetab_2 - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\jid1-y3AHrhD5jr0RfA@jetpack.xpi [2015-08-19]
FF Extension: New Tab Homepage - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2015-10-06]
FF Extension: Adblock Plus - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-10-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR Profile: C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Google Drive) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-02]
CHR Extension: (YouTube) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-02]
CHR Extension: (Google Search) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-08]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2015-02-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-08-02]
CHR Extension: (Bookmark Manager) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-08-02]
CHR Extension: (Norton Identity Safe) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-02]
CHR Extension: (Gmail) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08]
CHR Extension: (RoboForm Password Manager) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-08-02]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-03]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)

 

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [448400 2014-03-24] (Nuance Communications, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2860528 2012-08-15] (Sensible Vision ) [File not signed]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\N360.exe [282016 2015-09-23] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-11] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [69120 2015-02-05] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-07] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-02-13] ()
S3 dlcdcncm; C:\Windows\system32\DRIVERS\dlcdcncm62_x64.sys [83176 2015-02-12] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [210152 2015-02-12] (DisplayLink Corp.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-02] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-08] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-09-05] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151111.002\IDSvia64.sys [767224 2015-10-24] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S2 MCSTRM; no ImagePath
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151111.033\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151111.033\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2015-03-17] (Audials AG)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605040.018\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-05-06] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 10:23 - 2015-11-12 10:23 - 00039710 _____ C:\Users\kellymorrissey\Desktop\FRST.txt
2015-11-12 10:19 - 2015-11-12 10:23 - 00000000 ____D C:\FRST
2015-11-12 10:18 - 2015-11-12 10:18 - 02198528 _____ (Farbar) C:\Users\kellymorrissey\Desktop\FRST64.exe
2015-11-12 08:46 - 2015-11-12 08:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-11-12 08:18 - 2015-11-12 08:19 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2015-11-12 08:03 - 2015-11-12 08:03 - 00000322 _____ C:\Windows\SecuniaPackage.log
2015-11-12 07:49 - 2015-10-30 15:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-12 07:49 - 2015-10-30 15:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-12 07:49 - 2015-10-30 15:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-12 07:49 - 2015-10-30 15:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-12 07:49 - 2015-10-30 15:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-12 07:49 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-12 07:49 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-12 07:49 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-12 07:49 - 2015-10-30 14:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-12 07:49 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-12 07:49 - 2015-10-30 14:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-12 07:49 - 2015-10-30 14:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-12 07:49 - 2015-10-30 14:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-12 07:49 - 2015-10-30 14:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-12 07:49 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-12 07:49 - 2015-10-30 14:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-12 07:49 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-12 07:49 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-12 07:49 - 2015-10-30 14:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-12 07:49 - 2015-10-30 13:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-12 07:49 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-12 07:49 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-12 07:49 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-12 07:49 - 2015-09-04 11:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 07:49 - 2015-08-28 14:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 07:49 - 2015-08-20 12:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 07:49 - 2015-08-20 09:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 07:49 - 2014-11-04 17:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-12 07:49 - 2014-11-04 17:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-12 07:47 - 2015-09-29 04:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-12 07:09 - 2015-11-12 07:09 - 00002550 _____ C:\Windows\PFRO.log
2015-11-10 19:24 - 2015-11-12 10:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-10 19:24 - 2015-11-10 19:24 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-10 19:24 - 2015-11-10 19:24 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-09 15:00 - 2015-11-12 09:52 - 00009104 _____ C:\Windows\setupact.log
2015-11-09 15:00 - 2015-11-09 15:00 - 00000000 _____ C:\Windows\setuperr.log
2015-11-08 12:07 - 2015-09-10 09:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-08 12:07 - 2015-09-10 09:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-08 12:07 - 2015-09-10 08:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-08 12:07 - 2015-09-10 08:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-08 12:07 - 2015-09-10 08:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-08 12:07 - 2015-09-10 08:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-08 12:07 - 2015-09-10 08:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-08 12:07 - 2015-09-10 08:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-08 12:07 - 2015-09-10 08:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-08 12:07 - 2015-09-10 08:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-08 12:07 - 2015-09-10 08:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-08 12:07 - 2015-09-10 08:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-08 12:07 - 2015-09-10 08:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-08 12:07 - 2015-09-10 07:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-08 12:07 - 2015-09-10 07:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-08 12:07 - 2015-09-10 07:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-08 11:57 - 2015-11-08 11:57 - 00000000 ____D C:\Windows\SysWOW64\Dell
2015-11-08 11:31 - 2015-11-08 11:31 - 00417064 _____ () C:\Users\kellymorrissey\Downloads\DellSystemDetectLauncher.exe
2015-11-08 10:24 - 2015-11-08 10:24 - 00002290 _____ C:\Users\kellymorrissey\Desktop\Kindle.lnk
2015-11-08 10:24 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\Documents\My Kindle Content
2015-11-08 10:24 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-11-08 10:23 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Amazon
2015-11-08 10:23 - 2015-11-08 10:23 - 43325080 _____ (Amazon.com) C:\Users\kellymorrissey\Downloads\KindleForPC-installer-1.13.42039.exe
2015-11-06 20:34 - 2015-11-06 20:34 - 06693185 _____ C:\Users\kellymorrissey\Desktop\Seal-Don't Cry [Acoustic].mp4
2015-11-06 15:09 - 2015-11-07 09:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-04 14:41 - 2015-11-04 14:41 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\SNS-HDR_Lite
2015-11-04 14:39 - 2015-11-04 14:43 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\SNS-HDR
2015-11-04 14:39 - 2015-11-04 14:39 - 00000862 _____ C:\Users\kellymorrissey\Desktop\SNS-HDR Pro.lnk
2015-11-04 14:39 - 2015-11-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SNS-HDR Pro
2015-11-04 14:39 - 2012-10-18 14:11 - 00206720 _____ (Sebastian Nibisz) C:\Windows\system32\SNSShell.dll
2015-11-04 14:38 - 2015-11-04 14:39 - 00000000 ____D C:\Program Files\SNS-HDR Pro
2015-11-04 14:38 - 2015-11-04 14:38 - 15218352 _____ (Sebastian Nibisz ) C:\Users\kellymorrissey\Desktop\SNS-HDR_Pro.exe
2015-10-27 14:18 - 2015-10-27 14:18 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\KODAK AiO Home Center39666286
2015-10-24 06:48 - 2015-10-24 06:48 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2015-10-24 06:44 - 2015-10-27 14:13 - 00035328 _____ C:\Users\kellymorrissey\Desktop\FirmwareFlashLauncher.exe
2015-10-24 06:44 - 2015-10-24 06:44 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 06:44 - 2015-08-07 13:41 - 07460168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-24 06:44 - 2015-08-07 13:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-24 06:44 - 2015-08-07 06:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-24 06:44 - 2015-08-06 08:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-24 06:44 - 2015-08-06 08:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-24 06:43 - 2015-10-24 06:43 - 00000000 ____D C:\Program Files\Java
2015-10-24 06:43 - 2015-09-18 19:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-24 06:43 - 2015-09-18 05:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-24 06:43 - 2015-08-06 09:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-24 06:43 - 2015-08-06 08:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-24 06:43 - 2015-07-16 10:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-15 15:58 - 2015-10-15 15:59 - 00000000 ____D C:\Program Files\Hugin
2015-10-15 15:58 - 2015-10-15 15:58 - 00000876 _____ C:\Users\kellymorrissey\Desktop\Hugin.lnk
2015-10-15 15:58 - 2015-10-15 15:58 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hugin
2015-10-15 15:57 - 2015-10-15 15:58 - 23830387 _____ C:\Users\kellymorrissey\Downloads\HuginSetup_2015.0.0_64bit.exe
2015-10-13 02:24 - 2015-10-13 02:24 - 04587520 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-12 10:15 - 2015-05-18 18:15 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1001
2015-11-12 10:15 - 2015-05-18 18:09 - 00003614 _____ C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
2015-11-12 10:14 - 2015-05-17 00:12 - 01782873 _____ C:\Windows\WindowsUpdate.log
2015-11-12 10:03 - 2014-06-20 13:46 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job
2015-11-12 10:02 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-12 09:53 - 2013-12-13 13:14 - 00800852 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-12 08:56 - 2013-12-21 21:01 - 00000000 ____D C:\ProgramData\softthinks
2015-11-12 08:53 - 2013-12-13 13:26 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-11-12 08:46 - 2014-10-19 18:31 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job
2015-11-12 08:46 - 2014-03-25 17:41 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job
2015-11-12 08:46 - 2014-02-20 19:01 - 00000000 ___DO C:\Users\kellymorrissey\SkyDrive
2015-11-12 08:46 - 2013-12-13 13:23 - 00003282 _____ C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-11-12 08:45 - 2014-06-06 15:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-12 08:45 - 2014-05-30 20:25 - 00000000 ____D C:\ProgramData\Kodak
2015-11-12 08:45 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-12 08:43 - 2013-08-22 05:25 - 01310720 ___SH C:\Windows\system32\config\BBI
2015-11-12 08:03 - 2015-06-05 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-11-12 07:54 - 2013-08-22 07:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-12 07:43 - 2013-12-21 20:47 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\CrashDumps
2015-11-12 02:00 - 2014-06-24 16:12 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Adobe
2015-11-12 01:03 - 2015-09-25 06:42 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2015-11-12 01:03 - 2015-08-30 13:21 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-11-12 01:03 - 2015-06-03 14:32 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2015-11-11 19:35 - 2014-03-30 17:23 - 00000000 ____D C:\Users\kellymorrissey\Documents\Outlook Files
2015-11-11 03:13 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-09 18:39 - 2013-12-21 15:46 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Deployment
2015-11-09 15:19 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\rescache
2015-11-09 15:02 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-09 14:59 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-08 12:08 - 2015-09-10 11:51 - 00082379 _____ C:\Users\kellymorrissey\Desktop\TK-Levels.atn
2015-11-08 12:08 - 2015-09-09 22:05 - 00081887 _____ C:\Users\kellymorrissey\Desktop\TK-Brightness-Contrast.atn
2015-11-08 12:08 - 2014-09-29 17:02 - 00046279 _____ C:\Users\kellymorrissey\Desktop\TK-Selections.atn
2015-11-08 12:08 - 2012-12-22 16:54 - 00001112 _____ C:\Users\kellymorrissey\Desktop\TK-Burn-Dodge-Layer.atn
2015-11-08 11:57 - 2015-03-05 16:01 - 00000000 ____D C:\Program Files (x86)\Dell
2015-11-08 11:31 - 2013-12-21 15:47 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-11-08 10:09 - 2014-04-15 17:40 - 00000000 ____D C:\Users\kellymorrissey\Documents\Photography
2015-11-08 10:07 - 2015-09-20 13:20 - 00000000 ____D C:\Users\kellymorrissey\Desktop\Hester's paintings
2015-11-08 00:00 - 2014-10-16 16:16 - 00000258 _____ C:\Windows\Tasks\CCleanerClean.job
2015-11-07 09:43 - 2013-12-21 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 14:06 - 2014-12-09 20:43 - 00003495 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-11-05 18:29 - 2013-12-21 17:52 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Packages
2015-11-05 13:58 - 2015-04-10 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-11-05 13:58 - 2014-09-12 19:39 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2015-11-05 13:58 - 2014-03-01 11:44 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-11-05 13:58 - 2013-12-13 13:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-31 23:00 - 2014-09-19 15:16 - 00000000 ____D C:\Windows\Minidump
2015-10-31 19:46 - 2014-08-02 13:02 - 00000000 ____D C:\Users\kellymorrissey\Documents\Halloween
2015-10-31 10:52 - 2013-12-23 17:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-30 14:55 - 2015-05-20 17:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 14:55 - 2014-12-26 11:33 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 14:15 - 2015-10-03 16:25 - 10464648 _____ (Eastman Kodak Company) C:\Users\kellymorrissey\Desktop\aio_install.exe
2015-10-26 17:19 - 2013-12-21 17:52 - 00000000 ____D C:\Users\kellymorrissey
2015-10-26 14:23 - 2015-04-15 15:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-26 14:23 - 2015-04-15 15:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-26 14:23 - 2013-08-22 07:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-26 14:23 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\WinStore
2015-10-24 06:48 - 2015-03-05 16:01 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-10-24 06:44 - 2015-04-04 12:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-24 06:44 - 2015-04-04 12:42 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-14 13:57 - 2014-06-06 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-14 13:57 - 2014-06-06 15:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-13 17:56 - 2014-06-06 10:07 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2015-07-28 17:42 - 2015-07-28 18:11 - 0000132 _____ () C:\Users\kellymorrissey\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-07 17:04 - 2014-01-07 17:23 - 0000473 _____ () C:\Users\kellymorrissey\AppData\Roaming\burnaware.ini
2013-12-22 11:52 - 2015-02-05 12:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 11:52 - 2015-02-05 12:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
2014-01-04 19:35 - 2015-09-20 13:40 - 0001456 _____ () C:\Users\kellymorrissey\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-06 10:02 - 2014-06-06 10:02 - 0003584 _____ () C:\Users\kellymorrissey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:10 - 2015-02-18 12:10 - 0000236 _____ () C:\Users\kellymorrissey\AppData\Local\LaunchHomeCenter.log
2014-04-24 15:19 - 2014-04-24 15:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-13 13:08 - 2013-12-13 13:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-23 09:19 - 2014-07-23 09:19 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-07-23 09:35 - 2014-07-23 09:35 - 0000256 _____ () C:\ProgramData\lxea.log
2014-07-23 09:21 - 2014-07-23 09:21 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2014-07-23 09:17 - 2014-07-23 09:35 - 0001724 _____ () C:\ProgramData\lxeascan.log
2014-12-09 20:43 - 2015-11-06 14:06 - 0003495 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-23 09:16 - 2014-07-23 09:16 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-09 15:17

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by kellymorrissey (2015-11-12 10:24:30)
Running from C:\Users\kellymorrissey\Desktop
Windows 8.1 (X64) (2013-12-22 01:52:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-838906522-1154930953-3695442700-500 - Administrator - Disabled)
Guest (S-1-5-21-838906522-1154930953-3695442700-501 - Limited - Disabled)
kellymorrissey (S-1-5-21-838906522-1154930953-3695442700-1001 - Administrator - Enabled) => C:\Users\kellymorrissey

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Kindle (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
Amazon Music (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Amazon Amazon Music) (Version: 3.9.7.901 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audials (HKLM-x32\...\{479BFCE4-D39C-4134-BD94-07E2872C60B2}) (Version: 12.0.63100.0 - Audials AG)
Audials (HKLM-x32\...\{94952D75-D318-4D0B-A99C-28E4EA3676DF}) (Version: 11.0.56200.0 - Audials AG)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.)
ControlMyNikon version 4.3 (HKLM-x32\...\{DFC5625B-66D6-40E0-8D66-BC54747D306E}_is1) (Version: 4.3 - Tetherscript Technology Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell System Detect (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\73f463568823ebbe) (Version: 6.7.0.2 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.62 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
DisplayLink Core Software (HKLM\...\{65B2569D-303B-41EC-B38C-0934963BC3AD}) (Version: 7.7.60366.0 - DisplayLink Corp.)
DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Dragon Assistant version 1.5.22 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Elements+ for PSE 11, v.8.0 (HKLM-x32\...\Elements+ for PSE 11_is1) (Version:  - Andrei Doubrovski)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Face Recognition (HKLM\...\{770ED7E8-31F7-4F8E-887A-220B66865D4B}) (Version: 4.0.71.1 - Sensible Vision)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hugin 2015.0.0 (HKLM-x32\...\Hugin) (Version: 2015.0.0  - The Hugin Development Team)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mavis Beacon Teaches Typing Deluxe 20 (HKLM-x32\...\{23B591D7-1C20-44FB-97C2-6953AE67DE18}) (Version: 20.00.0000 - Broderbund)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Software Update (x32 Version: 1.0.41 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation)
Nuance Speech Component DA-A en-US version 1.5.22 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-C version 1.1.22 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-L en-US version 1.1.5 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.5 - Nuance Communications, Inc.)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Photomatix Pro version 5.0 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0 - HDRsoft Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.2.04 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7039 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rhapsody (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\8aa854a199af1b36) (Version: 6.15.17.0 - Rhapsody International Inc.)
RoboForm 7-9-13-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-13-5 - Siber Systems)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sansa Updater (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SNS-HDR Pro v1.4.22 (HKLM\...\SNS-HDR Pro_is1) (Version:  - Sebastian Nibisz)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.2.0 - Tweaking.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Windows Driver Package - Digitech (usbser) Ports  (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

24-10-2015 06:44:14 Windows Update
02-11-2015 03:40:07 Scheduled Checkpoint
05-11-2015 13:57:32 Garmin Express
12-11-2015 07:49:24 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 05:25 - 2015-05-19 15:20 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045AAAB6-3990-4CAB-A846-BC91A5AC9694} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {0FD071D6-5CC0-4679-962E-903D5EEC74D3} - \92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 -> No File <==== ATTENTION
Task: {110E1529-32C0-4102-B6C7-5614993F567D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {1327B1C9-2741-40B5-9308-45B47CCDC170} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {1556B30C-2136-4A0A-92EF-E286904D9ECA} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {25F90849-DD04-4F66-9FA8-8645337FD4B8} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-06] (Siber Systems)
Task: {2E2834EB-5F41-43A2-8268-8EA0899AE234} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {344EB50A-8C2A-44AE-8B19-EA094357DB3A} - System32\Tasks\RtHDVBg_MA3Firmware => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {36C36F74-8368-4614-ADCC-7632029DC8FA} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {4C327AEF-EFB3-4C9A-8F63-02286B4CC9CF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {4E76A8E7-49A4-42A6-B2D5-6C5DD5CDCA37} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {524A3EBC-5AE2-4B02-A859-1BAF85F3C27C} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5B53FBB0-C5EA-4D89-9360-272BC7F37DC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {5C60BC47-6F66-4C9A-8779-62B97CA6E355} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {60CE6B30-877E-49D9-82CE-15BD24997ABB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {638AF590-DF33-4D13-B999-6F29DBCFB3A5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {67D943C5-CC99-4570-BDC4-CACB639FCBD4} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kelly.morrissey@comcast.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {68FD85DA-1317-4765-B312-9AA8E1C7C6F8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6be03bafc6f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {70072624-8CCD-4FC1-A60B-880DA0417F3D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
Task: {7739096C-A148-4EAE-AEF0-9EF726533A0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {7D0E9D72-56B0-4CBD-B74D-EAAC24646061} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {7E923A02-4C0D-4367-9AF9-AFB70F8955B0} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {87774E9D-7073-4480-98F3-374ADC8EEAD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\WSCStub.exe [2015-09-23] (Symantec Corporation)
Task: {8AC315EA-EB5C-41C2-994A-DD96439A1451} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-06] (Synaptics Incorporated)
Task: {918822CE-3F56-4ADC-9056-1FB3867A4083} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {97910C2D-49A2-4830-AD03-D5F4E6618F63} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {98B350CD-749C-435E-8600-C40457ACA796} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9955D177-35EE-428D-93B3-5209784FEC3E} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {9D7AC828-D68A-48A8-A8ED-915D54F25E63} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-08] (Intel)
Task: {A2367977-BF48-4B59-8F2C-726664AA932E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {A690FB03-67B9-40C5-91D2-EA36E52407CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {B65B2DB8-321A-4005-B2FE-CA58E8EC7F07} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMMMNJKMMJOJMMPMOMCNKMLJJMLJCNLMKJHMJJCNOJGMJJLMCNGMMMJJNJJMPMNJGMKMHMGMHMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMOMFMEKMICNJJCKFMKMMMOMJNHICMOMPMKJGIMIJNBJCMEJKJDJDJGICJAJNINIGJMIMIKJGIJNKJCMJNNICMJNDJCMKJBJJNMJCMMMFMGMJMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {B73F2023-1B64-44DE-9D29-DC82C2B4CED4} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D6E85636-84B1-4392-8CA3-1AABA4BE2B93} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D94761F0-5CEB-4609-A276-4984311EDF6F} - \Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002 -> No File <==== ATTENTION
Task: {E4733025-6AFB-44D6-A421-CC4B566A2595} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ED50FE68-EA2E-4496-BD7C-B3046BE1F6F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {EEAC4ACC-328E-4591-8C25-9DF48BFDF2B9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-09-05] (Realtek Semiconductor)
Task: {F4A82FD3-C0D4-49FE-B266-C9ABF11397C3} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {F87DA2D5-96D8-4B1D-88F7-9CB05FBBA16C} - System32\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA848CB5-BC3D-461A-8698-A1E55EA51E86} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {FBFB700F-5A40-47CC-B1B1-08EE6A610EF9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-26 15:45 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 11:40 - 2013-08-22 11:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2015-03-13 12:48 - 2015-09-01 08:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-23 10:04 - 2015-07-06 09:47 - 05886784 _____ () C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-04-01 11:51 - 2015-04-01 11:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2012-08-15 09:13 - 2012-08-15 09:13 - 00093680 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL
2015-05-05 06:00 - 2014-03-24 13:44 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2015-03-13 12:48 - 2015-09-01 04:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-03-16 10:28 - 2015-03-16 10:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-12-13 13:14 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-26 08:07 - 2015-02-09 07:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-12-13 13:27 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 08:07 - 2014-02-18 10:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "SansaDispatch"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_47515865E6C1E3749B7552B111E8840A"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EC3C1A0A-4299-468F-AA14-EC24C985C372}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{A0BA359E-D4CA-48B5-BBF9-12D705337BCB}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{8AF6BD6F-2EEB-4754-A290-7C6164A48B87}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{14D2BCF8-4E97-40B7-BF6F-0B70078BB7AB}] => (Allow) LPort=2869
FirewallRules: [{E296FC9F-2311-452D-A3B9-D1FDC6E93CA1}] => (Allow) LPort=1900
FirewallRules: [{F791F82D-0A8A-4A77-8E7F-29DAE0B11195}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7E745AEB-7C58-4447-A573-FF36D1993CD9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{742929A2-BF4C-404C-A8AA-1E474AA1B738}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{577B291F-F8E5-45EA-B443-72D363939594}] => (Allow) LPort=9322
FirewallRules: [{F407E0EA-DA38-490E-975B-E2B967C53EC2}] => (Allow) LPort=5353
FirewallRules: [{8B1BE3DF-185B-4BC6-8EA5-1FA669EE39A6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{82F6FCAA-9A02-4C27-B398-B2A7E4616970}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{9EA8FF1B-C354-42CA-9F3E-32B7F5181E9A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{E111C16B-CB8E-40D8-8A24-F1EF99895D54}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{0BA39AF1-FB72-481D-8B78-89877E8CCB51}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{C3DF09DA-39F0-437E-A8A8-1A9DA932404E}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{298B7D28-13C9-4EC6-AEE7-4B3265D7301D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{7D198601-7329-4043-9826-D9CCC5B4BA6E}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{5BCE380C-FF90-45F7-8B75-D3D6C8504DC9}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{E7BBCA48-83F4-4873-96FD-B113D4146786}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{A5DCE516-07ED-4BA0-AE7A-925C2252708D}] => (Allow) LPort=5353
FirewallRules: [{A9CBA197-8975-4EFC-84B4-F692E9BA3396}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97996268-3D38-4C45-9DA3-9E5EBF7469C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7AE8E5F-2F73-4365-9D7D-F31087B7A4EA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{FF060275-0A3B-4B95-BA0A-B767E2518B46}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{CC58E8B8-0F80-460D-9A94-ED3CE7498B2E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6031705B-4309-4DB6-9215-44AAB7821B44}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{0ACE4384-4654-4297-868B-0BBCBAE2A6BB}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{33CDA35D-98AD-4C2E-A9FD-0E517017B94A}] => (Allow) LPort=12972
FirewallRules: [{5230896E-4B5E-4156-AF68-7B8992975716}] => (Allow) LPort=14714
FirewallRules: [{F1D515F0-6D56-4A76-8457-0A8079ACAF93}] => (Allow) LPort=31931
FirewallRules: [{81086441-87B5-468D-A900-C221BD2A3F1F}] => (Allow) LPort=9322
FirewallRules: [{E1D6E21B-91E2-42CB-A63B-5E615C94FD09}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{EA086982-CEC9-4DE3-B646-BDAD1A789C9B}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{7891EBDD-B457-4846-AD1B-11255D3DA0FA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{517F7A31-1487-478E-8D6D-BB3A93B2902D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{5BDEB205-AF30-4BBB-BF57-4E60B87E0F6A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{4C57F6E6-A876-4E6B-B345-1295F92D9546}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{124869AD-7063-4464-9DDF-48D57956DE0A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{9481C103-9914-456A-9D59-9A5A2FBF5927}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{F33D179C-5314-41BE-AE3D-1E29D5184559}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{73608082-655E-4BA8-86A3-D8287F592A43}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{1134478A-954F-49A9-AB5C-143E0B14A0C9}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
FirewallRules: [{9E09E443-F7AF-4771-917A-C537892F05DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A1FC485-4645-4DC3-8975-83DCE91DC374}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{803E3BAB-4215-40C9-88D0-73FD4326B7FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [CRIT ] AudioClient\AudioClient.c    :273  * 1900* No speech stream COM server available, please register at least one

Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [ERROR] AudioClient\AudioClient.c    :250  * 1900* Error initializing NAS Client

Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [ERROR] AudioClient\NASClient.cpp    :184  * 1900* Error with NAS GetCaptureDevicesInfo: 1

Error: (11/12/2015 08:43:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Faulting module name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Exception code: 0xc0000005
Fault offset: 0x000091d4
Faulting process id: 0x85c
Faulting application start time: 0xirstrtsv.exe0
Faulting application path: irstrtsv.exe1
Faulting module path: irstrtsv.exe2
Report Id: irstrtsv.exe3
Faulting package full name: irstrtsv.exe4
Faulting package-relative application ID: irstrtsv.exe5

Error: (11/12/2015 08:17:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.18007, time stamp: 0x55c4c16b
Exception code: 0xc0000008
Fault offset: 0x000000000009311a
Faulting process id: 0xac8
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
Faulting package full name: svchost.exe_stisvc4
Faulting package-relative application ID: svchost.exe_stisvc5

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [CRIT ] AudioClient\AudioClient.c    :273  * 1848* No speech stream COM server available, please register at least one

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [ERROR] AudioClient\AudioClient.c    :250  * 1848* Error initializing NAS Client

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [ERROR] AudioClient\NASClient.cpp    :184  * 1848* Error with NAS GetCaptureDevicesInfo: 1

Error: (11/12/2015 08:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Faulting module name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Exception code: 0xc0000005
Fault offset: 0x000091d4
Faulting process id: 0x86c
Faulting application start time: 0xirstrtsv.exe0
Faulting application path: irstrtsv.exe1
Faulting module path: irstrtsv.exe2
Report Id: irstrtsv.exe3
Faulting package full name: irstrtsv.exe4
Faulting package-relative application ID: irstrtsv.exe5

Error: (11/12/2015 08:09:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCorePnPFiles : Enumerating driver store published INFs failed.

System Error:
The process cannot access the file because it is being used by another process.
.


System errors:
=============
Error: (11/12/2015 09:52:16 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume I: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (11/12/2015 09:52:11 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (11/12/2015 08:48:33 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:48:30 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:48:01 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:45:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Media Player Network Sharing Service service terminated with the following error:
%%1008

Error: (11/12/2015 08:45:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (11/12/2015 08:45:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (11/12/2015 08:45:41 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (11/12/2015 08:43:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062


CodeIntegrity:
===================================
  Date: 2015-11-12 08:45:50.948
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-12 08:14:32.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-12 07:10:02.002
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-09 15:00:20.964
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 10:50:37.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 09:43:41.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-06 17:49:12.303
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-03 16:55:40.214
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-03 16:42:44.428
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-10-31 18:05:39.931
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 35%
Total physical RAM: 8097.32 MB
Available physical RAM: 5204.5 MB
Total Virtual: 16289.32 MB
Available Virtual: 12904.1 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.45 GB) (Free:92.38 GB) NTFS
Drive g: (XPS13 Backup) (Fixed) (Total:931.48 GB) (Free:807.01 GB) NTFS
Drive i: (Music on My Passport) (Fixed) (Total:1862.98 GB) (Free:1637.5 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4FA06305)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B81FCD84)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



BC AdBot (Login to Remove)

 


#2 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 12 November 2015 - 05:39 PM

Now Windows media player crashing, wireless won't connect for several minutes after restart even though available immediately on other computers. Any thoughts?



#3 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 15 November 2015 - 12:25 PM

Anyone out there who can help?



#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:16 AM

Posted 17 November 2015 - 01:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/596161 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#5 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 18 November 2015 - 12:59 PM

1. Problem:

  • Web pages load painfully slow; sometimes freeze
  • web page scroll response has considerable lag
  • Windows media player crashes after first 20 seconds
  • wireless won't connect for several minutes after restart even though available immediately on other computer

2. FRST log:

(When I run FRST I get the following error message:

Application Error: Exception EAccessViolation in module ERUNT.exe at 00003A38. Access violation at address 00403A38 in module ERUNT.exe. Read of address 0076005D.)

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-11-2015
Ran by kellymorrissey (administrator) on KELSXPS13 (18-11-2015 09:53:42)
Running from C:\Users\kellymorrissey\Desktop
Loaded Profiles: kellymorrissey (Available Profiles: kellymorrissey)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
() C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
(DELL Inc.) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sensible Vision ) C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Dbr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3058848 2012-07-24] (Dell Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95216 2012-08-15] (Sensible Vision )
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2012-08-15] (Sensible Vision )
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-03-17] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [SansaDispatch] => C:\Users\kellymorrissey\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [613888 2014-01-22] (SanDisk Corporation)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Amazon Music] => C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-07-06] ()
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-06-06] (Siber Systems)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 11 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [840784 2012-09-23] (Adobe Systems Incorporated)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {67340e0b-189c-11e4-828a-5c514f70bf97} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {9378e0d6-211d-11e4-828a-5c514f70bf97} - "H:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\MountPoints2: {bf34476b-cfbd-11e4-82e6-5c514f70bf97} - "D:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403304 2015-10-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
Lsa: [Notification Packages] scecli FAPassSync
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayBackupFile] -> {831CEBDD-6BAF-4432-BE76-9E0989C14AEF} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers: [DBRShellOverlayModifiedBackupFile] -> {275E4FD7-21EF-45CF-A836-832E5D2CC1B3} => C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBROverlayIconNotBackuped.dll [2014-12-30] (Softthinks SAS)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2013-12-13]
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-05-25]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-11-09]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CDBFA0C6-75CD-4636-B36A-D71CC6990F56}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D893EF84-B2D2-490D-BE2D-E20A3F71D48A}: [DhcpNameServer] 13.36.0.102
Tcpip\..\Interfaces\{E4484736-1D43-4FAB-8A5A-06EAFFB6A32D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> DefaultScope {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll [2012-08-15] (Sensible Vision )
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-06] (Siber Systems Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-10-28] (Microsoft Corporation)
BHO-x32: Face recognition web login for FastAccess -> {DA5BCE70-D057-4D63-943D-5F3927EC59F1} -> C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll [2012-08-15] (Sensible Vision )
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-06-06] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\coIEPlg.dll [2015-09-22] (Symantec Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148
FF Homepage: hxxp://www.bing.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-12-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Extension: Garmin Communicator - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-10-15] [not signed]
FF Extension: duplicatetab_2 - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\jid1-y3AHrhD5jr0RfA@jetpack.xpi [2015-08-19]
FF Extension: New Tab Homepage - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2015-10-06]
FF Extension: Adblock Plus - C:\Users\kellymorrissey\AppData\Roaming\Mozilla\Firefox\Profiles\3jtfjuwt.default-1435100487148\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [fassoxpcom@sensiblevision.com] - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso
FF Extension: FastAccess Web Login - C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso [2014-10-23] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-06] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2015-11-03] [not signed]
FF HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2015-06-06] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.bing.com/"
CHR Profile: C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-16]
CHR Extension: (Google Drive) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-02]
CHR Extension: (YouTube) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-02]
CHR Extension: (Google Search) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-08]
CHR Extension: (HTML5 video for YouTube™) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dolajcekhnohkpncmhgledbmndjpblei [2015-02-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-08-02]
CHR Extension: (Bookmark Manager) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-08-02]
CHR Extension: (Norton Identity Safe) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-02]
CHR Extension: (Gmail) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08]
CHR Extension: (RoboForm Password Manager) - C:\Users\kellymorrissey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-08-02]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-03]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-03]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-06-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe [69448 2015-10-14] (Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [448400 2014-03-24] (Nuance Communications, Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168 2015-09-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560 2015-09-11] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [10997992 2015-02-12] (DisplayLink Corp.)
R2 FAService; C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2860528 2012-08-15] (Sensible Vision ) [File not signed]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [783264 2013-09-08] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\N360.exe [282016 2015-09-23] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-08-23] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2005392 2015-02-11] (SoftThinks SAS)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [21160 2015-09-30] (Dell Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-20] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [16176 2013-08-22] ()
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [1785344 2013-08-19] (DELL Inc.) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [69120 2015-02-05] (ASIX Electronics Corp.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20151113.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-29] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-07] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-04-23] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1386296 2013-08-19] (Motorola Solutions, Inc.)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605040.018\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
S3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.7.60366.0.sys [46312 2015-02-13] ()
S3 dlcdcncm; C:\Windows\system32\DRIVERS\dlcdcncm62_x64.sys [83176 2015-02-12] (DisplayLink Corp.)
S3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [210152 2015-02-12] (DisplayLink Corp.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation)
U3 EraserUtilDrv11520; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11520.sys [157520 2015-11-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-08-08] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-02] (Intel Corporation)
S3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [83960 2013-08-08] (Intel Corporation)
S3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [129528 2013-08-08] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-09-05] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20151113.001\IDSvia64.sys [767224 2015-10-24] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [20192 2013-09-08] (Intel Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
S3 LAN7500; C:\Windows\system32\DRIVERS\lan7500-x64-n630f.sys [96256 2013-04-05] (SMSC)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S2 MCSTRM; no ImagePath
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151118.003\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20151118.003\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3494680 2015-03-09] (Intel Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2015-03-17] (Audials AG)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-30] (Microsoft Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605040.018\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605040.018\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605040.018\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [41200 2014-05-06] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 09:53 - 2015-11-18 09:53 - 00000000 ____D C:\Users\kellymorrissey\Desktop\FRST-OlderVersion
2015-11-18 09:37 - 2015-11-18 09:40 - 00000136 _____ C:\Windows\ODBC.INI
2015-11-15 16:35 - 2015-11-15 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-11-15 14:20 - 2015-11-15 14:20 - 00004084 _____ C:\Windows\PFRO.log
2015-11-15 14:19 - 2015-10-20 13:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-15 14:19 - 2015-10-20 06:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-15 14:19 - 2015-10-20 06:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-15 14:19 - 2015-10-20 06:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-15 14:19 - 2015-10-20 06:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-15 14:19 - 2015-10-20 06:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-15 14:19 - 2015-10-20 06:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-15 14:19 - 2015-10-20 06:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-15 14:19 - 2015-10-20 06:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-15 14:19 - 2015-10-20 06:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-15 14:19 - 2015-10-20 06:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-15 14:19 - 2015-10-20 06:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-15 14:03 - 2015-11-18 09:37 - 00015619 _____ C:\Windows\setupact.log
2015-11-15 14:03 - 2015-11-15 14:03 - 00000000 _____ C:\Windows\setuperr.log
2015-11-12 16:50 - 2015-11-12 16:50 - 00003484 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-11-12 16:49 - 2015-11-12 16:49 - 00004048 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-11-12 16:49 - 2015-11-12 16:49 - 00003238 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-11-12 16:49 - 2015-11-12 16:49 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2015-11-12 16:49 - 2015-11-12 16:49 - 00000000 ____D C:\Program Files\Dell Support Center
2015-11-12 10:45 - 2015-11-12 10:45 - 00000000 ____D C:\Program Files\DisplayLink Graphics
2015-11-12 10:24 - 2015-11-12 10:29 - 00048382 _____ C:\Users\kellymorrissey\Desktop\Addition.txt
2015-11-12 10:23 - 2015-11-18 09:53 - 00040585 _____ C:\Users\kellymorrissey\Desktop\FRST.txt
2015-11-12 10:19 - 2015-11-18 09:53 - 00000000 ____D C:\FRST
2015-11-12 10:18 - 2015-11-18 09:53 - 02008576 _____ (Farbar) C:\Users\kellymorrissey\Desktop\FRST64.exe
2015-11-12 08:18 - 2015-11-12 08:19 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2015-11-12 07:49 - 2015-10-30 15:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-12 07:49 - 2015-10-30 15:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-12 07:49 - 2015-10-30 15:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-12 07:49 - 2015-10-30 15:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-12 07:49 - 2015-10-30 15:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-12 07:49 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-12 07:49 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-12 07:49 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-12 07:49 - 2015-10-30 14:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-12 07:49 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-12 07:49 - 2015-10-30 14:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-12 07:49 - 2015-10-30 14:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-12 07:49 - 2015-10-30 14:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-12 07:49 - 2015-10-30 14:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-12 07:49 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-12 07:49 - 2015-10-30 14:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-12 07:49 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-12 07:49 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-12 07:49 - 2015-10-30 14:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-12 07:49 - 2015-10-30 13:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-12 07:49 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-12 07:49 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-12 07:49 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-12 07:49 - 2015-09-04 11:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 07:49 - 2015-08-28 14:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 07:49 - 2015-08-20 12:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 07:49 - 2015-08-20 09:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 07:49 - 2014-11-04 17:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-11-12 07:49 - 2014-11-04 17:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-11-12 07:47 - 2015-09-29 04:24 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-10 19:24 - 2015-11-17 14:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-10 19:24 - 2015-11-10 19:24 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-10 19:24 - 2015-11-10 19:24 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-08 12:07 - 2015-09-10 09:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-08 12:07 - 2015-09-10 09:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-08 12:07 - 2015-09-10 08:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-08 12:07 - 2015-09-10 08:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-08 12:07 - 2015-09-10 08:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-08 12:07 - 2015-09-10 08:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-08 12:07 - 2015-09-10 08:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-08 12:07 - 2015-09-10 08:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-08 12:07 - 2015-09-10 08:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-08 12:07 - 2015-09-10 08:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-08 12:07 - 2015-09-10 08:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-08 12:07 - 2015-09-10 08:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-08 12:07 - 2015-09-10 08:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-08 12:07 - 2015-09-10 07:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-08 12:07 - 2015-09-10 07:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-08 12:07 - 2015-09-10 07:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-08 11:57 - 2015-11-08 11:57 - 00000000 ____D C:\Windows\SysWOW64\Dell
2015-11-08 11:31 - 2015-11-08 11:31 - 00417064 _____ () C:\Users\kellymorrissey\Downloads\DellSystemDetectLauncher.exe
2015-11-08 10:24 - 2015-11-08 10:24 - 00002290 _____ C:\Users\kellymorrissey\Desktop\Kindle.lnk
2015-11-08 10:24 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\Documents\My Kindle Content
2015-11-08 10:24 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-11-08 10:23 - 2015-11-08 10:24 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Amazon
2015-11-08 10:23 - 2015-11-08 10:23 - 43325080 _____ (Amazon.com) C:\Users\kellymorrissey\Downloads\KindleForPC-installer-1.13.42039.exe
2015-11-06 20:34 - 2015-11-06 20:34 - 06693185 _____ C:\Users\kellymorrissey\Desktop\Seal-Don't Cry [Acoustic].mp4
2015-11-06 15:09 - 2015-11-07 09:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-04 14:41 - 2015-11-04 14:41 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\SNS-HDR_Lite
2015-11-04 14:39 - 2015-11-04 14:43 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\SNS-HDR
2015-11-04 14:39 - 2015-11-04 14:39 - 00000862 _____ C:\Users\kellymorrissey\Desktop\SNS-HDR Pro.lnk
2015-11-04 14:39 - 2015-11-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SNS-HDR Pro
2015-11-04 14:39 - 2012-10-18 14:11 - 00206720 _____ (Sebastian Nibisz) C:\Windows\system32\SNSShell.dll
2015-11-04 14:38 - 2015-11-04 14:39 - 00000000 ____D C:\Program Files\SNS-HDR Pro
2015-11-04 14:38 - 2015-11-04 14:38 - 15218352 _____ (Sebastian Nibisz ) C:\Users\kellymorrissey\Desktop\SNS-HDR_Pro.exe
2015-10-27 14:18 - 2015-10-27 14:18 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\KODAK AiO Home Center39666286
2015-10-24 06:48 - 2015-10-24 06:48 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2015-10-24 06:44 - 2015-10-27 14:13 - 00035328 _____ C:\Users\kellymorrissey\Desktop\FirmwareFlashLauncher.exe
2015-10-24 06:44 - 2015-10-24 06:44 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2015-10-24 06:44 - 2015-10-24 06:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 06:44 - 2015-08-07 13:41 - 07460168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-24 06:44 - 2015-08-07 13:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-24 06:44 - 2015-08-07 13:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-24 06:44 - 2015-08-07 06:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-24 06:44 - 2015-08-06 08:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-24 06:44 - 2015-08-06 08:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-24 06:43 - 2015-10-24 06:43 - 00000000 ____D C:\Program Files\Java
2015-10-24 06:43 - 2015-09-18 19:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-24 06:43 - 2015-09-18 05:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-24 06:43 - 2015-09-18 05:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-24 06:43 - 2015-08-22 05:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-24 06:43 - 2015-08-06 09:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-24 06:43 - 2015-08-06 08:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-24 06:43 - 2015-07-16 10:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-18 09:40 - 2014-03-30 17:23 - 00000000 ____D C:\Users\kellymorrissey\Documents\Outlook Files
2015-11-18 09:39 - 2013-12-13 13:26 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-11-18 09:37 - 2013-08-22 05:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-18 09:36 - 2015-05-17 00:12 - 02063099 _____ C:\Windows\WindowsUpdate.log
2015-11-18 09:32 - 2013-12-21 21:01 - 00000000 ____D C:\ProgramData\softthinks
2015-11-18 09:29 - 2015-05-18 18:15 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1001
2015-11-18 09:27 - 2014-06-24 16:12 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Adobe
2015-11-18 09:26 - 2014-06-06 15:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-18 09:25 - 2014-10-19 18:31 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job
2015-11-18 09:25 - 2014-05-30 20:25 - 00000000 ____D C:\ProgramData\Kodak
2015-11-18 09:25 - 2014-03-25 17:41 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job
2015-11-18 09:25 - 2013-12-13 13:23 - 00003282 _____ C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2015-11-18 09:24 - 2014-02-20 19:01 - 00000000 ___DO C:\Users\kellymorrissey\SkyDrive
2015-11-18 09:24 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-17 14:03 - 2014-06-20 13:46 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job
2015-11-17 13:20 - 2013-12-21 15:46 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Deployment
2015-11-17 09:44 - 2015-09-25 06:42 - 00000000 ____D C:\Program Files (x86)\Dell Customer Connect
2015-11-17 09:44 - 2015-08-30 13:21 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-11-17 09:44 - 2015-06-03 14:32 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2015-11-15 21:49 - 2013-12-21 20:47 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\CrashDumps
2015-11-15 17:23 - 2014-06-06 15:48 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-15 16:45 - 2014-06-06 10:07 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\vlc
2015-11-15 16:39 - 2013-12-13 13:14 - 00800852 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 16:34 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 16:34 - 2013-08-22 05:25 - 01310720 ___SH C:\Windows\system32\config\BBI
2015-11-15 14:35 - 2013-08-22 07:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-15 14:17 - 2013-12-26 20:13 - 00000000 ____D C:\Windows\system32\MRT
2015-11-15 14:16 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-11-15 14:02 - 2014-04-15 17:40 - 00000000 ____D C:\Users\kellymorrissey\Documents\Photography
2015-11-15 00:00 - 2014-10-16 16:16 - 00000258 _____ C:\Windows\Tasks\CCleanerClean.job
2015-11-13 19:26 - 2015-05-18 18:09 - 00003612 _____ C:\Windows\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
2015-11-12 16:49 - 2013-12-13 13:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-11-12 16:26 - 2013-12-21 17:52 - 00000000 ____D C:\Users\kellymorrissey\AppData\Local\Packages
2015-11-12 08:03 - 2015-06-05 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-11-11 03:13 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-09 15:19 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\rescache
2015-11-09 14:59 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-11-08 11:57 - 2015-03-05 16:01 - 00000000 ____D C:\Program Files (x86)\Dell
2015-11-08 11:31 - 2013-12-21 15:47 - 00000000 ____D C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2015-11-08 10:07 - 2015-09-20 13:20 - 00000000 ____D C:\Users\kellymorrissey\Desktop\Hester's paintings
2015-11-07 09:43 - 2013-12-21 15:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-06 14:06 - 2014-12-09 20:43 - 00003495 _____ C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-11-05 13:58 - 2015-04-10 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-11-05 13:58 - 2014-09-12 19:39 - 00003554 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2015-11-05 13:58 - 2014-03-01 11:44 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-11-05 13:58 - 2013-12-13 13:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-31 23:00 - 2014-09-19 15:16 - 00000000 ____D C:\Windows\Minidump
2015-10-31 19:46 - 2014-08-02 13:02 - 00000000 ____D C:\Users\kellymorrissey\Documents\Halloween
2015-10-31 10:52 - 2013-12-23 17:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-10-30 14:55 - 2015-05-20 17:53 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-30 14:55 - 2014-12-26 11:33 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-27 18:43 - 2013-12-26 20:13 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-27 14:15 - 2015-10-03 16:25 - 10464648 _____ (Eastman Kodak Company) C:\Users\kellymorrissey\Desktop\aio_install.exe
2015-10-26 17:19 - 2013-12-21 17:52 - 00000000 ____D C:\Users\kellymorrissey
2015-10-26 14:23 - 2015-04-15 15:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-26 14:23 - 2015-04-15 15:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-26 14:23 - 2013-08-22 07:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-26 14:23 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\WinStore
2015-10-24 06:48 - 2015-03-05 16:01 - 00003816 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-10-24 06:44 - 2015-04-04 12:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-24 06:44 - 2015-04-04 12:42 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2015-07-28 17:42 - 2015-07-28 18:11 - 0000132 _____ () C:\Users\kellymorrissey\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-01-07 17:04 - 2014-01-07 17:23 - 0000473 _____ () C:\Users\kellymorrissey\AppData\Roaming\burnaware.ini
2013-12-22 11:52 - 2015-02-05 12:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 11:52 - 2015-02-05 12:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
2014-01-04 19:35 - 2015-09-20 13:40 - 0001456 _____ () C:\Users\kellymorrissey\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-06-06 10:02 - 2014-06-06 10:02 - 0003584 _____ () C:\Users\kellymorrissey\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:10 - 2015-02-18 12:10 - 0000236 _____ () C:\Users\kellymorrissey\AppData\Local\LaunchHomeCenter.log
2014-04-24 15:19 - 2014-04-24 15:19 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-13 13:08 - 2013-12-13 13:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-23 09:19 - 2014-07-23 09:19 - 0000252 _____ () C:\ProgramData\FastPics.log
2014-07-23 09:35 - 2014-07-23 09:35 - 0000256 _____ () C:\ProgramData\lxea.log
2014-07-23 09:21 - 2014-07-23 09:21 - 0001122 _____ () C:\ProgramData\lxeaJSW.log
2014-07-23 09:17 - 2014-07-23 09:35 - 0001724 _____ () C:\ProgramData\lxeascan.log
2014-12-09 20:43 - 2015-11-06 14:06 - 0003495 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-07-23 09:16 - 2014-07-23 09:16 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-09 15:17

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by kellymorrissey (2015-11-12 10:27:26)
Running from C:\Users\kellymorrissey\Desktop
Windows 8.1 (X64) (2013-12-22 01:52:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-838906522-1154930953-3695442700-500 - Administrator - Disabled)
Guest (S-1-5-21-838906522-1154930953-3695442700-501 - Limited - Disabled)
kellymorrissey (S-1-5-21-838906522-1154930953-3695442700-1001 - Administrator - Enabled) => C:\Users\kellymorrissey

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (HKLM\...\PremElem110) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 11 (Version: 11.0 - Adobe Systems Incorporated) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Amazon Kindle (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Amazon Kindle) (Version: 1.13.0.42039 - Amazon)
Amazon Music (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Amazon Amazon Music) (Version: 3.9.7.901 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audials (HKLM-x32\...\{479BFCE4-D39C-4134-BD94-07E2872C60B2}) (Version: 12.0.63100.0 - Audials AG)
Audials (HKLM-x32\...\{94952D75-D318-4D0B-A99C-28E4EA3676DF}) (Version: 11.0.56200.0 - Audials AG)
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.)
ControlMyNikon version 4.3 (HKLM-x32\...\{DFC5625B-66D6-40E0-8D66-BC54747D306E}_is1) (Version: 4.3 - Tetherscript Technology Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.5.1 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.1.14 - Dell)
Dell System Detect (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\73f463568823ebbe) (Version: 6.7.0.2 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.15.62 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
DisplayLink Core Software (HKLM\...\{65B2569D-303B-41EC-B38C-0934963BC3AD}) (Version: 7.7.60366.0 - DisplayLink Corp.)
DJ2540FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Dragon Assistant version 1.5.22 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Elements+ for PSE 11, v.8.0 (HKLM-x32\...\Elements+ for PSE 11_is1) (Version:  - Andrei Doubrovski)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Face Recognition (HKLM\...\{770ED7E8-31F7-4F8E-887A-220B66865D4B}) (Version: 4.0.71.1 - Sensible Vision)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Hugin 2015.0.0 (HKLM-x32\...\Hugin) (Version: 2015.0.0  - The Hugin Development Team)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel® Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
JamManagerXT version 2.0 (HKLM-x32\...\{777248DB-00AD-4567-9382-E991118BC6CC}_is1) (Version: 2.0 - Harman International, Inc.)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mavis Beacon Teaches Typing Deluxe 20 (HKLM-x32\...\{23B591D7-1C20-44FB-97C2-6953AE67DE18}) (Version: 20.00.0000 - Broderbund)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Software Update (x32 Version: 1.0.41 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.4.24 - Symantec Corporation)
Nuance Speech Component DA-A en-US version 1.5.22 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-C version 1.1.22 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.22 - Nuance Communications, Inc.)
Nuance Speech Component DA-L en-US version 1.1.5 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.5 - Nuance Communications, Inc.)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Photomatix Pro version 5.0 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.0 - HDRsoft Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PocketCloud (HKLM-x32\...\{D9752C7D-A595-4687-A0D5-362E9C311C55}) (Version: 2.7.14 - Wyse Technology)
PRE11 STI 64Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.2.04 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7039 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rhapsody (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\8aa854a199af1b36) (Version: 6.15.17.0 - Rhapsody International Inc.)
RoboForm 7-9-13-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-13-5 - Siber Systems)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sansa Updater (HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Secunia PSI (3.0.0.7011) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7011 - Secunia)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SNS-HDR Pro v1.4.22 (HKLM\...\SNS-HDR Pro_is1) (Version:  - Sebastian Nibisz)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.2.0 - Tweaking.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Windows Driver Package - Digitech (usbser) Ports  (04/24/2009 1.1.2600.0) (HKLM\...\9A5D99BED6F7F105B74795DCF16F3088223BEFBB) (Version: 04/24/2009 1.1.2600.0 - Digitech)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

24-10-2015 06:44:14 Windows Update
02-11-2015 03:40:07 Scheduled Checkpoint
05-11-2015 13:57:32 Garmin Express
12-11-2015 07:49:24 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 05:25 - 2015-05-19 15:20 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045AAAB6-3990-4CAB-A846-BC91A5AC9694} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {0FD071D6-5CC0-4679-962E-903D5EEC74D3} - \92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 -> No File <==== ATTENTION
Task: {110E1529-32C0-4102-B6C7-5614993F567D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {1327B1C9-2741-40B5-9308-45B47CCDC170} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {1556B30C-2136-4A0A-92EF-E286904D9ECA} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {25F90849-DD04-4F66-9FA8-8645337FD4B8} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-06-06] (Siber Systems)
Task: {2E2834EB-5F41-43A2-8268-8EA0899AE234} - System32\Tasks\PocketCloud => C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe [2013-08-22] ()
Task: {344EB50A-8C2A-44AE-8B19-EA094357DB3A} - System32\Tasks\RtHDVBg_MA3Firmware => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {36C36F74-8368-4614-ADCC-7632029DC8FA} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {4C327AEF-EFB3-4C9A-8F63-02286B4CC9CF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {4E76A8E7-49A4-42A6-B2D5-6C5DD5CDCA37} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {524A3EBC-5AE2-4B02-A859-1BAF85F3C27C} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5B53FBB0-C5EA-4D89-9360-272BC7F37DC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {5C60BC47-6F66-4C9A-8779-62B97CA6E355} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {60CE6B30-877E-49D9-82CE-15BD24997ABB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {638AF590-DF33-4D13-B999-6F29DBCFB3A5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {67D943C5-CC99-4570-BDC4-CACB639FCBD4} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kelly.morrissey@comcast.net => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {68FD85DA-1317-4765-B312-9AA8E1C7C6F8} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6be03bafc6f0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {70072624-8CCD-4FC1-A60B-880DA0417F3D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-838906522-1154930953-3695442700-1001
Task: {7739096C-A148-4EAE-AEF0-9EF726533A0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {7D0E9D72-56B0-4CBD-B74D-EAAC24646061} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {7E923A02-4C0D-4367-9AF9-AFB70F8955B0} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {87774E9D-7073-4480-98F3-374ADC8EEAD9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\WSCStub.exe [2015-09-23] (Symantec Corporation)
Task: {8AC315EA-EB5C-41C2-994A-DD96439A1451} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-05-06] (Synaptics Incorporated)
Task: {918822CE-3F56-4ADC-9056-1FB3867A4083} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-09-30] (Dell Inc.)
Task: {97910C2D-49A2-4830-AD03-D5F4E6618F63} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {98B350CD-749C-435E-8600-C40457ACA796} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {9955D177-35EE-428D-93B3-5209784FEC3E} - System32\Tasks\PocketCloudVirtualChannel => C:\Program Files (x86)\Wyse\PocketCloud\WPCRDPVirtualChannelServer.exe [2013-08-22] ()
Task: {9D7AC828-D68A-48A8-A8ED-915D54F25E63} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-08] (Intel)
Task: {A2367977-BF48-4B59-8F2C-726664AA932E} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {A690FB03-67B9-40C5-91D2-EA36E52407CC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {B65B2DB8-321A-4005-B2FE-CA58E8EC7F07} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMMMNJKMMJOJMMPMOMCNKMLJJMLJCNLMKJHMJJCNOJGMJJLMCNGMMMJJNJJMPMNJGMKMHMGMHMJNJICMIMCNGMCNOMMMFMOMOMCNPMCNGMJMPMPMFMJMCNMMCNGMJMPMPMCNNMJNPICMOMFMEKMICNJJCKFMKMMMOMJNHICMOMPMKJGIMIJNBJCMEJKJDJDJGICJAJNINIGJMIMIKJGIJNKJCMJNNICMJNDJCMKJBJJNMJCMMMFMGMJMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {B73F2023-1B64-44DE-9D29-DC82C2B4CED4} - System32\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {D6E85636-84B1-4392-8CA3-1AABA4BE2B93} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D94761F0-5CEB-4609-A276-4984311EDF6F} - \Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002 -> No File <==== ATTENTION
Task: {E4733025-6AFB-44D6-A421-CC4B566A2595} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {ED50FE68-EA2E-4496-BD7C-B3046BE1F6F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {EEAC4ACC-328E-4591-8C25-9DF48BFDF2B9} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-09-05] (Realtek Semiconductor)
Task: {F4A82FD3-C0D4-49FE-B266-C9ABF11397C3} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {F87DA2D5-96D8-4B1D-88F7-9CB05FBBA16C} - System32\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {FA848CB5-BC3D-461A-8698-A1E55EA51E86} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-30] (Realtek Semiconductor)
Task: {FBFB700F-5A40-47CC-B1B1-08EE6A610EF9} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf489473ef515f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfec0de611f7bb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8cd123329adb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-26 15:45 - 2015-10-07 18:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00198120 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-01 17:31 - 2013-08-01 17:31 - 00054760 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-01 17:31 - 2013-08-01 17:31 - 00034792 _____ () c:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00016176 _____ () C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
2013-08-22 11:40 - 2013-08-22 11:40 - 00040240 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherServiceLib.dll
2013-08-22 11:40 - 2013-08-22 11:40 - 00046384 _____ () C:\Program Files (x86)\Wyse\PocketCloud\AetherHelperLib.dll
2015-03-13 12:48 - 2015-09-01 08:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-23 10:04 - 2015-07-06 09:47 - 05886784 _____ () C:\Users\kellymorrissey\AppData\Local\Amazon Music\Amazon Music Helper.exe
2015-04-01 11:51 - 2015-04-01 11:51 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2012-08-15 09:13 - 2012-08-15 09:13 - 00093680 _____ () C:\Windows\SYSTEM32\FAIEExtension.DLL
2015-05-05 06:00 - 2014-03-24 13:44 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2015-05-05 06:00 - 2014-03-24 13:44 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2015-03-13 12:48 - 2015-09-01 04:25 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2015-03-16 10:28 - 2015-03-16 10:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2013-12-13 13:14 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2015-02-26 08:07 - 2015-02-09 07:14 - 01905904 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-12-13 13:27 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-02-26 08:07 - 2014-02-18 10:12 - 00117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAWFP => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-838906522-1154930953-3695442700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kellymorrissey\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Amazon Unbox.lnk"
HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"
HKLM\...\StartupApproved\Run32: => "WD Quick View"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "SansaDispatch"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_47515865E6C1E3749B7552B111E8840A"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EC3C1A0A-4299-468F-AA14-EC24C985C372}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudDesktopApp.exe
FirewallRules: [{A0BA359E-D4CA-48B5-BBF9-12D705337BCB}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
FirewallRules: [{8AF6BD6F-2EEB-4754-A290-7C6164A48B87}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{14D2BCF8-4E97-40B7-BF6F-0B70078BB7AB}] => (Allow) LPort=2869
FirewallRules: [{E296FC9F-2311-452D-A3B9-D1FDC6E93CA1}] => (Allow) LPort=1900
FirewallRules: [{F791F82D-0A8A-4A77-8E7F-29DAE0B11195}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{7E745AEB-7C58-4447-A573-FF36D1993CD9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{742929A2-BF4C-404C-A8AA-1E474AA1B738}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{577B291F-F8E5-45EA-B443-72D363939594}] => (Allow) LPort=9322
FirewallRules: [{F407E0EA-DA38-490E-975B-E2B967C53EC2}] => (Allow) LPort=5353
FirewallRules: [{8B1BE3DF-185B-4BC6-8EA5-1FA669EE39A6}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{82F6FCAA-9A02-4C27-B398-B2A7E4616970}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{9EA8FF1B-C354-42CA-9F3E-32B7F5181E9A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{E111C16B-CB8E-40D8-8A24-F1EF99895D54}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{0BA39AF1-FB72-481D-8B78-89877E8CCB51}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{C3DF09DA-39F0-437E-A8A8-1A9DA932404E}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{298B7D28-13C9-4EC6-AEE7-4B3265D7301D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{7D198601-7329-4043-9826-D9CCC5B4BA6E}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{5BCE380C-FF90-45F7-8B75-D3D6C8504DC9}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{E7BBCA48-83F4-4873-96FD-B113D4146786}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{A5DCE516-07ED-4BA0-AE7A-925C2252708D}] => (Allow) LPort=5353
FirewallRules: [{A9CBA197-8975-4EFC-84B4-F692E9BA3396}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{97996268-3D38-4C45-9DA3-9E5EBF7469C9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7AE8E5F-2F73-4365-9D7D-F31087B7A4EA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{FF060275-0A3B-4B95-BA0A-B767E2518B46}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{CC58E8B8-0F80-460D-9A94-ED3CE7498B2E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{6031705B-4309-4DB6-9215-44AAB7821B44}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{0ACE4384-4654-4297-868B-0BBCBAE2A6BB}] => (Allow) C:\Program Files (x86)\Audials\Audials 11\Audials.exe
FirewallRules: [{33CDA35D-98AD-4C2E-A9FD-0E517017B94A}] => (Allow) LPort=12972
FirewallRules: [{5230896E-4B5E-4156-AF68-7B8992975716}] => (Allow) LPort=14714
FirewallRules: [{F1D515F0-6D56-4A76-8457-0A8079ACAF93}] => (Allow) LPort=31931
FirewallRules: [{81086441-87B5-468D-A900-C221BD2A3F1F}] => (Allow) LPort=9322
FirewallRules: [{E1D6E21B-91E2-42CB-A63B-5E615C94FD09}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{EA086982-CEC9-4DE3-B646-BDAD1A789C9B}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{7891EBDD-B457-4846-AD1B-11255D3DA0FA}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{517F7A31-1487-478E-8D6D-BB3A93B2902D}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{5BDEB205-AF30-4BBB-BF57-4E60B87E0F6A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{4C57F6E6-A876-4E6B-B345-1295F92D9546}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{124869AD-7063-4464-9DDF-48D57956DE0A}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{9481C103-9914-456A-9D59-9A5A2FBF5927}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{F33D179C-5314-41BE-AE3D-1E29D5184559}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{73608082-655E-4BA8-86A3-D8287F592A43}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{1134478A-954F-49A9-AB5C-143E0B14A0C9}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe
FirewallRules: [{9E09E443-F7AF-4771-917A-C537892F05DC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0A1FC485-4645-4DC3-8975-83DCE91DC374}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{803E3BAB-4215-40C9-88D0-73FD4326B7FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: facap, FastAccess Video Capture
Description: facap, FastAccess Video Capture
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Sensible Vision
Service: FACAP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [CRIT ] AudioClient\AudioClient.c    :273  * 1900* No speech stream COM server available, please register at least one

Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [ERROR] AudioClient\AudioClient.c    :250  * 1900* Error initializing NAS Client

Error: (11/12/2015 08:45:41 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:45:41.853613 [ERROR] AudioClient\NASClient.cpp    :184  * 1900* Error with NAS GetCaptureDevicesInfo: 1

Error: (11/12/2015 08:43:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Faulting module name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Exception code: 0xc0000005
Fault offset: 0x000091d4
Faulting process id: 0x85c
Faulting application start time: 0xirstrtsv.exe0
Faulting application path: irstrtsv.exe1
Faulting module path: irstrtsv.exe2
Report Id: irstrtsv.exe3
Faulting package full name: irstrtsv.exe4
Faulting package-relative application ID: irstrtsv.exe5

Error: (11/12/2015 08:17:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 6.3.9600.16384, time stamp: 0x5215dfe3
Faulting module name: ntdll.dll, version: 6.3.9600.18007, time stamp: 0x55c4c16b
Exception code: 0xc0000008
Fault offset: 0x000000000009311a
Faulting process id: 0xac8
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
Faulting package full name: svchost.exe_stisvc4
Faulting package-relative application ID: svchost.exe_stisvc5

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [CRIT ] AudioClient\AudioClient.c    :273  * 1848* No speech stream COM server available, please register at least one

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [ERROR] AudioClient\AudioClient.c    :250  * 1848* Error initializing NAS Client

Error: (11/12/2015 08:14:23 AM) (Source: DACoreService) (EventID: 0) (User: )
Description: 2015-11-12 08:14:23.768785 [ERROR] AudioClient\NASClient.cpp    :184  * 1848* Error with NAS GetCaptureDevicesInfo: 1

Error: (11/12/2015 08:09:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Faulting module name: irstrtsv.exe, version: 3.0.0.1056, time stamp: 0x522d33c1
Exception code: 0xc0000005
Fault offset: 0x000091d4
Faulting process id: 0x86c
Faulting application start time: 0xirstrtsv.exe0
Faulting application path: irstrtsv.exe1
Faulting module path: irstrtsv.exe2
Report Id: irstrtsv.exe3
Faulting package full name: irstrtsv.exe4
Faulting package-relative application ID: irstrtsv.exe5

Error: (11/12/2015 08:09:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddCorePnPFiles : Enumerating driver store published INFs failed.

System Error:
The process cannot access the file because it is being used by another process.
.


System errors:
=============
Error: (11/12/2015 09:52:16 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume I: encountered a non-retryable error and could not start.  The data contains the error code.

Error: (11/12/2015 09:52:11 AM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (11/12/2015 08:48:33 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:48:30 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:48:01 AM) (Source: dlcdcncm) (EventID: 5002) (User: )
Description: USB Gigabit Ethernet : Has determined that the network adapter is not functioning properly.

Error: (11/12/2015 08:45:54 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Media Player Network Sharing Service service terminated with the following error:
%%1008

Error: (11/12/2015 08:45:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error:
%%577

Error: (11/12/2015 08:45:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MCSTRM service failed to start due to the following error:
%%2

Error: (11/12/2015 08:45:41 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (11/12/2015 08:43:41 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062


CodeIntegrity:
===================================
  Date: 2015-11-12 08:45:50.948
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-12 08:14:32.648
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-12 07:10:02.002
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-09 15:00:20.964
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 10:50:37.135
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-07 09:43:41.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-06 17:49:12.303
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-03 16:55:40.214
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-11-03 16:42:44.428
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-10-31 18:05:39.931
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 36%
Total physical RAM: 8097.32 MB
Available physical RAM: 5170.29 MB
Total Virtual: 16289.32 MB
Available Virtual: 12887.52 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.45 GB) (Free:92.38 GB) NTFS
Drive g: (XPS13 Backup) (Fixed) (Total:931.48 GB) (Free:807.01 GB) NTFS
Drive i: (Music on My Passport) (Fixed) (Total:1862.98 GB) (Free:1637.5 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.48 GB) (Free:0.2 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4FA06305)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B81FCD84)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

3. I have original Windows 8.1 media on backup drive



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:16 AM

Posted 20 November 2015 - 04:27 PM

Greetings kmorrissey and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please do this.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKLM-x32\...\Run: [FAStartup] => [X]
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> DefaultScope {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
S2 MCSTRM; no ImagePath
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
2015-10-24 06:48 - 2015-10-24 06:48 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2013-12-22 11:52 - 2015-02-05 12:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 11:52 - 2015-02-05 12:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
Task: {0FD071D6-5CC0-4679-962E-903D5EEC74D3} - \92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 -> No File <==== ATTENTION
Task: {1556B30C-2136-4A0A-92EF-E286904D9ECA} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {D94761F0-5CEB-4609-A276-4984311EDF6F} - \Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002 -> No File <==== ATTENTION
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • System Summary Information
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 20 November 2015 - 08:21 PM

Fixlog

Fix result of Farbar Recovery Scan Tool (x64) Version:20-11-2015
Ran by kellymorrissey (2015-11-20 17:06:53) Run:1
Running from C:\Users\kellymorrissey\Desktop
Loaded Profiles: kellymorrissey (Available Profiles: kellymorrissey)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM-x32\...\Run: [FAStartup] => [X]
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> DefaultScope {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
SearchScopes: HKU\S-1-5-21-838906522-1154930953-3695442700-1001 -> {E406E668-CFB4-456A-BB2A-5798BBD05F7E} URL =
S2 MCSTRM; no ImagePath
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
2015-10-24 06:48 - 2015-10-24 06:48 - 00000000 __HDC C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
2013-12-22 11:52 - 2015-02-05 12:46 - 0000004 _____ () C:\Users\kellymorrissey\AppData\Roaming\DEA82C
2013-12-22 11:52 - 2015-02-05 12:46 - 0870128 _____ () C:\Users\kellymorrissey\AppData\Roaming\mcs.rma
Task: {0FD071D6-5CC0-4679-962E-903D5EEC74D3} - \92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 -> No File <==== ATTENTION
Task: {1556B30C-2136-4A0A-92EF-E286904D9ECA} - System32\Tasks\PocketCloudUpdater => C:\Program
Task: {D94761F0-5CEB-4609-A276-4984311EDF6F} - \Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002 -> No File <==== ATTENTION
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\FAStartup => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1"" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2"" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3"" => key removed successfully
HKCR\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4"" => key removed successfully
HKCR\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5"" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6"" => key removed successfully
HKCR\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7"" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8"" => key removed successfully
HKCR\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-838906522-1154930953-3695442700-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E406E668-CFB4-456A-BB2A-5798BBD05F7E}" => key removed successfully
HKCR\CLSID\{E406E668-CFB4-456A-BB2A-5798BBD05F7E} => key not found.
MCSTRM => service removed successfully
PCDSRVC{3B54B31B-D06B6431-06020200}_0 => Unable to stop service.
PCDSRVC{3B54B31B-D06B6431-06020200}_0 => service removed successfully
C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1} => moved successfully
C:\Users\kellymorrissey\AppData\Roaming\DEA82C => moved successfully
C:\Users\kellymorrissey\AppData\Roaming\mcs.rma => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FD071D6-5CC0-4679-962E-903D5EEC74D3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FD071D6-5CC0-4679-962E-903D5EEC74D3}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\92bf8bbc-dba1-4bf8-8f5d-49741cf15757-5 => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1556B30C-2136-4A0A-92EF-E286904D9ECA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1556B30C-2136-4A0A-92EF-E286904D9ECA}" => key removed successfully
C:\Windows\System32\Tasks\PocketCloudUpdater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PocketCloudUpdater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D94761F0-5CEB-4609-A276-4984311EDF6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D94761F0-5CEB-4609-A276-4984311EDF6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-838906522-1154930953-3695442700-1002" => key removed successfully


The system needed a reboot.

==== End of Fixlog 17:07:00 ====

 

 

Performance update: System seems to be much more responsive; web pages load much faster; Windows Media Player still crashing, however.

 

Attached Files



#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:16 AM

Posted 20 November 2015 - 08:53 PM

Thank you. This is our next step.

===================================================

Program Troubleshooting in Windows 8.1

--------------------
  • Press the Windows Key + R at the same time
  • Type wscui.cpl and press Enter
  • Click Troubleshooting
  • Click Programs
  • Click Windows Media Player Settings
  • Click Advanced, make sure Apply repairs automatically is checked then click Run as Administrator
  • Click Next and apply any fixes if they are recommended
  • Repeat the steps for Windows Media Player Library
  • Reboot your computer and check Windows Media Player
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 20 November 2015 - 11:24 PM

Seems to be working fine!



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:16 AM

Posted 21 November 2015 - 08:52 AM

Great to hear.

Please do this.

===================================================

Emsisoft Emergency Kit Scan

--------------------
  • Download Emsisoft Emergency Kit and save it to your desktop.
  • Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
  • Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
  • Click Yes to update the program, this may take some time
  • Click on 2. Scan
  • Click Yes to detecting Potentially Unwanted Programs
  • Click Malware Scan
  • Patiently wait for the thorough scan to complete, this can be a lengthy process
  • Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
  • Click View Report
  • Copy and paste or attach the report to your reply
  • Close the program then click Close
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run Note: If you receive an error message saying UNSUPPORTED OPERATING SYSTEM! ABORTED! reboot your computer and attempt to run it again
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Emsisoft log
  • Security Check log
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 kmorrissey

kmorrissey
  • Topic Starter

  • Members
  • 113 posts
  • OFFLINE
  •  
  • Local time:06:16 AM

Posted 21 November 2015 - 10:05 AM

Emsisoft Emergency Kit - Version 10.0
Last update: 11/21/2015 6:53:01 AM
User account: KELSXPS13\kellymorrissey

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start:    11/21/2015 6:53:27 AM
C:\Users\kellymorrissey\AppData\Local\software     detected: Application.AppInstall (A)

Scanned    80805
Found    1

Scan end:    11/21/2015 6:56:28 AM
Scan time:    0:03:01

C:\Users\kellymorrissey\AppData\Local\software    Quarantined Application.AppInstall (A)

Quarantined    1
 

 Results of screen317's Security Check version 1.012 --- 11/09/15  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Norton Security Suite   
Windows Defender        
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.7011)   
 Adobe Flash Player     19.0.0.245  
 Mozilla Firefox (42.0)
 Google Chrome (46.0.2490.80)
 Google Chrome (46.0.2490.86)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 

 

Performance seems fine.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:16 AM

Posted 21 November 2015 - 03:55 PM

That looks great. I think we are all set.

Now that your computer is running well it is my great pleasure to proclaim to you the Good News!

===================================================

All Clean!

--------------

Your machine appears to be clean and you may delete any programs or logs on your computer as a result of our efforts. If we used Emsisoft Emergency Kit just delete the icon on your desktop and the C:\EEK folder. For everything else you simply delete the log files or desktop icons.

Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :thumbsup:

Lawrence Abrams, the founder of BleepingComputer.com, has developed an excellent tutorial which will provide you with the information you need to know to keep your computer secure and clean. Please take the time to read:In addition, here are some more links you might find of interest:I will leave this topic open for just a brief period of time in case you have any further issues then it will be closed shortly thereafter.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you. OhMy_done.gif
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,044 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:06:16 AM

Posted 22 November 2015 - 10:09 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users