Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

afraid I have multiple infections

outbound info pop up shockwave crash pop up blocker

  • This topic is locked This topic is locked

#16
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.
  • Right click Run as administrator, When the tool opens click Yes to disclaimer.
  • Make sure you checkmark Addition.txt box.
  • Press Scan button.
  • Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

  • 0

Advertisements


#17
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Pop up Application error:

Exception EAccessViolation in module ERUNT.exe at 00003A3E.

Access violation at address 00403A3Ein module 'ERUNT.exe'.

Write ofaddress 0076005D

I clicked OK

 

Also hear a foghorn sound sometimes

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Genna (administrator) on MOMMALAPTOP (16-08-2015 17:44:53)
Running from C:\Users\Genna\Desktop
Loaded Profiles: Genna & UpdatusUser (Available Profiles: Genna & UpdatusUser)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Wyse Technology Inc.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Gemalto N.V.) C:\Users\Genna\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Dropbox, Inc.) C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
() C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
() C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
Failed to access process -> iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [PocketCloud Location] => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [933776 2012-10-24] (Wyse Technology Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\Genna\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-02-15] (Gemalto N.V.)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2053 2013-10-16] ()
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [Dropbox Update] => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-615137952-235082984-2108559562-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-02-13]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

URLSearchHook: [S-1-5-21-615137952-235082984-2108559562-1004] ATTENTION => Default URLSearchHook is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{2F84BA02-1686-4319-B34C-B14E77C142D3}: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-615137952-235082984-2108559562-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Genna\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-06-16] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-08-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-16]
CHR Extension: (Google Docs) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-16]
CHR Extension: (YouTube) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-16]
CHR Extension: (Google Search) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-16]
CHR Extension: (ShopAtHome.com) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2015-08-16]
CHR Extension: (Google Sheets) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Gmail) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-16]
CHR Profile: C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-16]
CHR Extension: (YouTube) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-16]
CHR Extension: (Google Search) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Gmail) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-615137952-235082984-2108559562-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Genna\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-25]
CHR HKU\S-1-5-21-615137952-235082984-2108559562-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [145288 2015-04-09] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-06-09] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [188928 2012-10-24] () [File not signed]
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-10-24] (Wyse Technology.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20150810.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20150814.002\IDSvia64.sys [692984 2015-08-04] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20150816.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20150816.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 TDKLIB; \??\C:\Users\Genna\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 16:04 - 2015-08-16 16:46 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 16:04 - 2015-08-16 16:04 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-16 16:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-16 16:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-16 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-16 15:48 - 2015-08-16 15:48 - 00002377 _____ C:\Users\Genna\Desktop\Genevieve - Chrome.lnk
2015-08-16 15:45 - 2015-08-16 15:45 - 00001425 _____ C:\Users\Genna\Desktop\JRT2.txt
2015-08-16 15:44 - 2015-08-16 15:44 - 00001425 _____ C:\Users\Genna\Desktop\JRT.txt
2015-08-16 15:27 - 2015-08-16 15:27 - 00004265 _____ C:\AdwCleaner[C1].txt
2015-08-16 15:25 - 2015-08-16 15:26 - 00003797 _____ C:\AdwCleaner[S2].txt
2015-08-16 15:17 - 2015-08-16 15:27 - 00000000 ____D C:\AdwCleaner
2015-08-16 15:17 - 2015-08-16 15:18 - 00003730 _____ C:\AdwCleaner[S1].txt
2015-08-16 10:59 - 2015-08-16 10:59 - 00000000 ____D C:\Users\Genna\Desktop\FRST-OlderVersion
2015-08-16 10:33 - 2015-08-16 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-12 19:50 - 2015-07-30 10:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:50 - 2015-07-30 09:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 20:48 - 2015-08-16 11:11 - 00000123 _____ C:\Users\Genna\Desktop\Geeks to Go - Free help from tech experts.url
2015-08-11 20:29 - 2015-08-11 20:30 - 00067906 _____ C:\Users\Genna\Desktop\Addition.txt
2015-08-11 20:28 - 2015-08-16 17:45 - 00029023 _____ C:\Users\Genna\Desktop\FRST.txt
2015-08-11 20:26 - 2015-08-16 17:44 - 00000000 ____D C:\FRST
2015-08-11 20:25 - 2015-08-16 10:59 - 02173952 _____ (Farbar) C:\Users\Genna\Desktop\FRST64.exe
2015-08-11 19:42 - 2015-08-11 19:42 - 00000000 ____D C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 19:31 - 2015-07-28 19:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 19:31 - 2015-07-28 10:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 19:31 - 2015-07-18 21:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 19:31 - 2015-07-18 14:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 19:31 - 2015-07-18 14:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 19:31 - 2015-07-18 14:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 19:31 - 2015-07-18 14:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 19:31 - 2015-07-18 14:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 19:31 - 2015-07-18 14:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 19:31 - 2015-07-18 14:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 19:31 - 2015-07-18 14:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 19:31 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 19:31 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 19:31 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 19:31 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 19:31 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 19:31 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 19:31 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 19:31 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 19:31 - 2015-07-16 15:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 19:31 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 19:31 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 19:31 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 19:31 - 2015-07-16 15:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 19:31 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 19:31 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 19:31 - 2015-07-16 15:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 19:31 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 19:31 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 19:31 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 19:31 - 2015-07-16 15:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 19:31 - 2015-07-16 15:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 19:31 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 19:31 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 19:31 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 19:31 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 19:31 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 19:31 - 2015-07-16 14:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 19:31 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 19:31 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 19:31 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 19:31 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 19:31 - 2015-07-15 20:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 19:31 - 2015-07-15 20:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 19:31 - 2015-07-15 20:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 19:31 - 2015-07-15 20:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 19:31 - 2015-07-10 13:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 19:31 - 2015-07-07 05:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 19:31 - 2015-07-07 05:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 19:31 - 2015-07-07 05:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 19:31 - 2015-07-01 18:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 19:31 - 2015-07-01 18:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 19:31 - 2015-07-01 17:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 19:31 - 2015-07-01 17:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 19:31 - 2015-06-12 13:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 19:31 - 2015-06-12 12:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 19:31 - 2015-06-09 14:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 19:26 - 2015-07-14 17:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 19:26 - 2015-07-14 17:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 19:26 - 2015-07-14 17:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 19:26 - 2015-07-13 23:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 19:26 - 2015-07-13 23:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 19:26 - 2015-07-13 15:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 19:26 - 2015-07-13 15:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 19:26 - 2015-07-10 14:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 19:26 - 2015-07-10 13:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 19:26 - 2015-07-10 13:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 19:26 - 2015-07-10 13:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 19:26 - 2015-07-10 12:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 19:26 - 2015-07-10 12:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 19:26 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 19:26 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 19:26 - 2015-07-09 12:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 19:26 - 2015-06-11 16:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 19:26 - 2015-06-11 16:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 19:26 - 2015-05-11 20:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 19:25 - 2015-07-29 10:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 19:25 - 2015-07-29 10:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 19:25 - 2015-07-29 10:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 19:25 - 2015-07-24 14:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 19:25 - 2015-07-24 14:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 19:25 - 2015-07-24 14:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 19:25 - 2015-07-24 13:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 19:25 - 2015-07-24 13:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 15:09 - 2015-08-11 15:09 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-08-06 11:51 - 2015-08-06 11:51 - 00000000 ____D C:\NPE
2015-08-06 11:46 - 2015-08-06 11:46 - 03088296 _____ (Symantec Corporation) C:\Users\Genna\Downloads\NPE.exe
2015-08-06 11:39 - 2015-08-06 11:39 - 01596224 _____ (LogMeIn, Inc.) C:\Users\Genna\Downloads\Support-LogMeInRescue (1).exe
2015-08-06 11:39 - 2015-08-06 11:39 - 00002270 _____ C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec Support (4).lnk
2015-08-06 09:07 - 2015-08-06 09:07 - 00000055 _____ C:\Users\Genna\Desktop\Brain, Child Magazine - the magazine for thinking mothers.url
2015-08-05 08:40 - 2015-08-06 12:00 - 00000000 ____D C:\Users\Genna\AppData\Local\NPE
2015-08-04 19:11 - 2015-08-04 19:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2015-08-04 19:03 - 2015-08-04 19:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-07-31 23:04 - 2015-08-04 17:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2015-07-17 21:07 - 2015-07-17 21:07 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-17 08:24 - 2015-08-08 09:55 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-17 08:24 - 2015-08-08 09:55 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 17:09 - 2014-10-08 16:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-16 17:07 - 2013-01-04 15:21 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-615137952-235082984-2108559562-1001
2015-08-16 17:03 - 2015-06-23 09:53 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA.job
2015-08-16 17:03 - 2014-01-25 12:55 - 00000000 ___RD C:\Users\Genna\Google Drive
2015-08-16 17:02 - 2015-02-26 18:26 - 00004986 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MOMMALAPTOP-Genna MommaLaptop
2015-08-16 17:02 - 2014-01-25 12:53 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 17:02 - 2014-01-25 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 17:02 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-16 17:02 - 2013-01-04 15:25 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-16 17:01 - 2013-01-04 15:25 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 16:56 - 2013-01-04 15:25 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-16 16:56 - 2013-01-04 15:25 - 00003666 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-16 16:56 - 2012-10-19 03:16 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-08-16 16:49 - 2015-06-15 10:43 - 00000000 ____D C:\Users\Genna\.gstreamer-0.10
2015-08-16 16:49 - 2013-10-16 16:45 - 00000000 ____D C:\Users\Genna\AppData\Roaming\MotoCast
2015-08-16 16:48 - 2013-03-10 12:38 - 00000000 ___RD C:\Users\Genna\Dropbox
2015-08-16 16:48 - 2013-03-10 12:35 - 00000000 ____D C:\Users\Genna\AppData\Roaming\Dropbox
2015-08-16 16:47 - 2014-01-01 21:07 - 00000000 ___DO C:\Users\Genna\SkyDrive
2015-08-16 16:45 - 2013-11-14 03:20 - 00305166 _____ C:\WINDOWS\PFRO.log
2015-08-16 16:45 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-16 16:45 - 2013-08-22 10:46 - 00349329 _____ C:\WINDOWS\setupact.log
2015-08-16 16:45 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 16:45 - 2012-10-19 03:17 - 00000000 ____D C:\Temp
2015-08-16 16:44 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 13:44 - 2015-07-09 13:14 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-08-16 13:11 - 2014-01-01 20:49 - 01575026 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 11:25 - 2013-03-20 14:30 - 01823232 ___SH C:\Users\Genna\Downloads\Thumbs.db
2015-08-16 11:13 - 2013-11-14 03:28 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 11:12 - 2014-01-22 11:49 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48066FC1-31EF-43ED-99CB-D8307D687B8F}
2015-08-16 11:08 - 2013-03-09 00:11 - 00510464 ___SH C:\Users\Genna\Desktop\Thumbs.db
2015-08-16 11:01 - 2014-01-01 20:35 - 00000000 ____D C:\Users\Genna
2015-08-16 10:33 - 2013-01-04 15:25 - 00000000 ____D C:\Users\Genna\AppData\Local\Google
2015-08-16 10:19 - 2014-11-16 12:43 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieBrowserModeList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieUserList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieSiteList
2015-08-16 10:11 - 2014-06-16 20:53 - 00000000 ____D C:\Users\Genna\Downloads\Nippon-Beneflex
2015-08-16 09:09 - 2014-12-23 14:08 - 00000000 ____D C:\Users\Genna\AppData\Local\CrashDumps
2015-08-15 21:03 - 2015-06-23 09:53 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core.job
2015-08-14 21:35 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 20:02 - 2013-08-22 10:44 - 00492000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 20:02 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-14 19:57 - 2014-12-12 08:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 19:57 - 2014-07-10 07:29 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 19:54 - 2013-07-12 12:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 19:48 - 2013-01-05 10:40 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 14:26 - 2013-01-18 11:46 - 00000157 _____ C:\WINDOWS\SysWOW64\SystemPreferences.xml
2015-08-13 09:54 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 19:51 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 15:10 - 2014-10-08 16:30 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-07 16:11 - 2014-12-30 12:38 - 00000000 ____D C:\Users\Genna\AppData\Local\LogMeIn Rescue Applet
2015-08-06 15:30 - 2014-04-06 12:36 - 00000000 ____D C:\Program Files (x86)\Driver Wizard
2015-08-06 11:50 - 2012-07-26 04:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-05 08:41 - 2014-11-17 14:03 - 00000000 ____D C:\ProgramData\Norton
2015-08-04 19:04 - 2014-11-17 14:11 - 00003228 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-08-04 19:04 - 2014-11-17 14:08 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2015-08-04 19:03 - 2014-11-17 14:11 - 00002380 _____ C:\Users\Public\Desktop\Norton Security Suite.LNK
2015-08-01 06:10 - 2014-01-01 23:26 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-01 06:03 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 01:42 - 2014-11-17 14:11 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-08-01 01:42 - 2014-11-17 14:11 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-08-01 01:42 - 2014-11-17 14:11 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-08-01 01:31 - 2014-11-17 14:03 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-25 11:08 - 2015-04-05 02:40 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-24 14:13 - 2015-05-13 13:21 - 00000000 ___RD C:\Users\Genna\OneDrive
2015-07-24 14:13 - 2015-02-26 18:06 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-615137952-235082984-2108559562-1001
2015-07-23 12:31 - 2014-01-24 19:25 - 00000000 ____D C:\Users\Genna\.dvdcss
2015-07-22 10:18 - 2013-04-24 10:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-19 20:58 - 2015-06-23 09:53 - 00003888 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA
2015-07-19 20:58 - 2015-06-23 09:53 - 00003508 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core
2015-07-17 08:15 - 2015-04-05 02:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-17 08:15 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-17 08:15 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore

==================== Files in the root of some directories =======

2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\HRZHEL
2014-09-01 04:18 - 2014-09-01 04:18 - 0001248 _____ () C:\Users\Genna\AppData\Roaming\QCARYUG
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\SWGXET
2014-10-07 19:06 - 2014-10-07 19:06 - 0000043 _____ () C:\Users\Genna\AppData\Roaming\WB.CFG
2015-02-27 17:19 - 2015-02-27 17:19 - 0003584 _____ () C:\Users\Genna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-30 16:16 - 2014-12-18 23:15 - 0000163 _____ () C:\Users\Genna\AppData\Local\ZenfolioDownloader.log
2013-08-17 12:26 - 2013-08-17 12:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-11-16 13:44 - 2014-11-16 13:50 - 0001731 _____ () C:\ProgramData\tempimage.bmp
2012-10-19 03:12 - 2012-10-19 03:13 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-10-19 03:08 - 2012-10-19 03:09 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-10-19 03:09 - 2012-10-19 03:10 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-10-19 03:08 - 2012-10-19 03:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-10-19 03:10 - 2012-10-19 03:12 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
C:\Users\Genna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcy0dd.dll
C:\Users\Genna\AppData\Local\Temp\jna2660324884185932600.dll
C:\Users\Genna\AppData\Local\Temp\jna2968711618457328810.dll
C:\Users\Genna\AppData\Local\Temp\jna8485977506312132074.dll
C:\Users\Genna\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Genna\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-16 11:36

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by Genna (2015-08-16 17:46:06)
Running from C:\Users\Genna\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-615137952-235082984-2108559562-500 - Administrator - Disabled)
Genna (S-1-5-21-615137952-235082984-2108559562-1001 - Administrator - Enabled) => C:\Users\Genna
Guest (S-1-5-21-615137952-235082984-2108559562-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-615137952-235082984-2108559562-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-615137952-235082984-2108559562-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security Suite (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security Suite (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{3D5F07C3-1B93-47F8-9F8A-DE8E47BF1669}) (Version: 1.0.209 - Citrix)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{FEFDCDCF-C49C-45D0-AAF8-5345858ADEC7}) (Version: 1.2.1.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.209 - ALPS ELECTRIC CO., LTD.)
Dell Update (HKLM-x32\...\{90437913-9D4D-4D9D-B438-B8664DF851E9}) (Version: 1.7.1007.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.)
DVD Catalyst 4 v4.4.4.4 (HKLM-x32\...\DVD Catalyst 4) (Version: v4.4.4.4 - Tools4Movies)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 6.30.59.26 - Dell Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GoPro Studio 2.5.4 (HKLM-x32\...\GoPro Studio) (Version: 2.5.4 - GoPro, Inc.)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.0.20.17316 - LeapFrog)
LeapFrog Connect (x32 Version: 5.0.20.17316 - LeapFrog) Hidden
LeapFrog Tag Plugin (x32 Version: 5.0.19.17305 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4737.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\OneDriveSetup.exe) (Version: 17.3.5907.0716 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.3 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.07.3101 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Motorola Mobile Drivers Installation 6.2.0 (HKLM\...\{8EC78F02-5C36-4C97-AAC4-95A3D742A285}) (Version: 6.2.0 - Motorola Inc.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 22.5.2.15 - Symantec Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4737.1003 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PocketCloud Windows Companion (HKLM-x32\...\{EC67E1FF-4433-4096-A091-CF2828434493}) (Version: 2.5.11 - Wyse Technology)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.27 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SanDiskSecureAccess_Manager.exe (HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\@@[email protected]@SanDiskSecureAccess_Manager.exe) (Version: 1.1.19755 - Gemalto N.V.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 5.0.19.17305 - LeapFrog)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 12.0.0.1600 - Broadcom Corporation)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Genna\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-615137952-235082984-2108559562-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)

==================== Restore Points =========================

28-07-2015 05:58:03 Scheduled Checkpoint
04-08-2015 22:01:26 Scheduled Checkpoint
12-08-2015 19:41:39 Windows Update
16-08-2015 10:43:14 Removed Amazon Browser App
16-08-2015 11:01:33 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2015-08-16 11:03 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09724424-73E9-4985-AAF7-BABC1866DB36} - \DonutQuotes -> No File <==== ATTENTION
Task: {0B98D7F2-CDB7-4EA0-9DDB-424878C8D264} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {131F89BB-3474-4998-A14F-4130CE75683B} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {1C3F1563-2EA4-473B-8A70-515B1F110031} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {306C16FC-E9F7-4C11-A62F-0BD4153E54D4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {474D6192-BDD9-4165-8BBC-5ABD968CE1D6} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {48E398E4-8BBD-4C87-8B35-7FFBBF65D066} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation)
Task: {4E74D280-CC84-450B-BE70-A4FAD859895C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {515CA94E-2F7E-490E-BEDE-E5AD094E2C66} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {5806EAA1-7BAD-47F0-A633-25AC40449838} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {58D34588-0BF8-4223-8B9B-A4B26FBE4C78} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {658843FA-0808-445B-A316-FEDA548EA0DF} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {6C04A447-034F-416C-A366-1BFA2E953FC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-04] (Google Inc.)
Task: {751EA36C-6DBA-4DA0-91CC-94115F186D2E} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation)
Task: {8ED402C1-12AD-48BE-9F8A-66D9E11162CD} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {9AB69260-8568-41C9-A26E-8E641F5BF54B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-14] (Microsoft Corporation)
Task: {9D341DC2-793B-4F38-A1D4-F1B094F4FC8B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-23] (Dropbox, Inc.)
Task: {A50BF5D7-128A-44AB-B87E-CFEC2659545A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-07-01] (Microsoft Corporation)
Task: {AB3B3408-7963-4BA9-838F-D7F57228E9A3} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-615137952-235082984-2108559562-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {B5457344-C7DE-4475-BE02-16ECE5D9B0E6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {BE30CDF9-7A50-47EE-B35E-908A4C441836} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {C071F66B-44DA-47CC-ADCB-8A350F8FB1D1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-09] (Microsoft Corporation)
Task: {CA55666B-034E-4496-945E-91BCD9A45505} - System32\Tasks\{AB4462D8-6469-479D-BB78-656FC808F025} => pcalua.exe -a "C:\Program Files\McAfee\MSC\mcuihost.exe" -c /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
Task: {D11679FE-9AB7-4EBC-A6BC-DFBAEE673882} - System32\Tasks\{7EF4D32A-28FA-4CF4-8B23-FAB223BBA47D} => pcalua.exe -a "C:\Program Files (x86)\donutleads\uninstall.exe"
Task: {DDAC7B9E-1CB1-49A5-900A-146D74120651} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {EC4B8160-F34C-4CB9-B04A-DFA961F81760} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.)
Task: {EDCE747D-A5EC-434F-84FE-1C5F55EABB05} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MOMMALAPTOP-Genna MommaLaptop => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-06-02] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core.job => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA.job => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-18 15:42 - 2013-12-18 15:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-07-09 17:48 - 2013-10-23 04:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-19 14:53 - 2012-07-19 14:53 - 00043384 _____ () c:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2014-03-13 16:47 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-17 17:42 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-10-19 03:10 - 2012-04-24 22:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-10-24 12:21 - 2012-10-24 12:21 - 00071680 _____ () C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\ServerNetworkInterface.dll
2012-10-24 12:21 - 2012-10-24 12:21 - 00078336 _____ () C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseWebServerLib.DLL
2012-10-06 02:12 - 2012-10-06 02:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 14:53 - 2012-07-19 14:53 - 00043384 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00240056 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
2012-10-24 12:18 - 2012-10-24 12:18 - 00188928 _____ () C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
2012-10-24 12:21 - 2012-10-24 12:21 - 02216448 _____ () C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\AetherCommLib.dll
2013-07-06 13:09 - 2013-04-19 19:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-07-06 13:09 - 2013-04-19 19:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 21:35 - 2012-09-07 21:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 21:37 - 2012-09-07 21:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 21:36 - 2012-09-07 21:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-06-20 17:35 - 2013-06-20 17:35 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2013-12-18 15:42 - 2013-12-18 15:42 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-02-14 19:05 - 2012-02-14 19:37 - 11796096 _____ () C:\Users\Genna\AppData\Roaming\SanDisk\My Vaults\dmBackup.dll
2015-08-16 16:48 - 2015-08-16 16:48 - 00205824 ____N () C:\Users\Genna\AppData\Local\Temp\WindowsAPI.dll7645163527520023786.lib
2015-08-16 11:10 - 2015-08-16 11:10 - 00509440 _____ () C:\Users\Genna\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
2015-08-16 16:49 - 2015-08-16 16:49 - 00314368 ____N () C:\Users\Genna\AppData\Local\Temp\WindowsFolderWatcher.dll5530766048052546585.lib
2015-08-16 16:49 - 2015-08-16 16:49 - 00160256 ____N () C:\Users\Genna\AppData\Local\Temp\ZumoLocalGateway.dll2334774735035304286.lib
2015-08-16 16:52 - 2015-08-16 16:52 - 00553984 ____N () C:\Users\Genna\AppData\Local\Temp\zumotaglib.dll8148754832207873808.lib
2014-12-16 18:37 - 2014-12-16 18:37 - 01800192 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\GPSDKAnalyticsNet.dll
2015-08-16 16:47 - 2015-08-16 16:47 - 00071168 _____ () c:\users\genna\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcy0dd.dll
2015-07-31 23:08 - 2015-08-05 16:49 - 00012800 _____ () C:\Users\Genna\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-31 23:08 - 2015-08-05 16:49 - 00779776 _____ () C:\Users\Genna\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-31 23:08 - 2015-08-05 16:49 - 00056320 _____ () C:\Users\Genna\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-31 23:08 - 2015-08-05 16:49 - 00012288 _____ () C:\Users\Genna\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-10-18 09:33 - 2014-10-18 09:33 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\80a14cd14e9579821dba2282b4349fef\PSIClient.ni.dll
2014-11-11 20:42 - 2014-11-11 20:42 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00699392 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstreamer-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 01396736 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libxml2-2.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00085504 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\z.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00030208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadder.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00471552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\liborc-0.4-0.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00253440 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstbase-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00109568 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstaudio-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstinterfaces-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstadpcmdec.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00038400 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaiff.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalaw.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00048640 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalpha.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00126976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstcontroller-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00038912 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstvideo-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00017920 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstalphacolor.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrnb.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00248352 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrnb.0.1.1.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00014848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstamrwbdec.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00123947 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libopencore-amrwb.0.1.1.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstapetag.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00133120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgsttag-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00098304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstpbutils-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00078848 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioconvert.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudiorate.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00052224 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstaudioresample.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstauparse.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautoconvert.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstautodetect.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00123904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstavi.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00041984 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstriff-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00212480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreelements.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00011776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcoreindexers.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00016896 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstcutter.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00086016 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdecodebin2.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00091136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowdecwrapper.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00073216 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstdshowsrcwrapper.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00026624 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstequalizer.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00187904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstffmpegcolorspace.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00069120 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflac.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00331264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libFLAC-8.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00023552 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libogg-0.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 01694208 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluaacdec.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00122880 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluasfdemux.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 02009600 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstfluh264dec.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00033280 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumcaacenc.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00036864 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumch264enc.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00088064 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflummssrc.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 01376256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3dec.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 01563136 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflump3enc.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00363008 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg2video.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00531968 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpeg4video.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00119296 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflumpegdemux.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstflv.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00029696 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgdp.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00018944 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstdataprotocol-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00037888 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstgio.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00032256 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3demux.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstid3tag.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00035840 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstinterleave.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00276480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstisomp4.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00069632 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libgstrtp-0.10.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstjpeg.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00276992 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libjpeg-8.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00019456 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstlevel.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00207872 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmatroska.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00047616 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegaudioparse.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00150528 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegdemux.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00039936 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegtsmux.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmpegvideoparse.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00015360 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmulaw.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00020480 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultifile.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00025088 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstmultipart.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00132608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstogg.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00029184 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstpng.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00190976 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libpng14-14.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00035328 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstreplaygain.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00011264 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstshift.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00054784 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsmpte.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00051712 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstsubparse.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00061952 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsttypefindfunctions.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00059904 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideobox.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00032768 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideocrop.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00024576 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideorate.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00075776 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvideoscale.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00034304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvolume.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00053760 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstvorbis.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00162304 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbis-0.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 01520128 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libvorbisenc-2.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00050688 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavpack.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00196608 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\libwavpack-1.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00042496 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgstwavparse.dll
2012-10-19 15:46 - 2012-10-19 15:46 - 00013312 _____ () C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\plugins\libgsty4menc.dll
2012-10-19 03:02 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-07-06 13:09 - 2013-05-02 20:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll
2015-08-16 17:02 - 2015-08-16 17:02 - 00098816 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32api.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00110080 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\pywintypes27.dll
2015-08-16 17:02 - 2015-08-16 17:02 - 00364544 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\pythoncom27.dll
2015-08-16 17:02 - 2015-08-16 17:02 - 00045568 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_socket.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 01161216 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_ssl.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00320512 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32com.shell.shell.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00713216 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_hashlib.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 01175040 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._core_.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00805888 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._gdi_.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00811008 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._windows_.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 01062400 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._controls_.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00735232 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._misc_.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00682496 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\pysqlite2._sqlite.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00087552 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_ctypes.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00119808 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32file.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00108544 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32security.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00007168 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\hashobjs_ext.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00068096 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\usb_ext.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00167936 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32gui.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00018432 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32event.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00128512 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_elementtree.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00127488 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\pyexpat.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00013824 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\common.time34.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00036864 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_psutil_windows.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00038912 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32inet.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00011264 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32crypt.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00070656 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._html2.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00027136 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_multiprocessing.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00020480 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\_yappi.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00035840 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32process.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00686080 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\unicodedata.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00122368 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._wizard.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00024064 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32pipe.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00010240 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\select.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00025600 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32pdh.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00525640 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\windows._lib_cacheinvalidation.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00017408 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32profile.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00022528 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\win32ts.pyd
2015-08-16 17:02 - 2015-08-16 17:02 - 00078336 _____ () C:\Users\Genna\AppData\Local\Temp\_MEI13522\wx._animate.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Genna\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-615137952-235082984-2108559562-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-615137952-235082984-2108559562-1004\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "InboxToolbar"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3318B03E-42CD-484B-9353-C166D0D3E894}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
FirewallRules: [{5FFEF1CA-8C93-460B-B1FE-650F02719116}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
FirewallRules: [{BC10910A-A02F-424E-A4C9-A7AC585BA179}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\motocast.exe
FirewallRules: [{0527D6B1-CBDD-482B-99D6-073E266E962A}] => (Allow) C:\Program Files (x86)\Motorola Mobility\MotoCast\motocast.exe
FirewallRules: [{5596B096-F28E-48B1-9503-C6A1846E5D61}] => (Allow) C:\Program Files (x86)\Motorola Media Link\Lite\mml.exe
FirewallRules: [{C1CADFCA-C58C-41B2-8F6D-21B7AF872EB1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{F47E45C0-050B-4BE3-B662-8AFAD99793B8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{2D01EBCE-DEA1-435B-B2F1-C3E989C88DA4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{98F4FB4D-9AF8-43CC-A801-ED0970C0B3B7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{2C1FF64B-9D05-48EE-9451-FC1073D3951B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{682D8A27-5FEF-4187-9AB0-50A13C0A1A77}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{AA34E026-4937-4923-BDCC-43FDF870F602}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{95B316B5-D031-4CCC-80A6-5ECB78DF6FED}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56DBC3A7-E272-4EFD-BE59-74110B2EE12E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC24B9FA-3B48-439B-9C57-7197E4066837}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{743EF8EE-C22C-45E9-BA79-08B8123F4A6E}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [UDP Query User{B840E5CF-00C5-46A4-854D-1D1C13D72BCB}C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [TCP Query User{49F22B5D-FB60-4738-87F7-BDF950DD3A75}C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [UDP Query User{E80B4BFD-5E96-4E11-B5C1-A6C90C006E5E}C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [TCP Query User{2B7CB36C-0E3C-4682-B438-15077559C5C9}C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [{705385F9-DF79-4208-A3F4-06E5E5BD77EA}] => (Allow) C:\Users\Genna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [UDP Query User{069B43EF-2B8C-4F17-AFDB-CC4288A9991C}C:\users\genna\appdata\local\temp\g2_635\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_635\g2viewer.exe
FirewallRules: [TCP Query User{BC6BC910-8B43-49F4-8D3C-7B82CB97C933}C:\users\genna\appdata\local\temp\g2_635\g2viewer.exe] => (Allow) C:\users\genna\appdata\local\temp\g2_635\g2viewer.exe
FirewallRules: [{91365B38-4E47-4AFA-BB22-851AE9A5A485}] => (Allow) C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{04E622D6-FC1F-4FA9-AF78-D79980BF90F9}] => (Allow) C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C2DF7E35-6711-4BCA-9805-2AB5A8705A98}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
FirewallRules: [{F99F974B-F267-4437-93C1-7EC282A69E0F}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{105371C7-1C28-466E-A76B-D1C2FB3C31AC}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe
FirewallRules: [{F99D6E14-6213-4A37-B9A3-B53E000F12D6}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
FirewallRules: [{BC20473D-5929-41F1-9E40-54EA76EB1526}] => (Allow) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
FirewallRules: [{BA8AC35A-125E-4353-B2B0-3D553EE6F1CE}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{6CCEE090-0F87-43C8-92F0-AFED01229E67}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{1D4F9B93-3347-47FF-85EB-2A942AFCCEC0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{024F33A4-174D-4BAF-8A00-931EB8182C71}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{FFB7B901-15F4-4826-9DC7-5042E4572870}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{7611357E-BD98-497C-81B5-C02EDBEC6463}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{48FF3A01-4181-4F8A-8A46-21BDD1E113C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{BEA185C4-8FC4-40CF-B243-8C4493D4004A}C:\users\genna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\genna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{5BD78FC8-8A1E-4441-B31D-5C5366E0D304}C:\users\genna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\genna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{BB41FE38-868F-47CF-8208-CCD43043C1D3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [TCP Query User{99FF0617-1AA5-4411-BB92-5BE3D6B816A0}C:\users\genna\appdata\local\temp\g2_1337\g2viewer.exe] => (Block) C:\users\genna\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [UDP Query User{0E6B7BD4-D6CE-4AC7-B59A-18CDDA023D14}C:\users\genna\appdata\local\temp\g2_1337\g2viewer.exe] => (Block) C:\users\genna\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [{663C6E82-8B94-4CF3-A43E-C22EBF11D47E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{451C8AE0-08BE-4582-B18F-666A833BF6C1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{12FC4E34-7D1E-4B3E-9265-3A56D5E6EA45}] => (Allow) LPort=2869
FirewallRules: [{FEC83737-105E-498A-9954-E3589AA3CACB}] => (Allow) LPort=1900
FirewallRules: [{07D721F2-D5EE-495F-9969-3047559BF1FA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/16/2015 05:36:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1108

Start Time: 01d0d86b853fa234

Termination Time: 11

Application Path: C:\Program Files\Internet Explorer\IEXPLORE.EXE

Report Id: e232a045-445e-11e5-bf6e-e006e6d72f00

Faulting package full name:

Faulting package-relative application ID:

Error: (08/16/2015 05:23:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4d8

Start Time: 01d0d869a5b3ba63

Termination Time: 28

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 0318af40-445d-11e5-bf6e-e006e6d72f00

Faulting package full name:

Faulting package-relative application ID:

Error: (08/16/2015 05:00:09 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (1624) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {973F5D5C-1D90-4944-BE8E-24B94231A174} is corrupted (0).

Error: (08/16/2015 04:52:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1398

Start Time: 01d0d864ca8c07ca

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: bc965c2b-4458-11e5-bf6e-e006e6d72f00

Faulting package full name: Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100am

Faulting package-relative application ID: App

Error: (08/16/2015 04:52:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11e0

Start Time: 01d0d864aec9398e

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Report Id: a7aabc15-4458-11e5-bf6e-e006e6d72f00

Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1

Error: (08/16/2015 04:00:09 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (1928) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {973F5D5C-1D90-4944-BE8E-24B94231A174} is corrupted (0).

Error: (08/16/2015 03:35:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1290

Start Time: 01d0d85a02a49bd3

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: f562e2c3-444d-11e5-bf6d-e006e6d72f00

Faulting package full name: Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100am

Faulting package-relative application ID: App

Error: (08/16/2015 03:24:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fa0

Start Time: 01d0d858f50dbe98

Termination Time: 28

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id: 5842bfa4-444c-11e5-bf6c-e006e6d72f00

Faulting package full name:

Faulting package-relative application ID:

Error: (08/16/2015 03:17:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1738

Start Time: 01d0d8577bd9f0c3

Termination Time: 4294967295

Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe

Report Id: 6f64bbfe-444b-11e5-bf6c-e006e6d72f00

Faulting package full name: Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100am

Faulting package-relative application ID: App

Error: (08/16/2015 03:00:00 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (1812) SRUJet: Database C:\WINDOWS\system32\SRU\SRUDB.dat: Index AppIdTimeStamp of table {973F5D5C-1D90-4944-BE8E-24B94231A174} is corrupted (0).

System errors:
=============
Error: (08/16/2015 04:51:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The NVIDIA Update Service Daemon service hung on starting.

Error: (08/16/2015 04:44:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/16/2015 04:44:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/16/2015 04:44:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The WMI Performance Adapter service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Data Vault service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Wyse Remote Access service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (08/16/2015 03:41:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Wyse PocketCloud service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office:
=========================
Error: (08/16/2015 05:36:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17840110801d0d86b853fa23411C:\Program Files\Internet Explorer\IEXPLORE.EXEe232a045-445e-11e5-bf6e-e006e6d72f00

Error: (08/16/2015 05:23:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.178404d801d0d869a5b3ba6328C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE0318af40-445d-11e5-bf6e-e006e6d72f00

Error: (08/16/2015 05:00:09 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost1624SRUJet: AppIdTimeStamp{973F5D5C-1D90-4944-BE8E-24B94231A174}C:\WINDOWS\system32\SRU\SRUDB.dat0

Error: (08/16/2015 04:52:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415139801d0d864ca8c07ca4294967295C:\WINDOWS\system32\backgroundTaskHost.exebc965c2b-4458-11e5-bf6e-e006e6d72f00Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100amApp

Error: (08/16/2015 04:52:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2091111e001d0d864aec9398e4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exea7aabc15-4458-11e5-bf6e-e006e6d72f00microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (08/16/2015 04:00:09 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost1928SRUJet: AppIdTimeStamp{973F5D5C-1D90-4944-BE8E-24B94231A174}C:\WINDOWS\system32\SRU\SRUDB.dat0

Error: (08/16/2015 03:35:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415129001d0d85a02a49bd34294967295C:\WINDOWS\system32\backgroundTaskHost.exef562e2c3-444d-11e5-bf6d-e006e6d72f00Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100amApp

Error: (08/16/2015 03:24:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17840fa001d0d858f50dbe9828C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE5842bfa4-444c-11e5-bf6c-e006e6d72f00

Error: (08/16/2015 03:17:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415173801d0d8577bd9f0c34294967295C:\WINDOWS\system32\backgroundTaskHost.exe6f64bbfe-444b-11e5-bf6c-e006e6d72f00Allrecipes.Allrecipes_1.20.0.781_neutral__f8zhmzza100amApp

Error: (08/16/2015 03:00:00 PM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost1812SRUJet: AppIdTimeStamp{973F5D5C-1D90-4944-BE8E-24B94231A174}C:\WINDOWS\system32\SRU\SRUDB.dat0

CodeIntegrity:
===================================
  Date: 2015-08-16 17:45:10.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:45:10.269
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:45:10.144
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:45:10.019
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:37:03.000
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:37:02.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:37:02.766
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:37:02.656
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:36:55.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-08-16 17:36:55.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 3953.59 MB
Available physical RAM: 1382.68 MB
Total Virtual: 6385.59 MB
Available Virtual: 3331.4 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:412.67 GB) (Free:213.83 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7E76F41C)

Partition: GPT.

==================== End of log ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by Genna (administrator) on MOMMALAPTOP (16-08-2015 17:44:53)
Running from C:\Users\Genna\Desktop
Loaded Profiles: Genna & UpdatusUser (Available Profiles: Genna & UpdatusUser)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Wyse Technology Inc.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Gemalto N.V.) C:\Users\Genna\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
(Motorola Mobility Inc.) C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoCast.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Dropbox, Inc.) C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
() C:\Program Files (x86)\Motorola Mobility\MotoCast\bin\MotoCast-thumbnailer.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
() C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe
(Wyse Technology.) C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
Failed to access process -> iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [678296 2012-07-09] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [4384928 2012-07-12] (Dell Inc.)
HKLM\...\Run: [PocketCloud Location] => C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseBrowser.exe [933776 2012-10-24] (Wyse Technology Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [103936 2013-06-26] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [SanDiskSecureAccess_Manager.exe] => C:\Users\Genna\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe [30705792 2012-02-15] (Gemalto N.V.)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [MotoCast] => C:\Program Files (x86)\Motorola Mobility\MotoCast\MotoLauncher.lnk [2053 2013-10-16] ()
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-615137952-235082984-2108559562-1001\...\Run: [Dropbox Update] => C:\Users\Genna\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-23] (Dropbox, Inc.)
HKU\S-1-5-21-615137952-235082984-2108559562-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-19]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-02-13]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-07-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Genna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Genna\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

URLSearchHook: [S-1-5-21-615137952-235082984-2108559562-1004] ATTENTION => Default URLSearchHook is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.7.0.11\IPS\IPSBHO.DLL No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\coIEPlg.dll [2015-07-10] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{2F84BA02-1686-4319-B34C-B14E77C142D3}: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-615137952-235082984-2108559562-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Genna\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-06-16] (Citrix Online)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFPlgn [2015-08-16]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR Profile: C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-16]
CHR Extension: (Google Docs) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-16]
CHR Extension: (YouTube) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-16]
CHR Extension: (Google Search) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-16]
CHR Extension: (ShopAtHome.com) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmebkoiahbppacaicbgncnjhbpdfkcc [2015-08-16]
CHR Extension: (Google Sheets) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Gmail) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-16]
CHR Profile: C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-16]
CHR Extension: (YouTube) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-16]
CHR Extension: (Google Search) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-16]
CHR Extension: (Norton Identity Safe) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16]
CHR Extension: (Gmail) - C:\Users\Genna\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-16]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-01]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-615137952-235082984-2108559562-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Genna\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-25]
CHR HKU\S-1-5-21-615137952-235082984-2108559562-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\Exts\Chrome.crx [2015-08-01]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\OTBSurvey.exe [145288 2015-04-09] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2573520 2015-05-22] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-05-22] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-06-09] (Dell Inc.)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LeapFrog Connect Device Service; C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7391232 2013-06-26] (LeapFrog Enterprises, Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\22.5.2.15\N360.exe [282016 2015-07-16] (Symantec Corporation)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WysePocketCloud; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\PocketCloudService.exe [188928 2012-10-24] () [File not signed]
R2 WyseRemoteAccess; C:\Program Files (x86)\Wyse\PocketCloud Windows Companion\WyseRemoteAccess.exe [1436160 2012-10-24] (Wyse Technology.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6824520 2012-07-10] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20150810.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20150814.002\IDSvia64.sys [692984 2015-08-04] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20150816.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\VirusDefs\20150816.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605020.00F\SymELAM.sys [24192 2015-07-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-08-01] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 TDKLIB; \??\C:\Users\Genna\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 16:04 - 2015-08-16 16:46 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 16:04 - 2015-08-16 16:04 - 00001116 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-16 16:04 - 2015-08-16 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-16 16:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-08-16 16:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-08-16 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-08-16 15:48 - 2015-08-16 15:48 - 00002377 _____ C:\Users\Genna\Desktop\Genevieve - Chrome.lnk
2015-08-16 15:45 - 2015-08-16 15:45 - 00001425 _____ C:\Users\Genna\Desktop\JRT2.txt
2015-08-16 15:44 - 2015-08-16 15:44 - 00001425 _____ C:\Users\Genna\Desktop\JRT.txt
2015-08-16 15:27 - 2015-08-16 15:27 - 00004265 _____ C:\AdwCleaner[C1].txt
2015-08-16 15:25 - 2015-08-16 15:26 - 00003797 _____ C:\AdwCleaner[S2].txt
2015-08-16 15:17 - 2015-08-16 15:27 - 00000000 ____D C:\AdwCleaner
2015-08-16 15:17 - 2015-08-16 15:18 - 00003730 _____ C:\AdwCleaner[S1].txt
2015-08-16 10:59 - 2015-08-16 10:59 - 00000000 ____D C:\Users\Genna\Desktop\FRST-OlderVersion
2015-08-16 10:33 - 2015-08-16 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-12 19:50 - 2015-07-30 10:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:50 - 2015-07-30 09:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 20:48 - 2015-08-16 11:11 - 00000123 _____ C:\Users\Genna\Desktop\Geeks to Go - Free help from tech experts.url
2015-08-11 20:29 - 2015-08-11 20:30 - 00067906 _____ C:\Users\Genna\Desktop\Addition.txt
2015-08-11 20:28 - 2015-08-16 17:45 - 00029023 _____ C:\Users\Genna\Desktop\FRST.txt
2015-08-11 20:26 - 2015-08-16 17:44 - 00000000 ____D C:\FRST
2015-08-11 20:25 - 2015-08-16 10:59 - 02173952 _____ (Farbar) C:\Users\Genna\Desktop\FRST64.exe
2015-08-11 19:42 - 2015-08-11 19:42 - 00000000 ____D C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-11 19:31 - 2015-07-28 19:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-11 19:31 - 2015-07-28 10:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-11 19:31 - 2015-07-28 10:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-11 19:31 - 2015-07-18 21:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-11 19:31 - 2015-07-18 14:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-11 19:31 - 2015-07-18 14:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-11 19:31 - 2015-07-18 14:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-11 19:31 - 2015-07-18 14:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-11 19:31 - 2015-07-18 14:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-11 19:31 - 2015-07-18 14:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-11 19:31 - 2015-07-18 14:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-11 19:31 - 2015-07-18 14:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-11 19:31 - 2015-07-18 14:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-11 19:31 - 2015-07-16 17:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-11 19:31 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-11 19:31 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-11 19:31 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-11 19:31 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-11 19:31 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-11 19:31 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-11 19:31 - 2015-07-16 16:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-11 19:31 - 2015-07-16 15:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-11 19:31 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-11 19:31 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-11 19:31 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-11 19:31 - 2015-07-16 15:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-11 19:31 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-11 19:31 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-11 19:31 - 2015-07-16 15:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-11 19:31 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-11 19:31 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-11 19:31 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-11 19:31 - 2015-07-16 15:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-11 19:31 - 2015-07-16 15:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-11 19:31 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-11 19:31 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-11 19:31 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-11 19:31 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-11 19:31 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-11 19:31 - 2015-07-16 14:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-11 19:31 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-11 19:31 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-11 19:31 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-11 19:31 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-11 19:31 - 2015-07-15 20:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-11 19:31 - 2015-07-15 20:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-11 19:31 - 2015-07-15 20:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-11 19:31 - 2015-07-15 20:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-11 19:31 - 2015-07-10 13:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-11 19:31 - 2015-07-07 05:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-11 19:31 - 2015-07-07 05:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-11 19:31 - 2015-07-07 05:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-11 19:31 - 2015-07-01 18:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-11 19:31 - 2015-07-01 18:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-11 19:31 - 2015-07-01 17:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-11 19:31 - 2015-07-01 17:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-11 19:31 - 2015-06-12 13:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-11 19:31 - 2015-06-12 12:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 19:31 - 2015-06-09 14:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-11 19:26 - 2015-07-14 17:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-11 19:26 - 2015-07-14 17:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-11 19:26 - 2015-07-14 17:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-11 19:26 - 2015-07-13 23:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-11 19:26 - 2015-07-13 23:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-11 19:26 - 2015-07-13 15:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-11 19:26 - 2015-07-13 15:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-11 19:26 - 2015-07-10 14:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-11 19:26 - 2015-07-10 13:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-11 19:26 - 2015-07-10 13:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-11 19:26 - 2015-07-10 13:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-11 19:26 - 2015-07-10 12:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-11 19:26 - 2015-07-10 12:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-11 19:26 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-11 19:26 - 2015-07-09 13:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-11 19:26 - 2015-07-09 12:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-11 19:26 - 2015-06-11 16:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-11 19:26 - 2015-06-11 16:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 19:26 - 2015-05-11 20:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-11 19:25 - 2015-07-29 10:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-11 19:25 - 2015-07-29 10:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-11 19:25 - 2015-07-29 10:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-11 19:25 - 2015-07-24 14:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-11 19:25 - 2015-07-24 14:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-11 19:25 - 2015-07-24 14:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-11 19:25 - 2015-07-24 13:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-11 19:25 - 2015-07-24 13:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-11 15:09 - 2015-08-11 15:09 - 09284296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-08-06 11:51 - 2015-08-06 11:51 - 00000000 ____D C:\NPE
2015-08-06 11:46 - 2015-08-06 11:46 - 03088296 _____ (Symantec Corporation) C:\Users\Genna\Downloads\NPE.exe
2015-08-06 11:39 - 2015-08-06 11:39 - 01596224 _____ (LogMeIn, Inc.) C:\Users\Genna\Downloads\Support-LogMeInRescue (1).exe
2015-08-06 11:39 - 2015-08-06 11:39 - 00002270 _____ C:\Users\Genna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec Support (4).lnk
2015-08-06 09:07 - 2015-08-06 09:07 - 00000055 _____ C:\Users\Genna\Desktop\Brain, Child Magazine - the magazine for thinking mothers.url
2015-08-05 08:40 - 2015-08-06 12:00 - 00000000 ____D C:\Users\Genna\AppData\Local\NPE
2015-08-04 19:11 - 2015-08-04 19:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360
2015-08-04 19:03 - 2015-08-04 19:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2015-07-31 23:04 - 2015-08-04 17:30 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2015-07-17 21:07 - 2015-07-17 21:07 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-17 08:24 - 2015-08-08 09:55 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-17 08:24 - 2015-08-08 09:55 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 17:09 - 2014-10-08 16:30 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-16 17:07 - 2013-01-04 15:21 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-615137952-235082984-2108559562-1001
2015-08-16 17:03 - 2015-06-23 09:53 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA.job
2015-08-16 17:03 - 2014-01-25 12:55 - 00000000 ___RD C:\Users\Genna\Google Drive
2015-08-16 17:02 - 2015-02-26 18:26 - 00004986 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MOMMALAPTOP-Genna MommaLaptop
2015-08-16 17:02 - 2014-01-25 12:53 - 00002058 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 17:02 - 2014-01-25 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 17:02 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-16 17:02 - 2013-01-04 15:25 - 00000930 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-16 17:01 - 2013-01-04 15:25 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 16:56 - 2013-01-04 15:25 - 00003902 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-16 16:56 - 2013-01-04 15:25 - 00003666 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-16 16:56 - 2012-10-19 03:16 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-08-16 16:49 - 2015-06-15 10:43 - 00000000 ____D C:\Users\Genna\.gstreamer-0.10
2015-08-16 16:49 - 2013-10-16 16:45 - 00000000 ____D C:\Users\Genna\AppData\Roaming\MotoCast
2015-08-16 16:48 - 2013-03-10 12:38 - 00000000 ___RD C:\Users\Genna\Dropbox
2015-08-16 16:48 - 2013-03-10 12:35 - 00000000 ____D C:\Users\Genna\AppData\Roaming\Dropbox
2015-08-16 16:47 - 2014-01-01 21:07 - 00000000 ___DO C:\Users\Genna\SkyDrive
2015-08-16 16:45 - 2013-11-14 03:20 - 00305166 _____ C:\WINDOWS\PFRO.log
2015-08-16 16:45 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-16 16:45 - 2013-08-22 10:46 - 00349329 _____ C:\WINDOWS\setupact.log
2015-08-16 16:45 - 2013-08-22 10:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-16 16:45 - 2012-10-19 03:17 - 00000000 ____D C:\Temp
2015-08-16 16:44 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-16 13:44 - 2015-07-09 13:14 - 00000000 ____D C:\Program Files (x86)\Dell Update
2015-08-16 13:11 - 2014-01-01 20:49 - 01575026 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-16 11:25 - 2013-03-20 14:30 - 01823232 ___SH C:\Users\Genna\Downloads\Thumbs.db
2015-08-16 11:13 - 2013-11-14 03:28 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 11:12 - 2014-01-22 11:49 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{48066FC1-31EF-43ED-99CB-D8307D687B8F}
2015-08-16 11:08 - 2013-03-09 00:11 - 00510464 ___SH C:\Users\Genna\Desktop\Thumbs.db
2015-08-16 11:01 - 2014-01-01 20:35 - 00000000 ____D C:\Users\Genna
2015-08-16 10:33 - 2013-01-04 15:25 - 00000000 ____D C:\Users\Genna\AppData\Local\Google
2015-08-16 10:19 - 2014-11-16 12:43 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieBrowserModeList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieUserList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieSiteList
2015-08-16 10:11 - 2014-06-16 20:53 - 00000000 ____D C:\Users\Genna\Downloads\Nippon-Beneflex
2015-08-16 09:09 - 2014-12-23 14:08 - 00000000 ____D C:\Users\Genna\AppData\Local\CrashDumps
2015-08-15 21:03 - 2015-06-23 09:53 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core.job
2015-08-14 21:35 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-14 20:02 - 2013-08-22 10:44 - 00492000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-14 20:02 - 2013-08-22 09:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-08-14 19:57 - 2014-12-12 08:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-14 19:57 - 2014-07-10 07:29 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 19:57 - 2013-08-22 11:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 19:54 - 2013-07-12 12:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-14 19:48 - 2013-01-05 10:40 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-13 14:26 - 2013-01-18 11:46 - 00000157 _____ C:\WINDOWS\SysWOW64\SystemPreferences.xml
2015-08-13 09:54 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 19:51 - 2012-07-26 03:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-11 15:10 - 2014-10-08 16:30 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-07 16:11 - 2014-12-30 12:38 - 00000000 ____D C:\Users\Genna\AppData\Local\LogMeIn Rescue Applet
2015-08-06 15:30 - 2014-04-06 12:36 - 00000000 ____D C:\Program Files (x86)\Driver Wizard
2015-08-06 11:50 - 2012-07-26 04:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-05 08:41 - 2014-11-17 14:03 - 00000000 ____D C:\ProgramData\Norton
2015-08-04 19:04 - 2014-11-17 14:11 - 00003228 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-08-04 19:04 - 2014-11-17 14:08 - 00000000 ____D C:\WINDOWS\system32\Drivers\N360x64
2015-08-04 19:03 - 2014-11-17 14:11 - 00002380 _____ C:\Users\Public\Desktop\Norton Security Suite.LNK
2015-08-01 06:10 - 2014-01-01 23:26 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-01 06:03 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 01:42 - 2014-11-17 14:11 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-08-01 01:42 - 2014-11-17 14:11 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-08-01 01:42 - 2014-11-17 14:11 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-08-01 01:31 - 2014-11-17 14:03 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-07-25 11:08 - 2015-04-05 02:40 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-24 14:13 - 2015-05-13 13:21 - 00000000 ___RD C:\Users\Genna\OneDrive
2015-07-24 14:13 - 2015-02-26 18:06 - 00003102 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-615137952-235082984-2108559562-1001
2015-07-23 12:31 - 2014-01-24 19:25 - 00000000 ____D C:\Users\Genna\.dvdcss
2015-07-22 10:18 - 2013-04-24 10:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-19 20:58 - 2015-06-23 09:53 - 00003888 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001UA
2015-07-19 20:58 - 2015-06-23 09:53 - 00003508 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-615137952-235082984-2108559562-1001Core
2015-07-17 08:15 - 2015-04-05 02:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-07-17 08:15 - 2013-08-22 11:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-07-17 08:15 - 2013-08-22 11:36 - 00000000 ____D C:\WINDOWS\WinStore

==================== Files in the root of some directories =======

2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\HRZHEL
2014-09-01 04:18 - 2014-09-01 04:18 - 0001248 _____ () C:\Users\Genna\AppData\Roaming\QCARYUG
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\SWGXET
2014-10-07 19:06 - 2014-10-07 19:06 - 0000043 _____ () C:\Users\Genna\AppData\Roaming\WB.CFG
2015-02-27 17:19 - 2015-02-27 17:19 - 0003584 _____ () C:\Users\Genna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-30 16:16 - 2014-12-18 23:15 - 0000163 _____ () C:\Users\Genna\AppData\Local\ZenfolioDownloader.log
2013-08-17 12:26 - 2013-08-17 12:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-11-16 13:44 - 2014-11-16 13:50 - 0001731 _____ () C:\ProgramData\tempimage.bmp
2012-10-19 03:12 - 2012-10-19 03:13 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-10-19 03:08 - 2012-10-19 03:09 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-10-19 03:09 - 2012-10-19 03:10 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-10-19 03:08 - 2012-10-19 03:08 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-10-19 03:10 - 2012-10-19 03:12 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Some files in TEMP:
====================
C:\Users\Genna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcy0dd.dll
C:\Users\Genna\AppData\Local\Temp\jna2660324884185932600.dll
C:\Users\Genna\AppData\Local\Temp\jna2968711618457328810.dll
C:\Users\Genna\AppData\Local\Temp\jna8485977506312132074.dll
C:\Users\Genna\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Genna\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-16 11:36

==================== End of log ============================


  • 0

#18
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Also getting a lot of websites (not responding) in both browsers

and still a few ads on the sides of websites (such as Target.com)


  • 0

#19
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
Hello,

Please remove this out dated Java version from you programs an features uninstall list.
Java 7 Update 71
Next
A few items to fix;
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-615137952-235082984-2108559562-1004] ATTENTION => Default URLSearchHook is missing
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
S3 TDKLIB; \??\C:\Users\Genna\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]
2015-08-16 10:19 - 2014-11-16 12:43 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieBrowserModeList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieUserList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieSiteList
Task: {09724424-73E9-4985-AAF7-BABC1866DB36} - \DonutQuotes -> No File <==== ATTENTION
Task: {D11679FE-9AB7-4EBC-A6BC-DFBAEE673882} - System32\Tasks\{7EF4D32A-28FA-4CF4-8B23-FAB223BBA47D} => pcalua.exe -a "C:\Program Files (x86)\donutleads\uninstall.exe"
C:\Users\Genna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcy0dd.dll
C:\Users\Genna\AppData\Local\Temp\jna2660324884185932600.dll
C:\Users\Genna\AppData\Local\Temp\jna2968711618457328810.dll
C:\Users\Genna\AppData\Local\Temp\jna8485977506312132074.dll
C:\Users\Genna\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Genna\AppData\Local\Temp\sqlite3.dll
C:\Program Files (x86)\donutleads
AlternateDataStreams: C:\Users\Genna\SkyDrive:ms-properties
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\HRZHEL
2014-09-01 04:18 - 2014-09-01 04:18 - 0001248 _____ () C:\Users\Genna\AppData\Roaming\QCARYUG
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\SWGXET
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state OFF
Emptytemp:
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.
 
Next
ESET Online Scanner Please note this scan could take over an hour to finish..

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
    • Now click on: EOLS3.gif
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
    • Copy and paste that log as a reply to this topic.
    • Now click on: EOLS4.gif
      (Selecting Uninstall application on close if you so wish)
  • In your next reply post the,
    • Fixlog.txt
    • ESET Scan results

  • 0

#20
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

I think this is it, I had saved and renamed it before I read the rest, thought it saved again but cannot find it on desktop, let me know if I need to re-run.

start
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: [S-1-5-21-615137952-235082984-2108559562-1004] ATTENTION => Default URLSearchHook is missing
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
S3 TDKLIB; \??\C:\Users\Genna\AppData\Local\Temp\ExtactTemp\TdkLib64.sys [X]
2015-08-16 10:19 - 2014-11-16 12:43 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieBrowserModeList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieUserList
2015-08-16 10:19 - 2014-04-30 18:21 - 00000000 __SHD C:\Users\Genna\AppData\Local\EmieSiteList
Task: {09724424-73E9-4985-AAF7-BABC1866DB36} - \DonutQuotes -> No File <==== ATTENTION
Task: {D11679FE-9AB7-4EBC-A6BC-DFBAEE673882} - System32\Tasks\{7EF4D32A-28FA-4CF4-8B23-FAB223BBA47D} => pcalua.exe -a "C:\Program Files (x86)\donutleads\uninstall.exe"
C:\Users\Genna\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcy0dd.dll
C:\Users\Genna\AppData\Local\Temp\jna2660324884185932600.dll
C:\Users\Genna\AppData\Local\Temp\jna2968711618457328810.dll
C:\Users\Genna\AppData\Local\Temp\jna8485977506312132074.dll
C:\Users\Genna\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll
C:\Users\Genna\AppData\Local\Temp\sqlite3.dll
C:\Program Files (x86)\donutleads
AlternateDataStreams: C:\Users\Genna\SkyDrive:ms-properties
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\HRZHEL
2014-09-01 04:18 - 2014-09-01 04:18 - 0001248 _____ () C:\Users\Genna\AppData\Roaming\QCARYUG
2014-09-01 04:18 - 2014-09-01 04:18 - 0002086 _____ () C:\Users\Genna\AppData\Roaming\SWGXET
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state OFF
Emptytemp:


  • 0

#21
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

ESET pop up at bottom:

This website wants to install the following add-on: 'OnlineScanner.cab'from 'ESET,spol.s.r.o.

Do I install it?


  • 0

#22
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
Yes
  • 0

#23
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

enable or disable?


  • 0

#24
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
enable
  • 0

#25
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

also it detected Norton 360 but it is not in programs and I disabled Norton Suite for 5 hours

do I still click start?


Edited by growley, 16 August 2015 - 06:16 PM.

  • 0

Advertisements


#26
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
OK
  • 0

#27
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

ESET finished last night when I was sleeping, but I cannot find file. Before I went to bed it had found 7 threats.

I searched C: but nothing matches what you wrote, is it in Quarantine or how else can I find it?

Do I copy the threat list?


Edited by growley, 17 August 2015 - 06:00 AM.

  • 0

#28
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

Also noticed when I searched in Chrome a new page opens on top of search page 'shop at home'


  • 0

#29
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,810 posts
First,

Reset your Chrome browser settings.
To do that
1.In the top-right corner of the browser window, click the Chrome menu
2.Select Settings.
3.At the bottom, click Show advanced settings.
4.Under the section "Reset settings,” click Reset settings.
5.In the dialog that appears, click Reset.

The ESET log should be found here----> C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt)
Open C, then click--> C:\Program Files(x86), Then click--> ESET (Folder) then click--> Esetonlinescanner...

On a 32Bit machine it's here--> C:\Program Files\ESET\EsetOnlineScanner\log.txt You have a 64Bit machine.

Let me know if you still can't locate it.

Thanks
Joe :)
  • 0

#30
growley

growley

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts

When I click on ESET Online Scanner it opens to 2 folders (Modules and Quarantine) and 14 other items, one says log but only has about 4 lines in it (attached)[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
Update Init
Update Download
Update Finalize
Updated modules version: 25304
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP