Sorry it took so long. The MS scan ran for over 12 hours. (It didn't find anything.) I used my laptop this morning, then left. It went to sleep, and when I came back, I couldn't wake it up entirely. So I rebooted. And it was slow and laggy again.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Andrea (administrator) on YGF2012 on 06-05-2014 14:27:19
Running from C:\Users\Andrea\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Absolute Software) C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dropbox, Inc.) C:\Users\Andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-15] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Absolute Notifier] => C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe [85672 2011-05-10] (Absolute Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-967247175-893293011-2753274408-1000\...\Run: [HP Officejet 6700 (NET)] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-967247175-893293011-2753274408-1000\...\Run: [HP Officejet 6700 (NET) #2] => C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Andrea\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk -> C:\Program Files\HP\HP Officejet 6700\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter - C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll No File
FF Plugin-x32: @playon.tv/PlayOnToolbar - C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\11\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Andrea\AppData\Local\Citrix\Plugins\97\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Andrea\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Andrea\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Andrea\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10171.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Andrea\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-08]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-22]
CHR Extension: (Google Search) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-22]
CHR Extension: (Motive Extension) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2013-02-12]
CHR Extension: (Skyrama) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2012-02-22]
CHR Extension: (Grepolis) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog [2012-02-22]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2012-12-28]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-22]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Andrea\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [ienaefcpghbmccojmklhdffdobkbencj] - C:\Program Files (x86)\MediaMall\toolbar\ce.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]
CHR StartMenuInternet: Google Chrome - C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 AbsoluteNotifier; C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifierService.exe [10920 2011-05-10] (Absolute Software)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5454640 2014-03-28] (MediaMall Technologies, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-15] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
S3 RoxMediaDBVHS; C:\Program Files (x86)\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1114384 2011-12-19] (Rovi Corporation)
S2 spiceworks; "C:\Users\Andrea\Dropbox\Sell Sell Sell\Spiceworks\bin\spiceworks.exe" service [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2012-11-02] (MediaMall Technologies, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 TotRec8; C:\windows\system32\drivers\TotRec8.sys [122640 2012-08-13] (High Criteria inc.)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDA64A.sys [736280 2011-12-28] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEM64A.sys [1171992 2011-12-28] (eMPIA Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-05 18:09 - 2014-05-05 18:09 - 00001945 _____ () C:\windows\epplauncher.mif
2014-05-05 18:06 - 2014-05-05 18:06 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-05-05 18:06 - 2014-05-05 18:06 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-05 18:06 - 2014-05-05 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-05 18:02 - 2014-05-05 18:02 - 13829304 _____ (Microsoft Corporation) C:\Users\Andrea\Downloads\mseinstall.exe
2014-05-05 18:00 - 2014-05-05 18:00 - 00869456 _____ () C:\Users\Andrea\Downloads\Norton_Removal_Tool.exe
2014-05-05 06:48 - 2014-05-05 06:48 - 00000085 _____ () C:\windows\wininit.ini
2014-05-04 21:31 - 2014-05-04 21:31 - 00000207 _____ () C:\windows\tweaking.com-regbackup-YGF2012-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 ____D () C:\RegBackup
2014-05-04 21:29 - 2014-05-04 21:29 - 00002161 _____ () C:\Users\Andrea\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-05-04 21:29 - 2014-05-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-05-04 21:28 - 2014-05-04 21:28 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-05-04 21:27 - 2014-05-04 21:27 - 05459368 _____ () C:\Users\Andrea\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-05-04 07:56 - 2014-05-04 07:56 - 04009167 _____ () C:\Users\Andrea\Downloads\ServicesRepair.exe
2014-05-04 07:56 - 2014-05-04 07:56 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-05-03 20:41 - 2014-05-04 19:28 - 00003584 _____ () C:\Users\Andrea\Downloads\FSS.txt
2014-05-03 20:40 - 2014-05-03 20:40 - 00408576 _____ (Farbar) C:\Users\Andrea\Downloads\FSS.exe
2014-05-03 08:54 - 2014-05-03 08:54 - 00039923 _____ () C:\ComboFix.txt
2014-05-03 08:27 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe
2014-05-03 08:27 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe
2014-05-03 08:27 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-05-03 08:27 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-05-03 08:27 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-05-03 08:27 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe
2014-05-03 08:27 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe
2014-05-03 08:27 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe
2014-05-03 07:17 - 2014-05-03 08:54 - 00000000 ____D () C:\Qoobox
2014-05-03 07:16 - 2014-05-03 08:53 - 00000000 ____D () C:\windows\erdnt
2014-05-03 07:01 - 2014-05-03 07:01 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-05-03 06:57 - 2014-05-03 06:58 - 05197895 ____R (Swearware) C:\Users\Andrea\Desktop\ComboFix.exe
2014-05-02 21:19 - 2014-05-02 21:19 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DropboxMaster
2014-05-02 07:07 - 2014-05-06 14:26 - 00000000 ____D () C:\Users\Andrea\Downloads\FRST-OlderVersion
2014-05-01 22:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-05-01 22:16 - 2014-05-01 22:24 - 00000000 ____D () C:\AdwCleaner
2014-05-01 21:45 - 2014-05-01 21:47 - 01310621 _____ () C:\Users\Andrea\Downloads\AdwCleaner.exe
2014-05-01 19:07 - 2014-05-06 13:58 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-01 18:34 - 2014-05-01 18:23 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-05-01 18:32 - 2014-05-01 18:34 - 00000000 ____D () C:\zoek
2014-05-01 18:27 - 2014-05-01 19:15 - 00011745 _____ () C:\zoek-results.log
2014-05-01 18:23 - 2014-05-01 18:33 - 00000000 ____D () C:\zoek_backup
2014-05-01 10:51 - 2014-05-01 10:51 - 01285120 _____ () C:\Users\Andrea\Desktop\zoek.exe
2014-04-30 14:29 - 2014-04-30 14:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Mozilla
2014-04-30 05:36 - 2014-05-02 18:11 - 00055898 _____ () C:\Users\Andrea\Downloads\Addition.txt
2014-04-30 05:34 - 2014-05-06 14:27 - 00020576 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-04-30 05:34 - 2014-05-06 14:27 - 00000000 ____D () C:\FRST
2014-04-30 05:33 - 2014-05-06 14:26 - 02063872 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-04-29 14:56 - 2014-05-01 07:26 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 14:54 - 2014-04-29 14:54 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 14:54 - 2014-04-29 14:54 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 14:54 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-29 14:54 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-29 14:54 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-29 14:51 - 2014-04-29 14:52 - 00000000 ____D () C:\Users\Andrea\AppData\Local\AvgSetupLog
2014-04-29 14:51 - 2014-04-29 14:52 - 00000000 ____D () C:\ProgramData\Avg
2014-04-29 14:51 - 2014-04-29 14:52 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 14:51 - 2014-04-29 14:51 - 16045040 _____ (AVG Technologies) C:\Users\Andrea\Downloads\avg_zist_stb_all_208_23.exe
2014-04-29 14:51 - 2014-04-29 14:51 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg
2014-04-29 08:42 - 2014-05-06 14:12 - 00485948 _____ () C:\windows\WindowsUpdate.log
2014-04-29 08:32 - 2014-05-06 13:51 - 00001400 _____ () C:\windows\setupact.log
2014-04-29 08:32 - 2014-04-29 08:32 - 00000000 _____ () C:\windows\setuperr.log
2014-04-29 08:31 - 2014-05-06 13:50 - 00335952 _____ () C:\windows\PFRO.log
2014-04-29 08:28 - 2014-04-29 08:28 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-29 08:28 - 2014-04-29 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-29 08:28 - 2014-04-29 08:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-29 08:27 - 2014-04-29 08:27 - 04745984 _____ (Piriform Ltd) C:\Users\Andrea\Downloads\ccsetup413.exe
2014-04-29 08:26 - 2014-04-29 08:26 - 00929416 _____ (CNET Download.com) C:\Users\Andrea\Downloads\cbsidlm-cbsi188-Soluto-SEO-75446583 (1).exe
2014-04-29 08:24 - 2014-04-29 08:24 - 01514048 _____ (Soluto Inc) C:\Users\Andrea\Downloads\solutoinstaller-k56pw02ao39y.exe
2014-04-29 08:24 - 2014-04-29 08:24 - 00000000 ____D () C:\ProgramData\Soluto
2014-04-29 08:22 - 2014-04-29 08:22 - 00929416 _____ (CNET Download.com) C:\Users\Andrea\Downloads\cbsidlm-cbsi188-Soluto-SEO-75446583.exe
2014-04-29 07:32 - 2014-05-05 06:49 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-04-29 07:32 - 2014-05-05 06:48 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-29 07:30 - 2014-04-29 07:30 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Andrea\Downloads\spybot-2.3.exe
2014-04-29 07:09 - 2014-04-30 15:44 - 17931952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-28 16:31 - 2014-04-28 16:31 - 00417872 _____ () C:\Users\Andrea\Downloads\DellSystemDetect.exe
2014-04-28 09:10 - 2014-04-28 09:10 - 00000000 ____D () C:\Users\Andrea\WORK FILES.tsk.lock
2014-04-28 01:52 - 2014-04-28 01:52 - 00003120 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2014-04-27 23:23 - 2014-04-27 23:23 - 03774570 _____ () C:\Users\Andrea\Documents\AutoRuns.arn
2014-04-26 08:35 - 2014-04-26 08:35 - 00478193 _____ () C:\Users\Andrea\Downloads\MayTiger Tales 2013.ppp
2014-04-25 07:30 - 2014-04-25 07:30 - 00036868 _____ () C:\Users\Andrea\Downloads\noname (2).eml
2014-04-25 07:26 - 2014-04-25 07:26 - 00036868 _____ () C:\Users\Andrea\Downloads\noname (1).eml
2014-04-21 21:35 - 2014-04-21 21:38 - 30841344 _____ () C:\Users\Andrea\Downloads\Fall_Slideshow_2010_0.ppt
2014-04-21 15:19 - 2014-04-21 15:30 - 00001121 _____ () C:\Users\Andrea\Downloads\HistoryDownload.csv
2014-04-21 14:05 - 2014-04-21 14:05 - 00016897 _____ () C:\Users\Andrea\Downloads\Biosentronics Returns 4-21-2014.xlsx
2014-04-18 09:07 - 2014-04-18 09:07 - 00034816 _____ () C:\Users\Andrea\Downloads\How to Get Free Traffic From Google - Registration Report.xls
2014-04-16 13:22 - 2014-04-16 13:22 - 00045559 _____ () C:\Users\Andrea\Downloads\Biosentronics Returns 16APR2014_revised action.xlsx
2014-04-15 08:49 - 2014-04-15 08:49 - 00000231 _____ () C:\Users\Andrea\Downloads\Introduction-To-Google-Analytics-Webinar-12.6.13-PART-1.mp4
==================== One Month Modified Files and Folders =======
2014-05-06 14:27 - 2014-04-30 05:34 - 00020576 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-05-06 14:27 - 2014-04-30 05:34 - 00000000 ____D () C:\FRST
2014-05-06 14:27 - 2012-02-22 21:39 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Skype
2014-05-06 14:26 - 2014-05-02 07:07 - 00000000 ____D () C:\Users\Andrea\Downloads\FRST-OlderVersion
2014-05-06 14:26 - 2014-04-30 05:33 - 02063872 _____ (Farbar) C:\Users\Andrea\Downloads\FRST64.exe
2014-05-06 14:16 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:16 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:12 - 2014-04-29 08:42 - 00485948 _____ () C:\windows\WindowsUpdate.log
2014-05-06 14:12 - 2012-04-30 20:01 - 00000932 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA.job
2014-05-06 14:12 - 2012-02-22 21:27 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Dropbox
2014-05-06 14:00 - 2014-01-16 12:00 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 14:00 - 2012-02-22 16:11 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA.job
2014-05-06 13:59 - 2012-02-22 21:29 - 00000000 ___RD () C:\Users\Andrea\Dropbox
2014-05-06 13:58 - 2014-05-01 19:07 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-06 13:54 - 2014-01-16 12:00 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 13:53 - 2012-01-14 13:41 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-05-06 13:53 - 2012-01-14 13:41 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-05-06 13:53 - 2012-01-14 13:30 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-05-06 13:51 - 2014-04-29 08:32 - 00001400 _____ () C:\windows\setupact.log
2014-05-06 13:51 - 2012-02-22 16:11 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core.job
2014-05-06 13:51 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-06 13:50 - 2014-04-29 08:31 - 00335952 _____ () C:\windows\PFRO.log
2014-05-06 13:48 - 2014-01-24 08:54 - 00000568 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-967247175-893293011-2753274408-1000.job
2014-05-06 13:46 - 2012-08-05 08:37 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 07:53 - 2012-02-22 14:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-06 07:19 - 2014-01-06 09:51 - 00206791 _____ () C:\Users\Andrea\Documents\2014 Time Tracking.xlsx
2014-05-06 06:43 - 2012-04-11 16:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\PamFax Office Integrations
2014-05-06 06:37 - 2012-12-08 06:49 - 00000000 ____D () C:\ProgramData\MediaMall
2014-05-05 18:09 - 2014-05-05 18:09 - 00001945 _____ () C:\windows\epplauncher.mif
2014-05-05 18:06 - 2014-05-05 18:06 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-05-05 18:06 - 2014-05-05 18:06 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-05-05 18:06 - 2014-05-05 18:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-05-05 18:02 - 2014-05-05 18:02 - 13829304 _____ (Microsoft Corporation) C:\Users\Andrea\Downloads\mseinstall.exe
2014-05-05 18:01 - 2012-08-25 13:03 - 00000000 ____D () C:\ProgramData\Norton
2014-05-05 18:00 - 2014-05-05 18:00 - 00869456 _____ () C:\Users\Andrea\Downloads\Norton_Removal_Tool.exe
2014-05-05 17:12 - 2012-04-30 20:01 - 00000910 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core.job
2014-05-05 16:07 - 2013-05-21 16:35 - 00000000 ____D () C:\Program Files\My Dell
2014-05-05 16:07 - 2012-02-25 13:04 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-05 16:02 - 2013-05-21 16:36 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2014-05-05 15:55 - 2009-07-14 01:13 - 00006740 _____ () C:\windows\system32\PerfStringBackup.INI
2014-05-05 13:32 - 2013-10-28 14:43 - 00001976 _____ () C:\Users\Public\Desktop\Dell DataSafe Online.lnk
2014-05-05 13:32 - 2013-10-28 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online
2014-05-05 07:28 - 2012-02-22 16:11 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Deployment
2014-05-05 06:49 - 2014-04-29 07:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-05 06:48 - 2014-05-05 06:48 - 00000085 _____ () C:\windows\wininit.ini
2014-05-05 06:48 - 2014-04-29 07:32 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-04 22:18 - 2012-02-22 15:02 - 00114392 _____ () C:\Users\Andrea\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-04 22:15 - 2009-07-14 00:45 - 00416264 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-04 22:11 - 2009-07-13 22:34 - 00000546 _____ () C:\windows\win.ini
2014-05-04 22:06 - 2011-11-16 15:25 - 00006740 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-05-04 21:31 - 2014-05-04 21:31 - 00000207 _____ () C:\windows\tweaking.com-regbackup-YGF2012-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 ____D () C:\RegBackup
2014-05-04 21:29 - 2014-05-04 21:29 - 00002161 _____ () C:\Users\Andrea\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-05-04 21:29 - 2014-05-04 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-05-04 21:28 - 2014-05-04 21:28 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-05-04 21:27 - 2014-05-04 21:27 - 05459368 _____ () C:\Users\Andrea\Desktop\tweaking.com_windows_repair_aio_setup.exe
2014-05-04 19:28 - 2014-05-03 20:41 - 00003584 _____ () C:\Users\Andrea\Downloads\FSS.txt
2014-05-04 08:26 - 2012-02-22 16:11 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Apps\2.0
2014-05-04 07:56 - 2014-05-04 07:56 - 04009167 _____ () C:\Users\Andrea\Downloads\ServicesRepair.exe
2014-05-04 07:56 - 2014-05-04 07:56 - 00000000 ____D () C:\Users\Public\Desktop\CC Support
2014-05-03 20:40 - 2014-05-03 20:40 - 00408576 _____ (Farbar) C:\Users\Andrea\Downloads\FSS.exe
2014-05-03 08:54 - 2014-05-03 08:54 - 00039923 _____ () C:\ComboFix.txt
2014-05-03 08:54 - 2014-05-03 07:17 - 00000000 ____D () C:\Qoobox
2014-05-03 08:54 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-05-03 08:53 - 2014-05-03 07:16 - 00000000 ____D () C:\windows\erdnt
2014-05-03 08:52 - 2012-02-22 15:02 - 00000000 ____D () C:\Users\Andrea
2014-05-03 08:52 - 2012-02-22 14:05 - 00000000 ___RD () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-03 08:52 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini
2014-05-03 07:01 - 2014-05-03 07:01 - 00000000 ____D () C:\windows\System32\Tasks\Norton 360
2014-05-03 06:58 - 2014-05-03 06:57 - 05197895 ____R (Swearware) C:\Users\Andrea\Desktop\ComboFix.exe
2014-05-03 06:51 - 2012-08-25 13:24 - 00003206 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-05-02 21:19 - 2014-05-02 21:19 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DropboxMaster
2014-05-02 21:19 - 2012-02-22 21:29 - 00001023 _____ () C:\Users\Andrea\Desktop\Dropbox.lnk
2014-05-02 21:19 - 2012-02-22 21:28 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 18:11 - 2014-04-30 05:36 - 00055898 _____ () C:\Users\Andrea\Downloads\Addition.txt
2014-05-01 22:24 - 2014-05-01 22:16 - 00000000 ____D () C:\AdwCleaner
2014-05-01 21:47 - 2014-05-01 21:45 - 01310621 _____ () C:\Users\Andrea\Downloads\AdwCleaner.exe
2014-05-01 20:59 - 2014-01-16 12:02 - 00000000 ___RD () C:\Users\Andrea\Google Drive
2014-05-01 19:15 - 2014-05-01 18:27 - 00011745 _____ () C:\zoek-results.log
2014-05-01 18:34 - 2014-05-01 18:32 - 00000000 ____D () C:\zoek
2014-05-01 18:33 - 2014-05-01 18:23 - 00000000 ____D () C:\zoek_backup
2014-05-01 18:23 - 2014-05-01 18:34 - 00024064 _____ () C:\windows\zoek-delete.exe
2014-05-01 10:54 - 2013-07-13 14:45 - 00000000 ____D () C:\Users\Andrea\Desktop\GRAM
2014-05-01 10:51 - 2014-05-01 10:51 - 01285120 _____ () C:\Users\Andrea\Desktop\zoek.exe
2014-05-01 08:26 - 2012-02-25 13:20 - 00000000 ____D () C:\Users\Andrea\Documents\Outlook Files
2014-05-01 07:26 - 2014-04-29 14:56 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-01 07:15 - 2012-02-22 20:28 - 00000000 ____D () C:\Users\Andrea\Documents\PTA
2014-04-30 15:44 - 2014-04-29 07:09 - 17931952 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2014-04-30 15:44 - 2012-08-05 08:37 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-04-30 15:44 - 2012-04-01 08:52 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-30 15:44 - 2012-01-14 12:58 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-30 14:29 - 2014-04-30 14:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Mozilla
2014-04-29 15:27 - 2012-01-14 14:45 - 00000000 ____D () C:\windows\ShellNew
2014-04-29 14:54 - 2014-04-29 14:54 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-29 14:54 - 2014-04-29 14:54 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-29 14:54 - 2014-04-29 14:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-29 14:52 - 2014-04-29 14:51 - 00000000 ____D () C:\Users\Andrea\AppData\Local\AvgSetupLog
2014-04-29 14:52 - 2014-04-29 14:51 - 00000000 ____D () C:\ProgramData\Avg
2014-04-29 14:52 - 2014-04-29 14:51 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-04-29 14:51 - 2014-04-29 14:51 - 16045040 _____ (AVG Technologies) C:\Users\Andrea\Downloads\avg_zist_stb_all_208_23.exe
2014-04-29 14:51 - 2014-04-29 14:51 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg
2014-04-29 08:32 - 2014-04-29 08:32 - 00000000 _____ () C:\windows\setuperr.log
2014-04-29 08:30 - 2012-08-31 05:48 - 00000000 ____D () C:\Users\Andrea\AppData\Local\CrashDumps
2014-04-29 08:30 - 2012-08-25 12:56 - 00000000 ____D () C:\windows\Minidump
2014-04-29 08:30 - 2011-02-23 09:08 - 00000000 ____D () C:\windows\Panther
2014-04-29 08:28 - 2014-04-29 08:28 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-29 08:28 - 2014-04-29 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-29 08:28 - 2014-04-29 08:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-29 08:27 - 2014-04-29 08:27 - 04745984 _____ (Piriform Ltd) C:\Users\Andrea\Downloads\ccsetup413.exe
2014-04-29 08:26 - 2014-04-29 08:26 - 00929416 _____ (CNET Download.com) C:\Users\Andrea\Downloads\cbsidlm-cbsi188-Soluto-SEO-75446583 (1).exe
2014-04-29 08:24 - 2014-04-29 08:24 - 01514048 _____ (Soluto Inc) C:\Users\Andrea\Downloads\solutoinstaller-k56pw02ao39y.exe
2014-04-29 08:24 - 2014-04-29 08:24 - 00000000 ____D () C:\ProgramData\Soluto
2014-04-29 08:22 - 2014-04-29 08:22 - 00929416 _____ (CNET Download.com) C:\Users\Andrea\Downloads\cbsidlm-cbsi188-Soluto-SEO-75446583.exe
2014-04-29 07:30 - 2014-04-29 07:30 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Andrea\Downloads\spybot-2.3.exe
2014-04-28 16:31 - 2014-04-28 16:31 - 00417872 _____ () C:\Users\Andrea\Downloads\DellSystemDetect.exe
2014-04-28 16:16 - 2012-02-22 16:11 - 00002372 _____ () C:\Users\Andrea\Desktop\Google Chrome.lnk
2014-04-28 15:06 - 2013-09-25 16:41 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Screencast-O-Matic
2014-04-28 09:37 - 2013-09-02 20:19 - 00143880 _____ () C:\Users\Andrea\WORK FILES.tsk
2014-04-28 09:14 - 2012-02-22 16:05 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Nero
2014-04-28 09:10 - 2014-04-28 09:10 - 00000000 ____D () C:\Users\Andrea\WORK FILES.tsk.lock
2014-04-28 08:58 - 2013-08-19 09:15 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Task Coach
2014-04-28 08:43 - 2012-01-14 13:10 - 00000000 ____D () C:\ProgramData\Nero
2014-04-28 08:43 - 2012-01-14 13:10 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-04-28 08:42 - 2012-01-14 13:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL
2014-04-28 08:18 - 2012-10-18 11:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-28 08:17 - 2014-01-16 20:45 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Opera Software
2014-04-28 08:17 - 2014-01-16 20:45 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Opera Software
2014-04-28 08:17 - 2014-01-16 20:45 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-28 01:52 - 2014-04-28 01:52 - 00003120 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2014-04-28 01:33 - 2012-06-22 15:17 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Arcsoft
2014-04-28 01:33 - 2012-02-25 17:06 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-04-28 01:33 - 2012-02-22 16:11 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-28 01:33 - 2012-01-14 14:45 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-28 01:32 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\registration
2014-04-27 23:23 - 2014-04-27 23:23 - 03774570 _____ () C:\Users\Andrea\Documents\AutoRuns.arn
2014-04-26 08:35 - 2014-04-26 08:35 - 00478193 _____ () C:\Users\Andrea\Downloads\MayTiger Tales 2013.ppp
2014-04-25 07:30 - 2014-04-25 07:30 - 00036868 _____ () C:\Users\Andrea\Downloads\noname (2).eml
2014-04-25 07:26 - 2014-04-25 07:26 - 00036868 _____ () C:\Users\Andrea\Downloads\noname (1).eml
2014-04-24 15:45 - 2014-03-16 14:15 - 00000000 ____D () C:\Users\Andrea\Documents\Baby Shower
2014-04-24 15:27 - 2013-01-24 11:48 - 00000000 ____D () C:\Users\Andrea\Documents\9999_POTENTIAL CLIENTS
2014-04-23 11:01 - 2013-02-11 13:18 - 00000000 ____D () C:\Users\Andrea\Documents\39_TOMASES & COMPANY
2014-04-22 14:27 - 2014-04-02 08:51 - 00000000 ____D () C:\Users\Andrea\Documents\53_JOHN POLIS
2014-04-21 21:38 - 2014-04-21 21:35 - 30841344 _____ () C:\Users\Andrea\Downloads\Fall_Slideshow_2010_0.ppt
2014-04-21 15:32 - 2013-04-17 18:55 - 00000000 ____D () C:\Users\Andrea\Documents\42_SELL SELL SELL
2014-04-21 15:30 - 2014-04-21 15:19 - 00001121 _____ () C:\Users\Andrea\Downloads\HistoryDownload.csv
2014-04-21 14:05 - 2014-04-21 14:05 - 00016897 _____ () C:\Users\Andrea\Downloads\Biosentronics Returns 4-21-2014.xlsx
2014-04-21 11:51 - 2012-02-22 22:40 - 00000000 ____D () C:\Users\Andrea\Documents\Personal Items 2011
2014-04-18 09:07 - 2014-04-18 09:07 - 00034816 _____ () C:\Users\Andrea\Downloads\How to Get Free Traffic From Google - Registration Report.xls
2014-04-16 16:12 - 2012-12-28 20:31 - 00002475 _____ () C:\Users\Andrea\AppData\Roaming\SAS7_000.DAT
2014-04-16 13:22 - 2014-04-16 13:22 - 00045559 _____ () C:\Users\Andrea\Downloads\Biosentronics Returns 16APR2014_revised action.xlsx
2014-04-16 07:38 - 2012-02-22 22:06 - 00000000 ____D () C:\Users\Andrea\Documents\99_PRIOR CLIENTS
2014-04-15 08:49 - 2014-04-15 08:49 - 00000231 _____ () C:\Users\Andrea\Downloads\Introduction-To-Google-Analytics-Webinar-12.6.13-PART-1.mp4
2014-04-15 08:49 - 2013-01-22 21:03 - 00000000 ____D () C:\Users\Andrea\Documents\36_MAIN STREET ROI
2014-04-11 15:08 - 2012-06-22 15:09 - 00000402 _____ () C:\windows\Tasks\EasyShare Registration Task.job
2014-04-09 21:41 - 2014-03-30 07:10 - 00012810 _____ () C:\Users\Andrea\Documents\GOW power.xlsx
2014-04-07 09:05 - 2012-12-08 06:50 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-04-07 09:02 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
Files to move or delete:
====================
C:\Users\Andrea\AppData\Roaming\CamLayout.ini
C:\Users\Andrea\AppData\Roaming\CamShapes.ini
Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp7pizu.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-30 17:51
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Andrea at 2014-05-06 14:28:29
Running from C:\Users\Andrea\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Absolute Notifier (HKLM-x32\...\{EBE939ED-4612-45FD-A39E-77AC199C4273}) (Version: 1.4.3.10 - Absolute Software)
Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft)
AVI To MP4 Converter 1.0 (HKLM-x32\...\AVI To MP4 Converter_is1) (Version: - A Software Plus)
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
BCL easyConverter Desktop 3 (Word Version) (HKLM-x32\...\{8C5845B5-729F-40E3-A945-4454E67F65F4}) (Version: 3.0.18 - BCL Technologies)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brainville (x32 Version: 2.2.0.110 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CCScore (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
Crystal Reports 2008 Runtime SP1 (HKLM-x32\...\{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}) (Version: 12.1.0.882 - Business Objects)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.67 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.67 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Email Extractor (HKLM-x32\...\Email Extractor) (Version: 5.0 - WebPro Software)
Email Extractor (x32 Version: 5.0 - WebPro Solutions) Hidden
Escape Whisper Valley (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESSBrwr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSCDBK (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESScore (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSgui (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
ESSini (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPCD (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
ESSPDock (x32 Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden
ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden
essvatgt (x32 Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden
Express Dictate (HKLM-x32\...\Express) (Version: 5.72 - NCH Software)
Express Scribe (HKLM-x32\...\Scribe) (Version: 5.63 - NCH Software)
Express Zip File Compression Software (HKLM-x32\...\ExpressZip) (Version: - NCH Software)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FreeScreenSharing (HKCU\...\FreeScreenSharing) (Version: 0.56.21.0 - Free Conferencing Corporation)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM-x32\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Talk Plugin (HKLM-x32\...\{8E29C1CE-346A-3F59-AE22-8C5B7F230498}) (Version: 5.3.1.18536 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToMeeting 6.2.0.1350 (HKCU\...\GoToMeeting) (Version: 6.2.0.1350 - CitrixOnline)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6700 Basic Device Software (HKLM\...\{C0CA6788-386E-4BE1-B214-629E746A5302}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet 6700 Help (HKLM-x32\...\{50DA41E2-0701-43E2-A8BB-FAA0CB64B28B}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Product Detection (HKLM-x32\...\{A34CC51D-C2FF-4E0E-9F27-28B0249A15DD}) (Version: 11.15.0007 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company)
KODAK Share Button App (HKLM-x32\...\{C3F0CF4C-0A8C-42F1-A585-2EF7886D6039}) (Version: 4.03.0000.0000 - Eastman Kodak Company)
liteCam HD Evaluation (HKLM-x32\...\{18F68A39-B013-447B-B28B-9F678A2241EF}) (Version: 4.53.0000 - RSUPPORT)
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
netbrdg (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
OfotoXMI (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden
PamFax (HKLM-x32\...\{6432B21C-CA95-46CA-87D4-178CC2E58F84}_is1) (Version: 3.4.6.11 - Scendix Software GmbH)
PamFax Office Integration (x32 Version: 1.0.2 - Scendix Software GmbH) Hidden
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
Peachtree Accounting 2012 (x32 Version: 19.00.01 - Sage Software, Inc.) Hidden
Peachtree Signature Ready Forms (x32 Version: 12.1.10 - Sage Software SB, Inc.) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.net)
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: - NCH Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayOn (HKLM-x32\...\{69144213-E603-459D-B6B6-C27A87E61D6F}) (Version: 3.8.12 - MediaMall Technologies, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: - NCH Software)
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
RecordPad Sound Recorder (HKLM-x32\...\Recordpad) (Version: 4.32 - NCH Software)
Roxio CinePlayer Decoder Pack (x32 Version: 4.3.0 - Roxio) Hidden
Roxio Easy VHS to DVD 3 (HKLM-x32\...\{01EA1B5D-04A2-45BD-83BD-488D6EB7B942}) (Version: 3.0 - Roxio)
Roxio Easy VHS to DVD 3 (x32 Version: 3.0.137 - Roxio) Hidden
Roxio Express Labeler (x32 Version: 3.2.1 - Roxio) Hidden
ROXIOVHS3X64 (x32 Version: 1.02.0000 - ROXIO) Hidden
RSCC (HKLM-x32\...\{562CBD30-CA59-4640-862C-99C0ECED4B4C}) (Version: 2.00.0000 - RSUPPORT)
Runaway with the Circus (x32 Version: 2.2.0.110 - WildTangent) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Screencast-O-Matic (HKCU\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)
SFR (x32 Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden
SHASTA (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.1.0.0 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.1.0 - Shutterfly, Inc.) Hidden
skin0001 (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
SKINXSDK (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.8.4.124.ga3559d86 - Spotify AB)
staticcr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
Task Coach 1.3.31 (HKLM-x32\...\Task Coach_is1) (Version: - Frank Niessink, Jerome Laheurte, and Aaron Wolf)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Total Recorder 8.3 Professional Edition (HKLM-x32\...\TotalRecorder) (Version: - )
TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.6.2 - Tweaking.com)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: - NCH Software)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VPRINTOL (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: - NCH Software)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.10.15 - WildTangent) Hidden
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (HKLM\...\3D970B9F930E7AAE23C06D39A1AC98548C90B442) (Version: 01/29/2010 1.4.1.0 - Eastman Kodak)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WIRELESS (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Wondershare PDF Editor(Build 3.0.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.0.0.18 - Wondershare Software Co.,Ltd.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Restore Points =========================
01-05-2014 10:41:37 Scheduled Checkpoint
03-05-2014 12:27:40 ComboFix created restore point
05-05-2014 22:08:58 Windows Update
==================== Hosts content: ==========================
2009-07-13 22:34 - 2014-05-03 08:52 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {258C8873-9E65-498A-9FF7-4992972E8F6F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {27B92FCB-4C16-4280-99D0-E85B897272CD} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {2EE1D1DE-CE72-466E-8B4C-FE108CFFB159} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-16] (Google Inc.)
Task: {49FE33C1-5B57-4119-A46E-67E02B95699D} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {4C2CF09B-2471-4CCE-870F-7329A37BADAB} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.5.0.28\SymErr.exe
Task: {55CCC968-67FA-463D-8D8D-E5B8F90E1A3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA => C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {568C2B6A-37AB-4D14-9E2A-35EE2DA7C880} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-16] (Google Inc.)
Task: {6FB14312-A922-4BAF-9309-EA3E2435AA70} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {73ED6864-532C-493C-8C5A-29C2985FAA67} - System32\Tasks\G2MUpdateTask-S-1-5-21-967247175-893293011-2753274408-1000 => C:\Users\Andrea\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe [2014-03-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {7C25E995-3C1D-4AC9-A86A-F2FA4E692DAF} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.5.0.28\SymErr.exe
Task: {9445A2D5-D160-452A-A0BE-7F6FF6F7C986} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-22] (Google Inc.)
Task: {ADCE37CB-21F1-4D33-9350-5698FDAACBAF} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core => C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {B1405C1A-9BFC-49A4-BC8B-D98162CEDEC1} - System32\Tasks\NCH Software\ExpressZipReminder => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe [2012-06-02] (NCH Software)
Task: {B1FAAC0B-F02C-42A1-AB36-5B6210200905} - System32\Tasks\NCH Software\WavePadDowngrade => C:\Program Files (x86)\NCH Software\WavePad\wavepad.exe [2012-09-28] (NCH Software)
Task: {B2206F79-3F7B-4A50-ACE9-E79A62C962B1} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {C4036015-9FBA-4297-983D-3A6A1BDD0A92} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {CC222725-CCB0-47C3-8AD2-FE94146FC633} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)
Task: {D678C295-BD16-4B99-873A-B1EF9D4A5985} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-22] (Google Inc.)
Task: {D8CB93A3-C75E-4319-9D46-9205BC276F5B} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.5.0.28\WSCStub.exe
Task: {E2E0A62B-823E-4589-A71B-28E6C1C8DD9A} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {EE49C3A6-9512-4513-8778-3C5947944FB6} - System32\Tasks\EasyShare Registration Task => Rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.30.1.sxt _RegistrationOffer@16
Task: {FE97909C-6D89-4599-81A6-9C2D1BEE41FE} - System32\Tasks\{10EF5062-FADE-4238-95E4-4EA61663B88F}-Kodak Share Button App Camera detect => C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe [2012-06-26] (Eastman Kodak Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\EasyShare Registration Task.job => %ÅË¡™jXO²õ>c¬ÇåáFa<
sÀ €!Þ!C:\windows\system32\rundll32.exeZC:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.30.1.sxt _RegistrationOffer@16Andrea0Ü
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core.job => C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA.job => C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-967247175-893293011-2753274408-1000.job => C:\Users\Andrea\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000Core.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-967247175-893293011-2753274408-1000UA.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-01-14 14:29 - 2011-04-10 14:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-15 19:46 - 2011-09-15 19:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-01-14 13:30 - 2011-08-18 12:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-05-06 13:54 - 2014-05-06 13:54 - 00041984 _____ () c:\users\andrea\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp7pizu.dll
2013-10-18 19:55 - 2013-10-18 19:55 - 25100288 _____ () C:\Users\Andrea\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-17 04:42 - 2013-12-17 04:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll
2012-12-08 13:42 - 2012-08-01 01:03 - 00017408 _____ () C:\Program Files (x86)\MediaMall\plugins\ParseUtilities.dll
2014-03-10 17:12 - 2014-03-10 17:12 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2012-01-14 12:57 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-04-28 15:40 - 2014-04-23 20:33 - 00065352 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-28 15:41 - 2014-04-23 20:33 - 00674632 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-28 15:41 - 2014-04-23 20:33 - 00093000 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-28 15:41 - 2014-04-23 20:33 - 01647432 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-28 15:44 - 2014-04-23 20:33 - 13692232 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2014-04-28 15:43 - 2014-04-23 20:33 - 04081480 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-28 15:44 - 2014-04-23 20:33 - 00390472 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\ProgramData\Temp:264B2CC4
AlternateDataStreams: C:\ProgramData\Temp:6BEB9EAA
AlternateDataStreams: C:\ProgramData\Temp:F5BECBD8
AlternateDataStreams: C:\Users\Andrea\Downloads\noname (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Andrea\Downloads\noname (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\Andrea\Downloads\noname.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DragonSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: B2C_AGENT => C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Andrea\AppData\Local\Apps\2.0\65J8EJRG.8KT\0ENBOXNG.74J\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: googletalk => C:\Users\Andrea\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KGShareApp => C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe
MSCONFIG\startupreg: Sage Exchange => "C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sage Payment Solutions\Sage Exchange.appref-ms"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Andrea\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Andrea\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2014 01:53:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0xeb0
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Error: (05/06/2014 01:52:56 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamscheduler.exe, version: 2.0.23.0, time stamp: 0x52f2947e
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xc28
Faulting application start time: 0xmbamscheduler.exe0
Faulting application path: mbamscheduler.exe1
Faulting module path: mbamscheduler.exe2
Report Id: mbamscheduler.exe3
Error: (05/05/2014 05:05:55 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/05/2014 05:05:29 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/05/2014 03:55:49 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3011)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (05/05/2014 03:55:49 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3012)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (05/05/2014 01:17:06 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0x868
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Error: (05/05/2014 01:16:47 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamscheduler.exe, version: 2.0.23.0, time stamp: 0x52f2947e
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x6f4
Faulting application start time: 0xmbamscheduler.exe0
Faulting application path: mbamscheduler.exe1
Faulting module path: mbamscheduler.exe2
Report Id: mbamscheduler.exe3
Error: (05/05/2014 00:25:30 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Faulting module name: mbamservice.exe, version: 2.1.9.0, time stamp: 0x530619b7
Exception code: 0x40000015
Fault offset: 0x0007d28a
Faulting process id: 0xd08
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report Id: mbamservice.exe3
Error: (05/05/2014 00:24:56 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: mbamscheduler.exe, version: 2.0.23.0, time stamp: 0x52f2947e
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x6e8
Faulting application start time: 0xmbamscheduler.exe0
Faulting application path: mbamscheduler.exe1
Faulting module path: mbamscheduler.exe2
Report Id: mbamscheduler.exe3
System errors:
=============
Error: (05/06/2014 02:01:58 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The Intel® Management and Security Application User Notification Service service failed to start due to the following error:
%%1053
Error: (05/06/2014 02:01:58 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel® Management and Security Application User Notification Service service to connect.
Error: (05/06/2014 02:01:23 PM) (Source: Service Control Manager) (User: ) (EventID: 7022)
Description: The Windows Update service hung on starting.
Error: (05/06/2014 01:57:48 PM) (Source: Service Control Manager) (User: ) (EventID: 7022)
Description: The Dell DataSafe Online service hung on starting.
Error: (05/06/2014 01:53:17 PM) (Source: Service Control Manager) (User: ) (EventID: 7034)
Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s).
Error: (05/06/2014 01:52:57 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: The MBAMScheduler service failed to start due to the following error:
%%1053
Error: (05/06/2014 01:52:57 PM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
Error: (05/06/2014 01:51:31 PM) (Source: EventLog) (User: ) (EventID: 6008)
Description: The previous system shutdown at 1:49:43 PM on 5/6/2014 was unexpected.
Error: (05/06/2014 01:45:53 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NOBU service.
Error: (05/06/2014 01:45:13 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioEndpointBuilder service.
Microsoft Office Sessions:
=========================
Error: (05/06/2014 01:53:13 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28aeb001cf695403879d1eC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe4aa4ee6b-d547-11e3-9f21-4c80938a6b8b
Error: (05/06/2014 01:52:56 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc2801cf6953f1495144C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll408fe90b-d547-11e3-9f21-4c80938a6b8b
Error: (05/05/2014 05:05:55 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
Error: (05/05/2014 05:05:29 PM) (Source: SideBySide) (User: ) (EventID: 80)
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dragon_support_packager.exe
Error: (05/05/2014 03:55:49 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3011)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (05/05/2014 03:55:49 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY) (EventID: 3012)
Description: Performance1637070000000000000000000009030000
Error: (05/05/2014 01:17:06 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28a86801cf6885cda47a2dC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe149b03bf-d479-11e3-8aef-4c80938a6b8b
Error: (05/05/2014 01:16:47 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6f401cf6885c14432a0C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll09775336-d479-11e3-8aef-4c80938a6b8b
Error: (05/05/2014 00:25:30 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamservice.exe2.1.9.0530619b7mbamservice.exe2.1.9.0530619b7400000150007d28ad0801cf687e92a25403C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exedf7ff9cb-d471-11e3-be22-4c80938a6b8b
Error: (05/05/2014 00:24:56 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: mbamscheduler.exe2.0.23.052f2947eMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6e801cf687e8054f4c7C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllcb3b2f8e-d471-11e3-be22-4c80938a6b8b
CodeIntegrity Errors:
===================================
Date: 2014-05-03 08:52:04.483
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-05-03 08:52:04.443
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 6050.05 MB
Available physical RAM: 3621.92 MB
Total Pagefile: 12098.29 MB
Available Pagefile: 9448.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:683.89 GB) (Free:345.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 2FAC01C7)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=684 GB) - (Type=07 NTFS)
==================== End Of Log ============================