Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus causing frequent internet disconnect

internet disconnect virus

  • Please log in to reply

#1
lexi2007

lexi2007

    Member

  • Member
  • PipPip
  • 15 posts
Numerous times a day, I loose my internet connection.  Sometimes it will reconnect itself and sometimes I have to do it manually by opening my internet access then disconnecting and reconnecting my internet.  Please help!
 
OTL logfile created on: 1/4/2015 4:16:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tricia\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
5.91 Gb Total Physical Memory | 3.26 Gb Available Physical Memory | 55.15% Memory free
11.91 Gb Paging File | 8.67 Gb Available in Paging File | 72.85% Paging File free
Paging file location(s): C:\pagefile.sys 6142 6142F:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.42 Gb Total Space | 511.93 Gb Free Space | 88.05% Space Free | Partition Type: NTFS
Drive F: | 952.19 Mb Total Space | 542.70 Mb Free Space | 57.00% Space Free | Partition Type: FAT
 
Computer Name: TRICIA-PC | User Name: Tricia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/04 16:15:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tricia\Downloads\OTL.exe
PRC - [2014/10/08 07:49:36 | 000,042,848 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coNatHst.exe
PRC - [2014/09/21 05:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
PRC - [2014/09/04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/08/13 11:21:08 | 003,596,752 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2014/08/13 11:19:52 | 000,137,352 | ---- | M] (Check Point Software Technologies Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2014/08/13 10:16:12 | 000,096,272 | ---- | M] (Check Point Software Technologies, Ltd.) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
PRC - [2014/05/19 15:05:10 | 003,414,560 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
PRC - [2014/05/19 15:05:10 | 001,436,192 | R--- | M] (Fitbit, Inc.) -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
PRC - [2013/11/06 13:19:10 | 000,026,976 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\MaxiDisk\mdmonitor.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
PRC - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/09/06 12:29:20 | 004,259,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/05/19 01:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/05/19 01:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/11/20 22:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2010/11/20 22:24:03 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cmd.exe
PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2009/09/11 13:06:30 | 000,563,024 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/05 20:50:51 | 014,913,352 | ---- | M] () -- C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
MOD - [2014/12/05 20:50:50 | 009,009,480 | ---- | M] () -- C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.95\pdf.dll
MOD - [2014/12/05 20:50:46 | 001,077,064 | ---- | M] () -- C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
MOD - [2014/12/05 20:50:45 | 000,211,272 | ---- | M] () -- C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.95\libegl.dll
MOD - [2014/12/05 20:50:44 | 001,677,128 | ---- | M] () -- C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
MOD - [2014/10/17 02:56:30 | 002,297,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\e3641fa3359f37ad12c84183ce765093\System.Core.ni.dll
MOD - [2014/10/17 02:50:48 | 000,368,128 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014/10/17 02:50:23 | 014,340,096 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014/10/17 02:50:13 | 012,435,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014/10/17 02:50:07 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014/10/17 02:50:03 | 005,467,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49908aa93a23c84847b1f8b1b667860\System.Xml.ni.dll
MOD - [2014/10/17 02:50:00 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\237d509a79aeef6e4635b09450d98f2a\System.Configuration.ni.dll
MOD - [2014/10/17 02:49:59 | 012,236,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014/10/17 02:49:50 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014/10/17 02:49:47 | 007,991,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014/09/11 07:48:09 | 011,497,984 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2012/02/01 11:50:58 | 000,968,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
MOD - [2012/02/01 11:44:34 | 008,151,040 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
MOD - [2012/02/01 11:44:34 | 002,278,400 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/11/21 21:35:29 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/11/12 00:06:52 | 002,449,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/01/15 19:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/05/27 00:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/08/08 07:39:18 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/07/27 21:04:48 | 001,517,328 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/07/27 20:48:34 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/07/27 20:44:18 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/06/03 12:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/01/25 04:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/11/29 15:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/03/03 05:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2006/10/11 17:36:58 | 000,561,152 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlcxcoms.exe -- (dlcx_device)
SRV - [2014/12/09 21:24:41 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/09/21 05:17:47 | 000,265,040 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe -- (N360)
SRV - [2014/09/04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/13 11:21:08 | 003,596,752 | ---- | M] (Check Point Software Technologies Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2014/08/13 10:16:12 | 000,096,272 | ---- | M] (Check Point Software Technologies, Ltd.) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe -- (ZAPrivacyService)
SRV - [2014/05/19 15:05:10 | 001,436,192 | R--- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe -- (Fitbit Connect)
SRV - [2014/04/09 07:23:02 | 004,357,488 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2014/03/20 17:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/02/13 17:58:00 | 000,176,624 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- C:\Program Files (x86)\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/11/25 15:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/10/10 05:26:14 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL)
SRV - [2011/05/19 01:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 01:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 01:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/25 05:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)
SRV - [2010/11/25 05:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)
SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/09/11 13:06:30 | 000,563,024 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2006/10/11 16:48:50 | 000,532,480 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\dlcxcoms.exe -- (dlcx_device)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/25 21:20:22 | 000,876,248 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2014/08/25 21:20:22 | 000,037,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2014/08/13 10:16:02 | 000,450,456 | ---- | M] (Check Point Software Technologies Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2014/08/06 14:48:16 | 000,266,968 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ironx64.sys -- (SymIRON)
DRV:64bit: - [2014/06/11 10:09:28 | 000,490,592 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2014/06/11 10:09:26 | 007,717,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2014/05/04 08:44:06 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2014/03/03 23:18:12 | 001,148,120 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symefa64.sys -- (SymEFA)
DRV:64bit: - [2014/02/24 21:44:39 | 000,162,392 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\ccsetx64.sys -- (ccSet_N360)
DRV:64bit: - [2014/02/17 20:32:41 | 000,593,112 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/10/30 02:26:19 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1506000.020\symds64.sys -- (SymDS)
DRV:64bit: - [2013/10/01 21:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/23 09:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 09:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/26 17:37:24 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2012/01/26 17:37:24 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/08/08 18:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST)
DRV:64bit: - [2011/08/08 07:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/08/08 07:32:08 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/08/03 17:28:32 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/08/02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/19 18:54:06 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/07/19 15:13:42 | 000,282,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/06/10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 01:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/19 01:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/05/13 03:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/04/10 14:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/25 04:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/20 11:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/12/10 16:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 16:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/29 15:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/06 18:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/29 19:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 22:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 04:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/01 12:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/12/11 10:14:49 | 000,487,216 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2014/12/11 10:14:49 | 000,142,640 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2014/11/17 21:54:10 | 000,637,656 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20150102.001\IDSviA64.sys -- (IDSVia64)
DRV - [2014/10/03 14:19:31 | 001,587,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20141209.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2014/08/21 11:49:37 | 002,137,304 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20150104.002\ex64.sys -- (NAVEX15)
DRV - [2014/08/21 11:49:35 | 000,129,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20150104.002\eng64.sys -- (NAVENG)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mail.aol.com/34290-211/aol- [Binary data over 200 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
IE - HKCU\..\SearchScopes,DefaultScope = {E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{C145F714-3DF5-4BF6-99FE-2D2E74328B22}: "URL" = http://search.yahoo....p={SearchTerms}
IE - HKCU\..\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}: "URL" = http://start.mysearc...r=445772619&ir=
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49251;https=127.0.0.1:49251
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.aol.co...rud=04-04-2013"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....rd&sg=0&sap=hp"
FF - prefs.js..extensions.enabledAddons: amznUWL2%40amazon.com:1.10
FF - prefs.js..extensions.enabledAddons: %7B7affbfae-c4e2-4915-8c0f-00fa3ec610a1%7D:5.74.1.9393
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@plugin.couponnetwork.com/Coupon Print Activator;version=4.5: C:\Users\Tricia\AppData\Roaming\E-centives\NPcolPM460.dll (Invenda)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Tricia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Tricia\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014/05/04 08:45:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn\ [2015/01/04 15:34:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/25 14:25:21 | 000,000,000 | ---D | M]
 
[2012/05/03 13:23:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tricia\AppData\Roaming\Mozilla\Extensions
[2014/03/24 10:47:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\extensions
[2013/04/04 11:39:12 | 000,000,000 | ---D | M] ("AOL Toolbar") -- C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2012/09/19 18:16:32 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\extensions\[email protected]
[2013/12/07 09:45:47 | 000,003,745 | ---- | M] () -- C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\searchplugins\safeguard-secure-search.xml
[2014/04/11 08:50:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/11/07 13:05:54 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig\1_0\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcgnponjdnblbkfmldmpjbdmlimnllmc\1.0_1\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba\1.1.1_0\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif\1.0.5_0\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn\4.0_0\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek\1.0_1\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.10.15_0\
CHR - Extension: No name found = C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
 
O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - Reg Error: Value error. File not found
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - Reg Error: Value error. File not found
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {06C7AD57-B655-418D-9AB8-9526A6D2E052} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AccuWeatherWidget] C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe ()
O4 - HKLM..\Run: [Fitbit Connect] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe (Fitbit, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: MasterCook: Select Image - C:\Program Files (x86)\MasterCook 9\Web\MCIEContext.hta ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: MasterCook: Select Image - C:\Program Files (x86)\MasterCook 9\Web\MCIEContext.hta ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Add to Wish List - {76c5fb99-dd0a-4186-9e75-65d1bf3da283} - C:\Program Files (x86)\Amazon\Add to Wish List IE Extension\run.htm ()
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Reg Error: Key error.)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {76CBDDBA-3897-4EAC-A1D3-CCC47DE82EFB} https://aicsc-ccas01.../auth/taweb.cab (Cisco NAC Web Agent Control)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6251A369-5199-48B3-BB63-299E51DEB22A}: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8135EA46-9458-4764-B1D0-F0E6703E3E39}: NameServer = 0.0.0.0
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/12/26 18:58:41 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/12/26 18:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/12/26 18:58:13 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014/12/26 18:58:13 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014/12/26 18:58:13 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014/12/26 18:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/12/26 18:58:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/12/20 10:05:34 | 000,000,000 | ---D | C] -- C:\Users\Tricia\Documents\Custom Office Templates
[2014/12/18 09:48:34 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/12/18 09:48:34 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/12/11 03:38:19 | 000,000,000 | ---D | C] -- C:\windows\SysNative\appraiser
[2014/12/11 03:03:28 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mf.dll
[2014/12/11 03:03:28 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfps.dll
[2014/12/11 03:03:28 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfps.dll
[2014/12/11 03:03:28 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rrinstaller.exe
[2014/12/11 03:03:28 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rrinstaller.exe
[2014/12/11 03:03:28 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfpmp.exe
[2014/12/11 03:03:28 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfpmp.exe
[2014/12/11 03:03:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mferror.dll
[2014/12/11 03:03:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mferror.dll
[2014/12/11 03:03:24 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mf.dll
[2014/12/10 11:03:18 | 001,232,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitstatic.exe
[2014/12/10 11:03:18 | 000,830,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2014/12/10 11:03:17 | 001,083,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014/12/10 11:03:17 | 000,741,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2014/12/10 11:03:17 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014/12/10 11:03:17 | 000,396,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2014/12/10 11:03:17 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2014/12/10 11:03:16 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014/12/10 11:03:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2014/12/10 11:03:07 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014/12/10 11:03:07 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014/12/10 11:03:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014/12/10 11:03:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014/12/10 11:03:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014/12/10 11:03:06 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014/12/10 11:03:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014/12/10 11:03:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/12/10 11:03:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014/12/10 11:03:04 | 002,052,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014/12/10 11:03:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014/12/10 11:03:04 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014/12/10 11:03:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014/12/10 11:03:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014/12/10 11:03:03 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014/12/10 11:03:03 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014/12/10 11:03:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014/12/10 11:03:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014/12/10 11:03:03 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014/12/10 11:03:02 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014/12/10 11:03:01 | 002,125,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014/12/10 11:03:00 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014/12/10 11:03:00 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014/12/10 11:03:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014/12/10 11:02:59 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014/12/10 11:02:59 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014/12/10 11:02:58 | 006,039,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014/12/10 11:02:58 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014/12/10 11:02:58 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014/12/10 11:02:58 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014/12/10 11:02:57 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014/12/10 11:02:57 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014/12/10 11:02:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014/12/10 11:01:15 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\charmap.exe
[2014/12/10 11:01:15 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\charmap.exe
[2014/12/10 11:01:14 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManMigrationPlugin.dll
[2014/12/10 11:01:14 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmWmiPl.dll
[2014/12/10 11:01:14 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSManHTTPConfig.exe
[2014/12/10 11:01:14 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManMigrationPlugin.dll
[2014/12/10 11:01:14 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmWmiPl.dll
[2014/12/10 11:01:14 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSManHTTPConfig.exe
[2014/12/10 11:01:14 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WsmAuto.dll
[2014/12/10 11:01:14 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WsmAuto.dll
[2014/12/09 10:55:54 | 007,717,984 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\kl1.sys
[2014/12/09 10:55:48 | 000,490,592 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klif.sys
[2014/12/09 10:55:48 | 000,092,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\drivers\klflt.sys
[2014/12/09 10:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2014/12/09 10:32:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Check Point Software Technologies LTD
[2014/12/09 10:32:01 | 000,000,000 | ---D | C] -- C:\Users\Tricia\AppData\Roaming\Check Point Software Technologies LTD
[2014/12/09 10:31:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2014/12/09 10:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[7 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tricia\Documents\*.tmp files -> C:\Users\Tricia\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/01/04 16:08:00 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job
[2015/01/04 15:57:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/01/04 15:54:03 | 000,000,932 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job
[2015/01/04 15:52:00 | 000,000,296 | ---- | M] () -- C:\windows\tasks\UpdaterEX.job
[2015/01/04 15:47:28 | 000,000,280 | ---- | M] () -- C:\windows\tasks\SpeedUpMyPC Subscription.job
[2015/01/04 15:47:25 | 000,000,274 | ---- | M] () -- C:\windows\tasks\SpeedUpMyPC Startup.job
[2015/01/04 15:47:24 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/01/04 15:47:24 | 000,000,332 | ---- | M] () -- C:\windows\tasks\mdmonitor.job
[2015/01/04 15:39:15 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/04 15:39:15 | 000,028,576 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/04 15:31:09 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/01/04 15:31:00 | 463,871,999 | -HS- | M] () -- C:\hiberfil.sys
[2015/01/04 14:31:05 | 000,000,280 | ---- | M] () -- C:\windows\tasks\SpeedUpMyPC Maintenance.job
[2015/01/04 08:25:59 | 000,000,910 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job
[2015/01/04 08:19:02 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job
[2015/01/02 10:17:19 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/01/02 09:31:38 | 000,001,191 | ---- | M] () -- C:\Users\Tricia\Application Data\Microsoft\Internet Explorer\Quick Launch\SpeedUpMyPC.lnk
[2015/01/02 09:31:38 | 000,001,167 | ---- | M] () -- C:\Users\Public\Desktop\SpeedUpMyPC.lnk
[2015/01/01 17:17:02 | 000,000,454 | -H-- | M] () -- C:\windows\tasks\Norton Security Scan for Tricia.job
[2014/12/26 18:58:17 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebyte.lnk
[2014/12/13 00:09:01 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014/12/12 22:33:44 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014/12/09 21:26:28 | 000,002,374 | ---- | M] () -- C:\Users\Tricia\Desktop\Google Chrome.lnk
[2014/12/09 21:24:33 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/12/09 21:24:33 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/09 10:56:22 | 000,431,395 | ---- | M] () -- C:\windows\SysNative\drivers\vsconfig.xml
[2014/12/09 10:55:12 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[7 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
[1 C:\Users\Tricia\Documents\*.tmp files -> C:\Users\Tricia\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/02 09:31:43 | 000,000,280 | ---- | C] () -- C:\windows\tasks\SpeedUpMyPC Subscription.job
[2015/01/02 09:31:43 | 000,000,280 | ---- | C] () -- C:\windows\tasks\SpeedUpMyPC Maintenance.job
[2015/01/02 09:31:41 | 000,000,274 | ---- | C] () -- C:\windows\tasks\SpeedUpMyPC Startup.job
[2014/12/26 18:58:17 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebyte.lnk
[2014/12/09 10:56:00 | 000,431,395 | ---- | C] () -- C:\windows\SysNative\drivers\vsconfig.xml
[2014/12/09 10:55:12 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2014/04/11 08:39:26 | 000,000,077 | ---- | C] () -- C:\Users\Tricia\AppData\Roaming\WB.CFG
[2014/03/24 10:48:48 | 000,000,000 | ---- | C] () -- C:\Users\Tricia\AppData\Roaming\PDFConverterApp
[2013/01/06 16:10:35 | 000,000,000 | ---- | C] () -- C:\Users\Tricia\AppData\Local\rx_image32.Cache
[2012/08/06 11:14:29 | 000,000,104 | ---- | C] () -- C:\Users\Tricia\Control Panel - Shortcut.lnk
[2011/11/08 23:26:20 | 000,000,000 | ---- | C] () -- C:\Users\Tricia\AppData\Roaming\.NANotifyHere
[2011/11/06 11:23:53 | 000,004,608 | ---- | C] () -- C:\Users\Tricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 21:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 20:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 367 bytes -> C:\ProgramData\Temp:222C3312
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:D1B5B4F1
 
< End of report >
 

  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


Next

Please download

AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    Next

    Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

    Checkmark following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Restore Points
  • Click Go and post the result.

    In your next reply post;
  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log.
  • Minitoolbox log report
    Thanks
    Joe :)

  • 0

#3
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Adwcleaner Log: # AdwCleaner v4.106 - Report created 05/01/2015 at 09:12:38

# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tricia - TRICIA-PC
# Running from : C:\Users\Tricia\Downloads\adwcleaner_4.106.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : qknfd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\iBryte
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files (x86)\Check Point Software Technologies LTD
Folder Deleted : C:\windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Tricia\AppData\Local\Conduit
Folder Deleted : C:\Users\Tricia\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Tricia\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Tricia\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Tricia\AppData\LocalLow\iBryte
Folder Deleted : C:\Users\Tricia\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Tricia\AppData\Roaming\DSite
Folder Deleted : C:\Users\Tricia\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Tricia\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Tricia\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Tricia\AppData\Roaming\Check Point Software Technologies LTD
Folder Deleted : C:\Users\Tricia\Documents\Optimizer Pro
Folder Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\speedupmypc.lnk
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Tricia\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk
File Deleted : C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\user.js
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_service.pricegong.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.ak.facebook.com_0.localstorage-journal
File Deleted : C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : DSite
Task Deleted : LaunchApp
Task Deleted : RocketTab Update Task
Task Deleted : RocketTab
Task Deleted : SpeedUpMyPC Maintenance
Task Deleted : SpeedUpMyPC Startup
Task Deleted : UpdaterEX
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKCU\Software\5c55da8cbc3ab845
Key Deleted : HKLM\SOFTWARE\5c55da8cbc3ab845
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B69509B5-4A90-4433-A2DE-BE439F6581F2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30CEEEA2-3742-40e4-85DD-812BF1CBB83D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0E1FE4D8-70CE-417E-8FF4-C2B17FF3DD07}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{13B8FF9D-DEB0-4070-B846-D049218307B3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1E877590-30B7-400E-A835-B942489EB7BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E163AE6E-254C-5FF4-BE33-4CBD31D63F5C}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NST
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Mozilla Firefox v
 
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("CT2612669.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.aol.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"AOL.com%20-%20News%2C%20Sports%2C%20Weather%2C%20Entertainment%2C%20Local[...]
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("CT2612669_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1364091486130,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("FirstSearch.aol_toolbar.search.hasDoneFirst", 187);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.1349102520435_1357777523166.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.1349102635246_1357777514701.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.1349103579339_1350390403958.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.amazon_1347082261486.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.aol_custom_button_1347082263516.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.aol_custom_button_1347082266414.view", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.aol_mail_5496.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.facebook_40839.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.facebook_41300.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.mapquest_41322.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.netflix_40927.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.button.yahoo_mail_41366.click", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.buttons.defaultview", 1);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.buttons.layout", "1349102520435_1357777523166;1349102635246_1357777514701;1349103579339_1350390403958;aol_custom_button_1347082266414;aol_custom_button_1347082263516;amazon_1347[...]
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.cookie.homepage", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.cookie.search", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.curtain.congrats", "curtain");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.url", "hxxp://www.aol.com/?mtmhp=hyplogusaolp00000003");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.label", "AOL Search");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.url", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=20120503182334998&tb_oid=03-05-2012&tb_mrud=04-04-2013");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.firsttime.showwindow", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.guid", "{C0191628-8C91-3D58-8EC1-91BD5ABCCC1C}");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.homepageprotection.enabled", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.distroid", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.homepage", "hxxp://www.aol.com/?mtmhp={mtmhp}");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.homepage.label", "AOL.com");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.lastTbVersion", "5.74.1.9393");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.lid", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.mtmhp", "hyplogusaolp00000003");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.install.ncid", "bannadusdown00000038");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampdate", "25");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampmonth", "3");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.activestampyear", "2013");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.log", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalDate", "3");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalHours", "18");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalMinutes", "23");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalMonth", "5");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalSeconds", "34");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.metrics.originalYear", "2012");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.relatednews.active", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.relatednews.enabled", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote..xml", "1366917685457");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.publish.xml", "1366856833490");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.remote.rtw.js", "1352795677502");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.reset.flag", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.reset.style", "B");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.daily.num", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.daily.timestamp", "Thu Apr 25 2013 15:21:28 GMT-0400 (Eastern Daylight Time)");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.resetprompt.display.limit", "8");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.rtw.active", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.rtw.enabled", "1");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.button", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.cid", "04-04-2013");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.focusnewtab", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.instd", "20120503182334998");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.newtab", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.oid", "03-05-2012");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.placement", "right");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.populateoncomplete", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.savehistory", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.searchtype", "web");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.search.source", "customfirefoxright-ff");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.searchengine.label", "AOL Search");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.searchprotection.enabled", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.skin.custom", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.skins.enabled", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.date", "12");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.enabled", "0");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastDate", "25");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "3");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2013");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.month", "4543");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "5572");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.show", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.total", "60891");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.week", "508");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.surf.year", "26415");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.ticker.active", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.ticker.enabled", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.toolbar.name", "AOL Toolbar");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.upgrade.showwindow", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.degc", "27");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.degf", "81");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.image", "chrome://aoltoolbar/skin/weather/30.png");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.locationid", "USSC0051");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.metric", true);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.tooltip", "Charleston , SC : Partly Cloudy");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.update", "1366917685473");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.weather.zipcode", "29412");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.winamp.volume", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.xxx", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.aol.com/search/search?q={searchTerms}&s_it=customfirefoxright-ff&s_qt=sb&tb_uuid=20120503182334998&tb_oid=03-05-2012&tb_mrud=04-04-2013");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.admin", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.aflt", "babsst");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.dfltLng", "en");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.excTlbr", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.id", "7c4e86d4000000000000ac7289d0d712");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlDay", "15801");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.instlRef", "sst");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.newTab", false);
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prdct", "delta");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.rvrt", "false");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.smplGrp", "none");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrId", "base");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsn", "1.8.10.0");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.10.020:37:53");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("extensions.delta.vrsni", "1.8.10.0");
[ezb92kyp.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "OVCZCGIOC6LLXIH+XQOAUE0DEF3QTB12PFXZ513VBVMUQDEMAWCPJXDF+1LDLEBIOFWQ3TDCYVMSOXEH9WTUPW");
 
-\\ Google Chrome v
 
 
*************************
 
AdwCleaner[R0].txt - [25396 octets] - [05/01/2015 09:08:00]
AdwCleaner[S0].txt - [26205 octets] - [05/01/2015 09:12:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26266 octets] ##########
 
JRT Log:  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tricia on Mon 01/05/2015 at 12:47:27.30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] couponprinterservice 
Successfully deleted: [Service] couponprinterservice 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{912C156F-05CF-4B62-851A-96E167A677B0}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Tricia\appdata\local\google\chrome\user data\default\local storage\http_service.pricegong.com_0.localstorage"
Successfully deleted: [File] "C:\windows\couponprinter.ocx"
Successfully deleted: [File] C:\windows\prefetch\SPEEDUPMYPC.EXE-B3192A3C.pf
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\Tricia\AppData\Roaming\pcdr"
Successfully deleted: [Folder] "C:\Users\Tricia\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{0540171E-564B-4168-BC42-E7F46B848D6A}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{0ECCD31D-D546-4616-A4E8-3B19C89CC5F7}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{1870B194-EE1F-41E7-A7C8-4C09AF79559F}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{1C45D23B-D605-4287-897A-31B7D671010F}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{2F30F2BE-8E1C-4CB1-A18E-5D9D2B3F4D83}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{341F6732-452C-41FB-A87B-B13DABFC8564}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{5BAF6EC8-2D5D-44EE-ADDE-935BDC4CC1BA}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{6505C49C-2222-42C4-B35A-80591AF4482F}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{6C023C19-ED2B-4016-99E0-79D5D283BB33}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{7130456A-076A-4414-B09B-F2DA578326F4}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{741099E1-5552-4CC0-B948-B5166E310900}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{74EF22D7-0F71-47A3-9FEE-C50AB22AC07B}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{83052171-CA65-4FB9-8276-44C7CDF4003E}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{86C9B463-1A37-434A-9E72-7736EDDDFB7D}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{88DB6FEF-E978-487E-96F7-01A13AEA331D}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{89302B9B-A12E-4D89-A1BD-48E7B3F7C263}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{8AF7D6EB-8A8E-4416-9E41-40FD902AAABF}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{9239C547-AAD0-444E-9299-381FB6ECC4DB}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{A7C28785-0580-4820-992E-888B6E96ADBB}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{AA605DB9-1E13-4C47-8FBD-EB8EF738D308}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{B3F55E86-0BC2-4D05-A233-7BD7072FBA75}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{B6BF2149-5296-4523-8EAF-1B9BCD3BDB5D}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{D3323D45-194A-4267-8867-9087023EE0C5}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{DAB3FA54-BE27-4D61-87C4-0EA2140A4466}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{DCFC72B3-0A93-474D-B9BA-234FA23DE21C}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{DDAFE614-8D82-47AA-A88E-5C4E677976B7}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{E801EC2F-D22B-4C8A-A9D3-E8576D5D7D3A}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{E98DDB55-35F8-48DB-AE01-800E4EF1A9F8}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{E9C93EEB-0DE7-47CF-869E-3262F594E7C5}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{F344DA84-41A7-443A-A341-28C7782682A7}
Successfully deleted: [Empty Folder] C:\Users\Tricia\appdata\local\{FC362D44-9F2E-4045-8930-A89DF6D87AA8}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 01/05/2015 at 13:43:05.11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Minitoolbox Log:  MiniToolBox by Farbar  Version: 30-11-2014
Ran by Tricia (administrator) on 05-01-2015 at 13:49:48
Running from "C:\Users\Tricia\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: http=127.0.0.1:49251;https=127.0.0.1:49251
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.no_proxies_on", "*.local"
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Intel® Centrino® Wireless-N 1030 = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Tricia-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : AC-72-89-D0-D7-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : AC-72-89-D0-D7-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Centrino® Wireless-N 1030
   Physical Address. . . . . . . . . : AC-72-89-D0-D7-11
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:0:5682:8ab0:218a:9ad1:c1dd:7893(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:0:5682:8ab0:d027:e4e6:894:779a(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::218a:9ad1:c1dd:7893%14(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, January 05, 2015 9:16:38 AM
   Lease Expires . . . . . . . . . . : Monday, January 12, 2015 12:32:18 PM
   Default Gateway . . . . . . . . . : fe80::4632:c8ff:fe62:92ab%14
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 363623049
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-24-80-09-18-03-73-90-95-26
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 18-03-73-90-95-26
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : AC-72-89-D0-D7-15
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.home.network:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{CEDB63D8-2651-4881-981D-1FDE66A31E85}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{865F96DA-EBEA-4D3D-8607-10C95F91CB8A}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{8135EA46-9458-4764-B1D0-F0E6703E3E39}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:4002:c07::64
 74.125.196.100
 74.125.196.113
 74.125.196.138
 74.125.196.102
 74.125.196.139
 74.125.196.101
 
 
Pinging google.com [2607:f8b0:4000:80a::2000] with 32 bytes of data:
Reply from 2607:f8b0:4000:80a::2000: time=68ms 
Reply from 2607:f8b0:4000:80a::2000: time=185ms 
 
Ping statistics for 2607:f8b0:4000:80a::2000:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 68ms, Maximum = 185ms, Average = 126ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=117ms TTL=47
Reply from 206.190.36.45: bytes=32 time=115ms TTL=47
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 115ms, Maximum = 117ms, Average = 116ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=5ms TTL=128
Reply from 127.0.0.1: bytes=32 time=4ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 5ms, Average = 4ms
===========================================================================
Interface List
 16...ac 72 89 d0 d7 12 ......Microsoft Virtual WiFi Miniport Adapter #2
 15...ac 72 89 d0 d7 12 ......Microsoft Virtual WiFi Miniport Adapter
 14...ac 72 89 d0 d7 11 ......Intel® Centrino® Wireless-N 1030
 13...18 03 73 90 95 26 ......Realtek PCIe FE Family Controller
 12...ac 72 89 d0 d7 15 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
 21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.3     25
         10.0.0.0    255.255.255.0         On-link          10.0.0.3    281
         10.0.0.3  255.255.255.255         On-link          10.0.0.3    281
       10.0.0.255  255.255.255.255         On-link          10.0.0.3    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.3    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14    281 ::/0                     fe80::4632:c8ff:fe62:92ab
  1    306 ::1/128                  On-link
 14    281 2601:0:5682:8ab0::/60    fe80::4632:c8ff:fe62:92ab
 14     33 2601:0:5682:8ab0::/64    On-link
 14    281 2601:0:5682:8ab0:218a:9ad1:c1dd:7893/128
                                    On-link
 14    281 2601:0:5682:8ab0:d027:e4e6:894:779a/128
                                    On-link
 14    281 fe80::/64                On-link
 14    281 fe80::218a:9ad1:c1dd:7893/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
 
System errors:
=============
Error: (01/05/2015 01:43:05 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-17 16:07:40.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-17 16:07:40.550
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-17 16:07:40.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:37:11.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:37:11.632
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:34:29.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:34:26.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:30:56.708
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:30:56.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:29:17.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
 
=========================== Installed Programs ============================
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Add to Wish List IE Extension 1.2 (HKLM-x32\...\Amazon Add to Wish List IE Extension) (Version: 1.2 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belkin Router Monitor and Setup (HKLM-x32\...\2B0D8F3C-18AD-4D8E-879A-74A867C5C3CB_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PC Fax (HKLM\...\Dell PC Fax) (Version:  - )
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version:  - Dell, Inc.)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.67 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.67 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Duplicate Cleaner Free 3.1.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.1.4 - DigitalVolcano Software Ltd)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.14.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
MaxiDisk (HKLM-x32\...\{5C1130F5-F955-4319-BFF6-AFE4A42BC3A8}_is1) (Version: 1.0.6.0 - Uniblue Systems Limited)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.2.0.38 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden
SyncUP Help (CHM) (x32 Version: 10.5.11000 - Nero AG) Hidden
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VitalSource Bookshelf (HKLM-x32\...\{DC7619A7-8EA1-41CF-9C7C-8BCF045733D6}) (Version: 6.02.0024 - Ingram Content Group)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 44%
Total physical RAM: 6051.18 MB
Available physical RAM: 3356.19 MB
Total Pagefile: 12191.36 MB
Available Pagefile: 9098.14 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.8 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:511.67 GB) NTFS
3 Drive f: () (Removable) (Total:0.93 GB) (Free:0.53 GB) FAT
5 Drive y: (Recovery) (Fixed) (Total:14.65 GB) (Free:8.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TRICIA-PC
 
Administrator            Guest                    Tricia                   
 
========================= Restore Points ==================================
 
11-12-2014 08:01:32 Windows Update
13-12-2014 08:01:13 Windows Update
19-12-2014 08:01:18 Windows Update
01-01-2015 23:02:13 Scheduled Checkpoint
02-01-2015 14:31:38 Uniblue SpeedUpMyPC installation
 
**** End of log ****

  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

I'm so sorry but I have missed your post. Do you still require assistance ?

Thanks
Joe :)
  • 0

#5
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Hello,

I'm so sorry but I have missed your post. Do you still require assistance ?

Thanks
Joe :)

 

 

 

 

Yes, please.  I am still having an issue.

 

Thank you!


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
OK,

Describe the issue and what browser? Is it still the internet connection issue?

I'd also like to see another scan that makes 2 log files. It's important to download this (Farber Recovery scan) to the desktop.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Please post in your next reply:
  • FRST.txt
  • Additions.txt
Thanks
Joe :)
  • 0

#7
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

My computer will lose it's connection with the internet even though everything says that I should be connected.  I usually go to my internet access, disconnect and then re-connect.  This usually works, but it happens very frequently.  I normally use Google Chrome.

 

 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015

Ran by Tricia (administrator) on TRICIA-PC on 21-01-2015 18:14:45
Running from C:\Users\Tricia\Downloads
Loaded Profiles: Tricia (Available profiles: Tricia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
( ) C:\Windows\System32\dlcxcoms.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\n360.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Tricia\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel® Corporation)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1499091392-49799752-2912897947-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://mail.aol.com/...n-us/suite.aspx
HKU\S-1-5-21-1499091392-49799752-2912897947-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.aol.com/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1499091392-49799752-2912897947-1001 -> {C145F714-3DF5-4BF6-99FE-2D2E74328B22} URL = http://search.yahoo....p={SearchTerms}
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {06C7AD57-B655-418D-9AB8-9526A6D2E052} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creat...102/CTSUEng.cab
DPF: HKLM-x32 {76CBDDBA-3897-4EAC-A1D3-CCC47DE82EFB} https://aicsc-ccas01.../auth/taweb.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creat...13/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...30321/CTPID.cab
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{8135EA46-9458-4764-B1D0-F0E6703E3E39}: [NameServer] 0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default
FF Homepage: hxxp://mysearch.avg.com?cid={F1634EE9-A7B5-423B-96CF-B6FE221BB1AE}&mid=8ed63cd3528e47d385717d3bcf343ee6-efd5d91ae9dc03a4ccd1517d223e8d5cd6c5b3a9&lang=en&ds=ub011&coid=avgtbdisub&pr=sa&d=&v=18.0.5.292&pid=safeguard&sg=0&sap=hp
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: @plugin.couponnetwork.com/Coupon Print Activator;version=4.5 -> C:\Users\Tricia\AppData\Roaming\E-centives\NPcolPM460.dll (Invenda)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tricia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1499091392-49799752-2912897947-1001: facebook.com/fbDesktopPlugin -> C:\Users\Tricia\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF Extension: AOL Toolbar - C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\Extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1} [2013-04-04]
FF Extension: Add to Amazon Wish List Button - C:\Users\Tricia\AppData\Roaming\Mozilla\Firefox\Profiles\ezb92kyp.default\Extensions\[email protected] [2012-06-10]
FF HKLM-x32\...\Firefox\Extensions: [{203FB6B2-2E1E-4474-863B-4C483ECCE78E}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\IPSFF [2014-05-04]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.2.0.38\coFFPlgn [2015-01-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.facebook.com/", "hxxp://www.aol.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Beautiful landscape) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambfimhigppdidfmelpjmojccbfdoeig [2014-08-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2014-12-01]
CHR Extension: (Norton Identity Safe) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-13]
CHR Extension: (Lose It!) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehemifhdilebjjpibeianiedocpgocn [2014-12-04]
CHR Extension: (Google Wallet) - C:\Users\Tricia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Tricia\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dcgnponjdnblbkfmldmpjbdmlimnllmc] - C:\Users\Tricia\AppData\LocalLow\iBryte\Implementations\browseforchange\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563024 2009-09-11] (Affinegy, Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 dlcx_device; C:\windows\system32\dlcxcoms.exe [561152 2006-10-11] ( )
R2 dlcx_device; C:\windows\SysWOW64\dlcxcoms.exe [532480 2006-10-11] ( ) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-15] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\N360.exe [265040 2014-09-21] (Symantec Corporation)
R2 NSL; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [138760 2011-08-10] (Symantec Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S2 McAfee SiteAdvisor Service; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\BASHDefs\20150106.001\BHDrvx64.sys [1622744 2015-01-06] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1506000.020\ccSetx64.sys [162392 2014-02-24] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [167048 2011-08-08] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
U3 EraserUtilDrv11411; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [142640 2014-12-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\IPSDefs\20150121.001\IDSvia64.sys [668888 2015-01-14] (Symantec Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-15] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20150120.034\ENG64.SYS [129752 2015-01-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.2.0.38\Definitions\VirusDefs\20150120.034\EX64.SYS [2137304 2015-01-20] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1506000.020\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1506000.020\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1506000.020\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1506000.020\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-05-04] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1506000.020\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [51712 2011-08-02] (Apple, Inc.) [File not signed]
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-08-13] (Check Point Software Technologies Ltd.)
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-21 18:14 - 2015-01-21 18:15 - 00026064 _____ () C:\Users\Tricia\Downloads\FRST.txt
2015-01-21 18:14 - 2015-01-21 18:14 - 00000000 ____D () C:\FRST
2015-01-21 18:13 - 2015-01-21 18:14 - 02126848 _____ (Farbar) C:\Users\Tricia\Downloads\FRST64.exe
2015-01-20 22:18 - 2015-01-20 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-15 17:07 - 2015-01-15 17:07 - 00003288 ____N () C:\bootsqm.dat
2015-01-14 10:42 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-14 10:42 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-14 10:42 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-14 10:42 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-14 10:42 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-14 10:42 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-14 10:42 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-14 10:42 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-14 10:42 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-14 10:42 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-14 10:42 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-14 10:42 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-14 10:42 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-06 15:58 - 2015-01-21 18:11 - 00006585 ____H () C:\windows\SysWOW64\BTImages.dat
2015-01-06 13:02 - 2015-01-06 13:04 - 00000000 ____D () C:\Users\Tricia\AppData\Roaming\PCDr
2015-01-06 13:00 - 2015-01-06 13:00 - 00000000 ____D () C:\ProgramData\PCDr
2015-01-05 13:49 - 2015-01-05 13:50 - 00035797 _____ () C:\Users\Tricia\Downloads\Result.txt
2015-01-05 13:47 - 2015-01-05 13:47 - 00401920 _____ (Farbar) C:\Users\Tricia\Downloads\MiniToolBox.exe
2015-01-05 13:43 - 2015-01-05 13:43 - 00005376 _____ () C:\Users\Tricia\Desktop\JRT.txt
2015-01-05 12:47 - 2015-01-05 12:47 - 00000000 ____D () C:\windows\ERUNT
2015-01-05 12:42 - 2015-01-05 12:43 - 01707939 _____ (Thisisu) C:\Users\Tricia\Downloads\JRT.exe
2015-01-05 09:07 - 2015-01-05 09:14 - 00000000 ____D () C:\AdwCleaner
2015-01-05 09:06 - 2015-01-05 09:06 - 02173952 _____ () C:\Users\Tricia\Downloads\adwcleaner_4.106.exe
2015-01-04 16:38 - 2015-01-04 16:38 - 00132540 _____ () C:\Users\Tricia\Downloads\OTL.Txt
2015-01-02 09:31 - 2015-01-15 17:08 - 00000280 _____ () C:\windows\Tasks\SpeedUpMyPC Subscription.job
2015-01-02 09:31 - 2015-01-02 09:31 - 00002576 _____ () C:\windows\System32\Tasks\SpeedUpMyPC Subscription
2014-12-26 19:25 - 2014-12-26 19:25 - 00001067 _____ () C:\Users\Tricia\Documents\Malwarebytes.txt
2014-12-26 18:58 - 2015-01-15 09:36 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 18:58 - 2014-12-26 18:58 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebyte.lnk
2014-12-26 18:58 - 2014-12-26 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-26 18:58 - 2014-12-26 18:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-26 18:58 - 2014-12-26 18:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 18:58 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-12-26 18:58 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-12-26 18:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-12-26 18:56 - 2014-12-26 18:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Tricia\Downloads\mbam-setup-2.0.4.1028.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-21 18:15 - 2011-10-10 05:11 - 01062614 _____ () C:\windows\WindowsUpdate.log
2015-01-21 18:10 - 2012-03-31 21:30 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 18:10 - 2011-11-02 09:33 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job
2015-01-21 17:02 - 2011-10-20 10:50 - 00000000 ____D () C:\Program Files (x86)\Dell Photo AIO Printer 926
2015-01-21 17:02 - 2011-10-10 05:57 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-21 16:17 - 2012-03-13 08:43 - 00000932 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job
2015-01-21 09:48 - 2014-04-12 09:04 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2015-01-21 08:34 - 2011-11-02 09:33 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job
2015-01-21 08:33 - 2012-01-31 13:31 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-20 22:34 - 2012-01-31 15:33 - 00000454 ____H () C:\windows\Tasks\Norton Security Scan for Tricia.job
2015-01-20 22:24 - 2012-12-16 09:12 - 00000000 ____D () C:\Users\Tricia\AppData\Local\CrashDumps
2015-01-20 21:46 - 2012-03-13 08:43 - 00000910 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job
2015-01-20 17:54 - 2014-12-20 10:19 - 00003124 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask-Retry
2015-01-20 17:19 - 2009-07-14 00:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-20 17:13 - 2009-07-13 23:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-20 17:13 - 2009-07-13 23:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 15:21 - 2011-10-20 11:08 - 00000000 ____D () C:\Program Files\Dl_cats
2015-01-15 17:10 - 2013-10-22 22:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-01-15 17:08 - 2013-12-03 17:57 - 00000332 _____ () C:\windows\Tasks\mdmonitor.job
2015-01-15 17:08 - 2011-10-10 06:08 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-01-15 17:08 - 2011-10-10 06:08 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-01-15 17:08 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-01-15 17:07 - 2013-04-24 21:36 - 00012050 _____ () C:\windows\setupact.log
2015-01-15 14:22 - 2014-08-16 17:42 - 00000000 ____D () C:\Program Files (x86)\Fitbit Connect
2015-01-15 14:19 - 2011-11-02 09:34 - 00002374 _____ () C:\Users\Tricia\Desktop\Google Chrome.lnk
2015-01-15 03:37 - 2013-04-28 19:06 - 01769672 _____ () C:\windows\PFRO.log
2015-01-15 03:18 - 2013-07-13 02:01 - 00000000 ____D () C:\windows\system32\MRT
2015-01-15 03:03 - 2011-10-24 10:00 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-01-14 11:57 - 2012-03-31 21:30 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 11:57 - 2012-03-31 21:30 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 11:57 - 2011-10-25 18:01 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-11 10:20 - 2013-10-22 22:59 - 00001976 _____ () C:\Users\Public\Desktop\Dell DataSafe Online.lnk
2015-01-11 10:20 - 2013-10-22 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online
2014-12-26 08:27 - 2014-05-27 06:13 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 12:09 - 2011-11-20 19:42 - 00000000 ____D () C:\Users\Tricia\Documents\Personal
 
==================== Files in the root of some directories =======
2011-11-08 23:26 - 2011-11-08 23:26 - 0000000 _____ () C:\Users\Tricia\AppData\Roaming\.NANotifyHere
2014-03-24 10:48 - 2014-03-24 10:48 - 0000000 _____ () C:\Users\Tricia\AppData\Roaming\PDFConverterApp
2014-04-11 08:39 - 2014-04-12 06:52 - 0000077 _____ () C:\Users\Tricia\AppData\Roaming\WB.CFG
2011-11-06 11:23 - 2011-11-06 11:26 - 0004608 _____ () C:\Users\Tricia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-25 17:49 - 2011-10-25 17:49 - 0002424 _____ () C:\Users\Tricia\AppData\Local\FastClean.20111025.184902.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0002286 _____ () C:\Users\Tricia\AppData\Local\IWDAudHelper.20111025.185012.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0013288 _____ () C:\Users\Tricia\AppData\Local\IWDAudHelper.20111025.185034.txt
2012-04-01 18:51 - 2012-04-01 18:51 - 0002433 _____ () C:\Users\Tricia\AppData\Local\IWDAudHelper.20120401.195132.txt
2011-10-20 21:39 - 2011-10-20 21:39 - 0001549 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111020.223921.txt
2011-10-21 21:21 - 2011-10-21 21:21 - 0001526 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111021.222121.txt
2011-10-25 17:46 - 2011-10-25 17:46 - 0001549 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.184618.txt
2011-10-25 17:49 - 2011-10-25 17:49 - 0001706 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.184923.txt
2011-10-25 17:49 - 2011-10-25 17:49 - 0000787 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.184937.txt
2011-10-25 17:49 - 2011-10-25 17:49 - 0000671 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.184952.txt
2011-10-25 17:49 - 2011-10-25 17:49 - 0001704 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.184956.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0000671 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.185003.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0001245 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.185012.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0001227 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.185027.txt
2011-10-25 17:50 - 2011-10-25 17:50 - 0001247 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.185058.txt
2011-10-25 18:03 - 2011-10-25 18:03 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.190318.txt
2011-10-25 18:10 - 2011-10-25 18:10 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111025.191006.txt
2011-11-02 13:45 - 2011-11-02 13:45 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111102.144515.txt
2011-11-02 18:09 - 2011-11-02 18:09 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111102.190939.txt
2011-11-10 23:13 - 2011-11-10 23:13 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111110.231354.txt
2011-11-21 19:50 - 2011-11-21 19:50 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111121.195007.txt
2011-11-21 19:54 - 2011-11-21 19:54 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111121.195438.txt
2011-11-21 19:55 - 2011-11-21 19:55 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111121.195547.txt
2011-11-21 19:56 - 2011-11-21 19:56 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111121.195627.txt
2011-11-26 19:38 - 2011-11-26 19:38 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111126.193804.txt
2011-11-28 21:05 - 2011-11-28 21:05 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111128.210531.txt
2011-11-28 21:12 - 2011-11-28 21:12 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111128.211210.txt
2011-11-28 21:14 - 2011-11-28 21:14 - 0001632 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111128.211416.txt
2011-11-28 21:17 - 2011-11-28 21:17 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111128.211731.txt
2011-11-28 21:25 - 2011-11-28 21:25 - 0001632 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111128.212503.txt
2011-11-30 22:00 - 2011-11-30 22:00 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111130.220014.txt
2011-12-02 16:08 - 2011-12-02 16:08 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111202.160828.txt
2011-12-02 16:12 - 2011-12-02 16:12 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111202.161200.txt
2011-12-03 21:02 - 2011-12-03 21:02 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111203.210241.txt
2011-12-07 18:52 - 2011-12-07 18:52 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111207.185236.txt
2011-12-14 17:49 - 2011-12-14 17:49 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111214.174947.txt
2011-12-14 17:52 - 2011-12-14 17:52 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20111214.175246.txt
2012-01-13 17:57 - 2012-01-13 17:57 - 0001632 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120113.175700.txt
2012-01-14 13:25 - 2012-01-14 13:25 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120114.132522.txt
2012-01-14 13:25 - 2012-01-14 13:26 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120114.132553.txt
2012-01-15 20:08 - 2012-01-15 20:08 - 0001682 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120115.200836.txt
2012-01-20 12:11 - 2012-01-20 12:11 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120120.121147.txt
2012-01-20 14:07 - 2012-01-20 14:07 - 0001682 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120120.140723.txt
2012-01-20 14:09 - 2012-01-20 14:09 - 0001680 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120120.140905.txt
2012-01-21 22:06 - 2012-01-21 22:06 - 0001682 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120121.220620.txt
2012-01-27 20:43 - 2012-01-27 20:43 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120127.204302.txt
2012-02-11 12:06 - 2012-02-11 12:06 - 0001632 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.120623.txt
2012-02-11 12:06 - 2012-02-11 12:06 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.120644.txt
2012-02-11 12:07 - 2012-02-11 12:07 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.120737.txt
2012-02-11 12:09 - 2012-02-11 12:09 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.120927.txt
2012-02-11 12:15 - 2012-02-11 12:15 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.121500.txt
2012-02-11 12:15 - 2012-02-11 12:15 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.121516.txt
2012-02-11 12:18 - 2012-02-11 12:18 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.121815.txt
2012-02-11 19:35 - 2012-02-11 19:35 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120211.193518.txt
2012-02-19 23:00 - 2012-02-19 23:00 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120219.230031.txt
2012-02-23 13:12 - 2012-02-23 13:12 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120223.131200.txt
2012-02-23 18:49 - 2012-02-23 18:49 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120223.184933.txt
2012-04-01 17:49 - 2012-04-01 17:49 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120401.184930.txt
2012-04-01 18:04 - 2012-04-01 18:04 - 0001654 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120401.190431.txt
2012-04-01 18:18 - 2012-04-01 18:18 - 0001656 _____ () C:\Users\Tricia\AppData\Local\PDLSetup.20120401.191851.txt
2013-01-06 16:10 - 2013-01-06 16:10 - 0000000 _____ () C:\Users\Tricia\AppData\Local\rx_image32.Cache
2012-04-01 18:48 - 2012-04-01 18:52 - 0023969 _____ () C:\Users\Tricia\AppData\Local\WiDiSetupLog.20120401.194810.txt
2013-01-16 09:51 - 2013-01-16 09:51 - 48064933 _____ () C:\ProgramData\SPL14C8.tmp
2014-11-18 09:13 - 2014-11-18 09:13 - 0933788 _____ () C:\ProgramData\SPL58C5.tmp
2014-08-31 13:39 - 2014-08-31 13:39 - 2320537 _____ () C:\ProgramData\SPLA248.tmp
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-04 19:03
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Tricia at 2015-01-21 18:16:10
Running from C:\Users\Tricia\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Add to Wish List IE Extension 1.2 (HKLM-x32\...\Amazon Add to Wish List IE Extension) (Version: 1.2 - Amazon)
Amazon Kindle (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Belkin Router Monitor and Setup (HKLM-x32\...\2B0D8F3C-18AD-4D8E-879A-74A867C5C3CB_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.10.1.3 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{91AF2672-F5BC-42CF-8037-A9D2F92BBCC0}) (Version: 1.5.201.0 - Fingertapps)
Dell PC Fax (HKLM\...\Dell PC Fax) (Version:  - )
Dell Perks Webslice IE8 (HKLM-x32\...\{CF67ED0C-F85D-4791-AED3-3FE882EDB45D}) (Version: 8.0 - Nextjump Inc)
Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version:  - Dell, Inc.)
Dell PhotoStage (HKLM-x32\...\{0D98F04D-11A1-4B64-A406-43292B9EEE90}) (Version: 1.5.0.67 - ArcSoft)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.67 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Duplicate Cleaner Free 3.1.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.1.4 - DigitalVolcano Software Ltd) <==== ATTENTION
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Google Chrome (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
High-Definition Video Playback (x32 Version: 11.1.11500.4.273 - Nero AG) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Intel® WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG Verizon United Driver (HKLM-x32\...\{A17B9856-40CF-4BEA-BB65-ADB8154A83DC}) (Version: 2.14.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MasterCook Deluxe 9 (HKLM-x32\...\InstallShield_{99B366B0-76B6-4DBA-95A3-A730015A7D01}) (Version: 9.0.000 - ValuSoft)
MasterCook Deluxe 9 (x32 Version: 9.0.000 - ValuSoft) Hidden
MaxiDisk (HKLM-x32\...\{5C1130F5-F955-4319-BFF6-AFE4A42BC3A8}_is1) (Version: 1.0.6.0 - Uniblue Systems Limited)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Norton 360 (HKLM-x32\...\N360) (Version: 21.6.0.32 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.2.0.38 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.20 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.14900 - Nero AG)
SyncUP (x32 Version: 1.12.11200.10.102 - Nero AG) Hidden
SyncUP Help (CHM) (x32 Version: 10.5.11000 - Nero AG) Hidden
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)
Unity Web Player (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VitalSource Bookshelf (HKLM-x32\...\{DC7619A7-8EA1-41CF-9C7C-8BCF045733D6}) (Version: 6.02.0024 - Ingram Content Group)
VLC media player 2.0.0 (HKLM-x32\...\VLC media player) (Version: 2.0.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
ZoneAlarm Antivirus (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.3.209.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.209.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tricia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tricia\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tricia\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> No File Path
 
==================== Restore Points  =========================
 
19-12-2014 03:01:18 Windows Update
01-01-2015 18:02:13 Scheduled Checkpoint
02-01-2015 09:31:38 Uniblue SpeedUpMyPC installation
15-01-2015 03:01:08 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {01F3885F-E8BC-4FB5-84D0-7DB900455270} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {07FAAD50-10FD-4C68-B510-A18461E218A9} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {1066D7D0-E126-4EA5-AA56-9DE0D41347AB} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {19A6A556-583B-4D96-AC49-980CA0FADFE4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {1C157C2E-CABC-47AB-AFD3-AB73CA40E3E6} - System32\Tasks\mdmonitor => C:\Program Files (x86)\Uniblue\MaxiDisk\mdmonitor.exe
Task: {24332561-9351-4ECD-864C-A4DBD33CCB91} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {38501190-2657-4849-901D-7E090DE0ED78} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {42AE6832-35A0-4AAC-8CB0-917FA90ACA61} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {4E21CC15-5EEA-4483-AD31-3D228F0C90C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {55D32396-84B2-4E0B-8659-37FEC5016FC8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core => C:\Users\Tricia\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {6220DA71-41E4-4080-92D9-A097E4DD1A75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {67FAB440-050C-4785-8124-8E724CF01C72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9008B7A6-11B7-4587-B5FC-F1A451490DE3} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {BE97C71D-866B-4ABF-8153-55A2330B30D5} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {CB20BF26-D1EC-45FE-8D44-8BF7B5CE4289} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA => C:\Users\Tricia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {E1C0782E-100C-415B-B088-E8096E61B74A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA => C:\Users\Tricia\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {E839C16A-2D61-4235-B1D9-A2691E57F8C4} - System32\Tasks\Norton Security Scan for Tricia => C:\Program Files (x86)\Norton Security Scan\Engine\4.2.0.38\Nss.exe [2014-11-25] (Symantec Corporation)
Task: {F5370786-947F-4721-9BED-2A8CA4317395} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {F67EF90C-6E1B-4CFC-BACC-B3BB337A96A6} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {FB3ECD66-75C0-4E0F-81E2-5BF074919A48} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {FB91ED25-C47A-4052-8B5B-C328AD5714A6} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core => C:\Users\Tricia\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job => C:\Users\Tricia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job => C:\Users\Tricia\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001Core.job => C:\Users\Tricia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1499091392-49799752-2912897947-1001UA.job => C:\Users\Tricia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\mdmonitor.job => C:\Program Files (x86)\Uniblue\MaxiDisk\mdmonitor.exe
Task: C:\windows\Tasks\Norton Security Scan for Tricia.job => C:\PROGRA~2\NORTON~2\Engine\420~1.38\Nss.exe
Task: C:\windows\Tasks\SpeedUpMyPC Subscription.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-10-20 11:07 - 2006-10-20 00:39 - 00144896 _____ () C:\windows\system32\spool\PRTPROCS\x64\dlcxdrpp.dll
2006-10-20 00:41 - 2006-10-20 00:41 - 00134656 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxdrui.dll
2006-10-20 20:31 - 2006-10-20 20:31 - 00126464 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxPRPR.DLL
2011-10-20 11:07 - 2006-09-06 05:13 - 00064000 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxCFG.DLL
2006-10-20 00:38 - 2006-10-20 00:38 - 00195072 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxdr.dll
2006-04-28 18:14 - 2006-04-28 18:14 - 00729600 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxHPEC.DLL
2006-04-28 18:13 - 2006-04-28 18:13 - 00165888 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dlcxflib.dll
2014-05-27 06:13 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2006-09-22 06:43 - 2006-09-22 06:43 - 00024576 _____ () C:\windows\system32\dlcxcaps.dll
2011-10-10 05:57 - 2011-08-18 10:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2012-02-01 11:50 - 2012-02-01 11:50 - 00968048 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
2011-10-20 11:04 - 2007-01-12 11:57 - 00292336 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
2014-11-18 09:31 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 08151040 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtGui4.dll
2012-02-01 11:44 - 2012-02-01 11:44 - 02278400 _____ () C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\QtCore4.dll
2014-10-17 02:56 - 2014-10-17 02:56 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-10-10 05:18 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-10-20 11:04 - 2006-08-08 14:54 - 00278528 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxscw.dll
2011-10-20 11:04 - 2006-09-06 05:13 - 00073728 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxcfg.dll
2011-10-20 11:04 - 2006-03-14 16:38 - 00143360 _____ () C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxdrec.dll
2015-01-15 14:19 - 2015-01-08 19:35 - 01077064 _____ () C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.99\libglesv2.dll
2015-01-15 14:19 - 2015-01-08 19:35 - 00211272 _____ () C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.99\libegl.dll
2015-01-15 14:19 - 2015-01-08 19:35 - 09009480 _____ () C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.99\pdf.dll
2015-01-15 14:19 - 2015-01-08 19:35 - 01677128 _____ () C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.99\ffmpegsumo.dll
2015-01-15 14:19 - 2015-01-08 19:35 - 14913352 _____ () C:\Users\Tricia\AppData\Local\Google\Chrome\Application\39.0.2171.99\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:222C3312
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tricia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Tricia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DLCXCATS => rundll32 C:\windows\system32\spool\DRIVERS\x64\3\DLCXtime.dll,RunDLLEntry
MSCONFIG\startupreg: dlcxmon.exe => "C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Tricia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FaxCenterServer => "C:\Program Files (x86)\Dell PC Fax\fm3032.exe" /s
MSCONFIG\startupreg: Fitbit Connect => "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
MSCONFIG\startupreg: Google Update => "C:\Users\Tricia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe" startup
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MemoryCardManager => "C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe"
MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: TWC.Win7 => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1499091392-49799752-2912897947-500 - Administrator - Disabled)
Guest (S-1-5-21-1499091392-49799752-2912897947-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1499091392-49799752-2912897947-1002 - Limited - Enabled)
Tricia (S-1-5-21-1499091392-49799752-2912897947-1001 - Administrator - Enabled) => C:\Users\Tricia
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/21/2015 08:33:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/21/2015 08:33:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/20/2015 10:24:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x0000000000029fa9
Faulting process id: 0x84c
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (01/20/2015 10:18:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/20/2015 10:18:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/20/2015 09:47:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/20/2015 09:47:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (01/18/2015 07:32:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fitbit Connect Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (01/16/2015 07:25:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fitbit Connect Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (01/15/2015 05:08:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%3
 
Error: (01/15/2015 05:07:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:58:44 PM on ‎1/‎15/‎2015 was unexpected.
 
Error: (01/15/2015 09:40:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/15/2015 09:39:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%3
 
Error: (01/15/2015 09:38:38 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (01/15/2015 08:44:44 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/15/2015 04:12:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fitbit Connect Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
 
Error: (01/15/2015 03:38:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%3
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2015 08:33:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/21/2015 08:33:49 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/20/2015 10:24:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ole32.dll6.1.7601.175144ce7c92cc00000050000000000029fa984c01d0310fc2a9486cC:\windows\Explorer.EXEC:\windows\system32\ole32.dll03b97f66-a11d-11e4-bcc7-ac7289d0d715
 
Error: (01/20/2015 10:18:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/20/2015 10:18:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/20/2015 09:47:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/20/2015 09:47:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Cozi Express\CoziExpress.exe
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3136
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3136
 
Error: (01/20/2015 06:21:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-17 16:07:40.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-17 16:07:40.550
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-17 16:07:40.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:37:11.694
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:37:11.632
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:34:29.547
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-13 03:34:26.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:30:56.708
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:30:56.683
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x64\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-12 18:29:17.472
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 45%
Total physical RAM: 6051.18 MB
Available physical RAM: 3277.46 MB
Total Pagefile: 12191.36 MB
Available Pagefile: 8519.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:512.17 GB) NTFS
Drive f: () (Removable) (Total:0.93 GB) (Free:0.53 GB) FAT
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 39576304)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 952.5 MB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#8
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

RE: Your FRST location.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Tricia (administrator) on TRICIA-PC on 21-01-2015 18:14:45
Running from C:\Users\Tricia\Downloads


Please move FRST to the desktop, You can just move it to desktop no need to do another scan.
To do that:
  • Navagate to your downloads folder-->C:\Users\Tricia\Downloads
  • In the downloads folder find FRST
  • Right click on it,Choose cut
  • Go back to the desktop.
  • On an empty space right click, choose paste.
  • Farber will now have been successfully moved to desktop.
Let me know when you have completed that

Thanks
Joe :)
  • 0

#9
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Ooops, sorry.  Okay it's on my desktop now.


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Sorry for the delay. Lets start addressing some issues here....

Hello,

You have 2 Anti Virus programs running
1. AV: Norton 360
2. AV: ZoneAlarm Antivirus

The real-time protection of two antivirus programs may conflict with each other and cause the following:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.[* ]Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
  • Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
Tell me what one you want to keep, and we will uninstall the other. I'll provide instruction for that.

Thanks
Joe :)
  • 0

Advertisements


#11
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I guess I'd like to keep Norton 360 unless you can think of some reason why that's not a good idea.

 

Thanks!!

Tricia


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
Hello,

Norton 360 is fine as long as it's subscription is up to date.

Lets remove Zone Alarm from the programs an features list:

To do that:
Click start, click control panel, then click Programs an features. Uninstall the items below that you see, you may not see them all.
  • ZoneAlarm Antivirus
  • ZoneAlarm Firewall
  • ZoneAlarm Free Antivirus + Firewall
  • ZoneAlarm Security Toolbar
Let me know when that is done

Thanks
Joe
  • 0

#13
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

I found the last two items that you have listed in your previous email and I un-installed both of them.

Thanks!!

Tricia


  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,811 posts
OK. Good job!

A few items to fix; Remember to right click all tools and run as administrator

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
Toolbar: HKLM-x32 - No Name - {06C7AD57-B655-418D-9AB8-9526A6D2E052} -  No File
FF Homepage: hxxp://mysearch.avg.com?cid={F1634EE9-A7B5-423B-96CF-B6FE221BB1AE}&mid=8ed63cd3528e47d385717d3bcf343ee6-efd5d91ae9dc03a4ccd1517d223e8d5cd6c5b3a9&lang=en&ds=ub011&coid=avgtbdisub&pr=sa&d=&v=18.0.5.292&pid=safeguard&sg=0&sap=hp
CHR HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Tricia\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dcgnponjdnblbkfmldmpjbdmlimnllmc] - C:\Users\Tricia\AppData\LocalLow\iBryte\Implementations\browseforchange\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S2 McAfee SiteAdvisor Service; No ImagePath
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
2015-01-15 17:10 - 2013-10-22 22:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> No File Path
Task: {38501190-2657-4849-901D-7E090DE0ED78} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {42AE6832-35A0-4AAC-8CB0-917FA90ACA61} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\windows\Tasks\SpeedUpMyPC Subscription.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:222C3312
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
hosts:
Emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

In your next reply post:
Fixlog.txtThat log will end up on your desktop after fix is run.
  • 0

#15
lexi2007

lexi2007

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts

Okay, that's done and here is the fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by Tricia at 2015-01-29 12:17:24 Run:1
Running from C:\Users\Tricia\Desktop
Loaded Profiles: Tricia (Available profiles: Tricia)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
Toolbar: HKLM-x32 - No Name - {06C7AD57-B655-418D-9AB8-9526A6D2E052} -  No File
FF Homepage: hxxp://mysearch.avg.com?cid={F1634EE9-A7B5-423B-96CF-B6FE221BB1AE}&mid=8ed63cd3528e47d385717d3bcf343ee6-efd5d91ae9dc03a4ccd1517d223e8d5cd6c5b3a9&lang=en&ds=ub011&coid=avgtbdisub&pr=sa&d=&v=18.0.5.292&pid=safeguard&sg=0&sap=hp
CHR HKU\S-1-5-21-1499091392-49799752-2912897947-1001\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Tricia\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dcgnponjdnblbkfmldmpjbdmlimnllmc] - C:\Users\Tricia\AppData\LocalLow\iBryte\Implementations\browseforchange\Chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.)
S2 McAfee SiteAdvisor Service; No ImagePath
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.)
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
2015-01-15 17:10 - 2013-10-22 22:59 - 00000000 ____D () C:\ProgramData\boost_interprocess
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> No File Path
Task: {38501190-2657-4849-901D-7E090DE0ED78} - System32\Tasks\SpeedUpMyPC Subscription => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {42AE6832-35A0-4AAC-8CB0-917FA90ACA61} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\windows\Tasks\SpeedUpMyPC Subscription.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:222C3312
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
hosts:
Emptytemp:
end
*****************
 
Processes closed successfully.
Restore point was successfully created.
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" => File/Directory not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ZoneAlarm => Value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
"HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{06C7AD57-B655-418D-9AB8-9526A6D2E052} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{06C7AD57-B655-418D-9AB8-9526A6D2E052} => Key not found. 
Firefox homepage deleted successfully.
"HKU\S-1-5-21-1499091392-49799752-2912897947-1001\SOFTWARE\Google\Chrome\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcgnponjdnblbkfmldmpjbdmlimnllmc" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif" => Key deleted successfully.
ZAPrivacyService => Service not found.
McAfee SiteAdvisor Service => Service deleted successfully.
vsmon => Service not found.
PcdrNdisuio => Service deleted successfully.
C:\ProgramData\boost_interprocess => Moved successfully.
"HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-1499091392-49799752-2912897947-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38501190-2657-4849-901D-7E090DE0ED78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38501190-2657-4849-901D-7E090DE0ED78}" => Key deleted successfully.
C:\Windows\System32\Tasks\SpeedUpMyPC Subscription => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpeedUpMyPC Subscription" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42AE6832-35A0-4AAC-8CB0-917FA90ACA61}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42AE6832-35A0-4AAC-8CB0-917FA90ACA61}" => Key deleted successfully.
C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ad-Aware Update (Weekly)" => Key deleted successfully.
C:\windows\Tasks\SpeedUpMyPC Subscription.job => Moved successfully.
C:\ProgramData\Temp => ":222C3312" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\GoToAssist" => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vsmon => Key not found. 
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys" => Key deleted successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {CBBBE433-F7B3-4367-A20B-BD06FE35D6A1}.
{9076DF13-1F43-47EE-8C88-E6CF075A5914} canceled.
{0B009B74-958A-4EA6-8160-DDE0C21D803A} canceled.
{C1A62423-91E6-4A38-A845-C2F96175AA93} canceled.
{5AED935B-B918-44B0-90DF-3DE3AED2A57B} canceled.
{A43F92B8-92E1-4A61-83D3-58DBEFB6BB01} canceled.
{30D5C239-DB1C-4C72-BA65-4EBB6172CEDD} canceled.
6 out of 7 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset catalog =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 682.6 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 12:19:22 ====

  • 0






Similar Topics


Also tagged with one or more of these keywords: internet disconnect, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP