From time to time, my keyboard and mouse will stop working. I tried to open the task manager by pressing Ctrl+Alt+Delete, but i cannot move the cursor from the choice of Switch User.
I restarted the machine by just turning it off and on again. Eventually it made 4 loud beeps, and began to work again.
This has happened at least 5 times over the past month or so. Thanks in advance for your help and suggestions.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Rita (administrator) on BETHMICHELLE (13-01-2016 13:15:23)
Running from C:\Users\Rita\Downloads
Loaded Profiles: Rita (Available Profiles: Rita)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
HKLM-x32\...\Run: [BitDefender Antiphishing Helper] => C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe [92352 2011-06-01] (BitDefender S.R.L.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-10] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [attcm_AppStart.exe] => C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe [219688 2012-12-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\BitDefender <====== ATTENTION
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-08] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [Google Update] => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [HLBackupScheduler] => "C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe"
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [GoogleChromeAutoLaunch_6E4996946B3B13D2E79DFA4372FB9ECB] => C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe [741704 2015-12-10] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [Dropbox Update] => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\MountPoints2: {116f340a-1c84-11e3-a4f6-7071bc0a8d51} - H:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\MountPoints2: {b96d556e-a5e1-11e1-b9ec-7071bc0a8d51} - H:\WIN\setup.exe -ap
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-12-23]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-12-23]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2015-12-23]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2010-05-26]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK [2012-08-10]
ShortcutTarget: WKCALREM.LNK -> C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-3816076352-1316818048-2459394720-1000] => http=127.0.0.1:53686;https=127.0.0.1:53686
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{906E20D3-E1C2-4DEA-BA95-423C2B960A4D}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A0F133D9-8F35-49F7-9CFC-89BAECB7DEF1}: [NameServer] 172.26.38.1 172.26.38.2
Tcpip\..\Interfaces\{C24CADA4-9C69-41A7-9FD0-AB93644A81F7}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKLM-x32 -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://start.att.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {F428B9DE-82E4-4601-ABBC-7418BDE94929} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=5297CEFB-8BEC-4324-9CBE-EDBEC6DF52CC&apn_sauid=47881EE8-B1ED-42BF-A51F-89FE5F31621F
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Toolbar: HKLM - Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [2011-06-01] (BitDefender S.R.L.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll [2011-06-01] (BitDefender S.R.L.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2015-12-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\40dwrf98.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-10-16] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-10-16] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Rita\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-07-30] (Yahoo! Inc.)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext
FF Extension: BitDefender Antiphishing Toolbar - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext [2012-06-07] [not signed]
FF HKLM\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\BitDefender\BitDefender 2011\bdtbext
FF Extension: bdToolbar - C:\Program Files\BitDefender\BitDefender 2011\bdtbext [2012-06-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\BitDefender\BitDefender 2011\bdtbext
Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=M2E8F2061-6648-4489-BB40-45E960015F4C&SearchSource=55&CUI=&UM=6&UP=SP76347E91-61BB-48B0-8E45-EBED0DF3610F&SSPV="
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
StartMenuInternet: Google Chrome.FIQNJXA2IYJ3VWIZ4CSZ2AXNKI - C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdminHelper.exe; C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe [56360 2012-12-18] ()
R2 APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [689408 2007-07-19] (American Power Conversion Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-12-22] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-12-22] (Intuit Inc.) [File not signed]
R2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [317296 2011-06-24] (Sierra Wireless, Inc.)
S3 Update Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [467248 2010-11-30] (BitDefender)
R2 Updatesrv; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [53224 2011-06-01] (BitDefender S.R.L.)
R2 VSSERV; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2660624 2011-06-01] (BitDefender S.R.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [591968 2010-11-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [1186272 2010-11-29] (BitDefender)
R3 bdfm; C:\Windows\System32\DRIVERS\bdfm.sys [162896 2010-05-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 Bdfndisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [88144 2010-08-20] (BitDefender)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2012-02-16] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [99408 2010-08-20] (BitDefender)
R1 Bdvedisk; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R2 SCWFPFilter; C:\Windows\System32\DRIVERS\WFPFilter.sys [25552 2012-01-10] ()
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-05-13] (Sierra Wireless Incorporated)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-05-16] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [297472 2011-05-28] (Sierra Wireless Inc.)
U4 bdselfpr; no ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 13:15 - 2016-01-13 13:15 - 00030788 _____ C:\Users\Rita\Downloads\FRST.txt
2016-01-13 13:03 - 2016-01-13 13:15 - 00000000 ____D C:\FRST
2016-01-13 13:02 - 2016-01-13 13:02 - 02370560 _____ (Farbar) C:\Users\Rita\Desktop\FRST64.exe
2016-01-13 12:46 - 2016-01-13 12:46 - 00000000 ____D C:\AdwCleaner
2016-01-13 12:45 - 2016-01-13 12:45 - 01754112 _____ C:\Users\Rita\Downloads\adwcleaner_5.029.exe
2016-01-11 12:00 - 2016-01-11 12:01 - 43412816 _____ (Amazon.com) C:\Users\Rita\Downloads\KindleForPC-installer-1.14.43019.exe
2016-01-11 09:32 - 2016-01-11 09:32 - 00658050 _____ C:\Users\Rita\Downloads\Photos (4).zip
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms.pdf
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms (2).pdf
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms (1).pdf
2016-01-07 16:28 - 2016-01-07 16:28 - 00003550 _____ C:\Windows\System32\Tasks\HP AR Program Upload - ccf4601ac0fb4bc8bd46df0b473f3197d6816af7b554412f8d007499219da621
2016-01-04 13:44 - 2016-01-04 13:44 - 00129161 _____ C:\Users\Rita\Downloads\MonthlyFinancialSummary (1).pdf
2016-01-04 12:38 - 2016-01-04 12:38 - 00128893 _____ C:\Users\Rita\Downloads\MonthlyFinancialSummary.pdf
2016-01-04 12:34 - 2016-01-04 12:35 - 00094384 _____ C:\Users\Rita\Downloads\MSR-201511.PDF
2016-01-04 12:34 - 2016-01-04 12:35 - 00094384 _____ C:\Users\Rita\Downloads\MSR-201511 (1).PDF
2016-01-04 09:23 - 2016-01-04 09:23 - 00363769 _____ C:\Users\Rita\Downloads\35 Years reeves_final.ai
2015-12-28 14:24 - 2015-12-28 14:24 - 00058507 _____ C:\Users\Rita\Desktop\Nissan Tax receipt.pdf
2015-12-22 13:40 - 2015-12-22 13:40 - 00960548 _____ C:\Users\Rita\Downloads\Photos (3).zip
2015-12-22 13:03 - 2015-12-22 13:03 - 00715110 _____ C:\Users\Rita\Downloads\Photos (2).zip
2015-12-22 12:56 - 2015-12-22 12:56 - 00848677 _____ C:\Users\Rita\Downloads\Photos (1).zip
2015-12-22 08:54 - 2015-12-22 08:54 - 00432438 _____ C:\Users\Rita\Downloads\Hall Family Pharmacy.pdf
2015-12-22 08:54 - 2015-12-22 08:54 - 00432438 _____ C:\Users\Rita\Downloads\Hall Family Pharmacy (1).pdf
2015-12-21 11:15 - 2015-12-21 11:15 - 00000443 _____ C:\Users\Rita\Downloads\Attachment
2015-12-17 09:33 - 2015-12-17 09:33 - 00000101 _____ C:\Users\Rita\Documents\backupandreset.txt
2015-12-17 09:15 - 2015-12-17 09:15 - 02846045 _____ C:\Users\Rita\Downloads\attachments (2).zip
2015-12-16 15:58 - 2015-12-16 15:58 - 00063862 _____ C:\Users\Rita\Documents\Piedmont Companies Credit Memo.pdf
2015-12-14 11:51 - 2015-12-14 11:51 - 01172291 _____ C:\Users\Rita\Downloads\attachments (1).zip
2015-12-14 11:51 - 2015-12-14 11:51 - 00383410 _____ C:\Users\Rita\Downloads\fwd.zip
2015-12-14 11:21 - 2015-12-14 11:22 - 00436826 _____ C:\Users\Rita\Downloads\attachments.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-13 13:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 13:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 13:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-13 12:51 - 2012-04-26 14:55 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job
2016-01-13 12:47 - 2012-08-02 08:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-13 12:38 - 2015-06-30 09:27 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job
2016-01-13 12:28 - 2010-07-08 12:43 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-13 12:14 - 2014-10-23 12:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-13 12:14 - 2013-03-27 10:54 - 00000000 ___RD C:\Users\Rita\Dropbox
2016-01-13 12:14 - 2013-03-27 10:50 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Dropbox
2016-01-13 12:12 - 2010-07-08 12:43 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 12:12 - 2009-12-04 19:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2016-01-13 12:12 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-13 03:51 - 2012-04-26 14:55 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job
2016-01-12 16:49 - 2015-06-30 09:27 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job
2016-01-12 14:48 - 2013-09-26 15:57 - 00053036 _____ C:\Users\Rita\Desktop\Prospecting List.xlsx
2016-01-11 19:02 - 2013-03-28 17:50 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRita
2016-01-11 19:02 - 2013-03-28 17:50 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForRita.job
2016-01-11 09:33 - 2013-08-08 15:28 - 00000000 ____D C:\Users\Rita\Desktop\Reeves Pictures
2016-01-07 16:52 - 2012-08-30 10:59 - 00016087 _____ C:\Users\Rita\Desktop\bank balance caluclator.xlsx
2016-01-04 14:30 - 2013-01-08 16:03 - 00014440 _____ C:\Users\Rita\Documents\Expense Report regular.xlsx
2016-01-04 13:45 - 2015-03-31 16:17 - 00027523 _____ C:\Users\Rita\Documents\Paypal Balance Calculator.xlsx
2016-01-04 08:56 - 2010-05-20 11:41 - 00000448 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2016-01-03 01:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-30 16:00 - 2012-12-28 16:48 - 00080896 _____ C:\Users\Rita\Documents\happy new year closing.pub
2015-12-30 15:49 - 2012-08-07 15:33 - 00000000 ____D C:\Users\Rita\Documents\Beth
2015-12-30 09:23 - 2015-09-14 13:46 - 00000000 ____D C:\Users\Rita\Desktop\8260 Scans
2015-12-28 09:54 - 2014-05-28 07:44 - 00000000 ____D C:\Users\Rita\Desktop\LOGO FILES
2015-12-24 09:00 - 2010-05-20 12:56 - 00143311 _____ C:\bdlog.txt
2015-12-24 08:59 - 2012-12-06 15:06 - 00120320 _____ C:\Users\Rita\Documents\Christmas closing #3.pub
2015-12-23 08:23 - 2013-03-18 12:43 - 00002073 _____ C:\Users\Public\Desktop\QuickBooks Pro 2013.lnk
2015-12-23 08:23 - 2013-03-18 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2015-12-23 08:23 - 2010-05-25 14:29 - 00000089 _____ C:\Windows\QBChanUtil_Trigger.ini
2015-12-17 14:55 - 2010-07-06 10:09 - 00000000 ____D C:\Users\Rita\AppData\Local\ElevatedDiagnostics
2015-12-17 12:55 - 2012-09-05 14:56 - 00000000 ____D C:\Users\Rita\Documents\Avery Templates
2015-12-16 17:53 - 2013-10-02 14:31 - 00002371 _____ C:\Users\Rita\Desktop\Google Chrome.lnk
2015-12-16 03:01 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-16 03:01 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\system32\GWX
==================== Files in the root of some directories =======
2010-07-08 09:37 - 2010-07-08 09:37 - 0101544 _____ () C:\Program Files\Common Files\LinkInstaller.exe
2010-05-20 13:48 - 2010-05-20 13:48 - 0000025 _____ () C:\Users\Rita\AppData\Roaming\bdfvconp.ini
2012-11-20 09:01 - 2012-11-20 09:01 - 0024273 _____ () C:\Users\Rita\AppData\Roaming\UserTile.png
2010-05-26 10:24 - 2014-07-21 13:26 - 0004716 _____ () C:\Users\Rita\AppData\Roaming\wklnhst.dat
2013-05-01 14:40 - 2015-11-23 14:43 - 0001456 _____ () C:\Users\Rita\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-02-18 13:51 - 2015-04-13 11:35 - 0005120 _____ () C:\Users\Rita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-11 13:56 - 2014-09-11 13:56 - 0007681 _____ () C:\Users\Rita\AppData\Local\Resmon.ResmonCfg
2011-11-10 10:18 - 2011-11-10 10:18 - 0373202 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).0
2011-11-10 10:18 - 2011-11-10 10:18 - 0069688 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).1
2011-11-10 10:18 - 2011-11-10 10:18 - 0069539 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).2
2011-11-10 10:18 - 2011-11-10 10:18 - 0070732 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).3
2011-11-10 10:18 - 2011-11-10 10:18 - 0069531 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).JPG
2011-10-06 13:49 - 2011-10-06 13:49 - 0057728 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.0
2011-10-06 13:49 - 2011-10-06 13:49 - 0044774 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.1
2011-10-06 13:49 - 2011-10-06 13:49 - 0045121 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.2
2011-10-06 13:49 - 2011-10-06 13:49 - 0044685 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.JPG
2012-02-14 16:47 - 2012-02-14 16:47 - 0999612 _____ () C:\Users\Rita\AppData\Local\tmpIMG_20120214_154344.0
2012-02-14 16:47 - 2012-02-14 16:47 - 0430472 _____ () C:\Users\Rita\AppData\Local\tmpIMG_20120214_154344.JPG
2012-05-21 14:41 - 2012-05-21 14:41 - 0577200 _____ () C:\Users\Rita\AppData\Local\tmpP1010041.0
2012-05-21 14:41 - 2012-05-21 14:41 - 0455308 _____ () C:\Users\Rita\AppData\Local\tmpP1010041.JPG
2012-07-16 10:50 - 2012-07-17 12:36 - 0121226 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 1.0
2012-07-17 12:36 - 2012-07-17 12:36 - 0045181 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 1.JPG
2012-07-16 10:50 - 2012-07-17 12:42 - 0130619 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.0
2012-07-17 08:45 - 2012-07-17 08:45 - 0030828 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.1
2012-07-17 12:42 - 2012-07-17 12:42 - 0048586 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.JPG
2012-07-16 10:52 - 2012-07-17 12:38 - 0127561 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.0
2012-07-17 08:46 - 2012-07-17 08:46 - 0040643 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.1
2012-07-17 12:38 - 2012-07-17 12:38 - 0046020 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.JPG
2012-07-16 10:53 - 2012-07-17 08:47 - 0116826 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.0
2012-07-17 08:48 - 2012-07-17 08:47 - 0039314 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.1
2012-07-17 08:48 - 2012-07-17 08:48 - 0040669 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.JPG
2012-07-16 10:54 - 2012-07-16 10:54 - 0036310 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 5.0
2012-07-16 10:54 - 2012-07-16 10:54 - 0013752 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 5.JPG
2012-05-07 11:00 - 2012-05-07 11:00 - 0058238 _____ () C:\Users\Rita\AppData\Local\tmpPICTURE1.0
2012-05-07 11:00 - 2012-05-07 11:00 - 0060606 _____ () C:\Users\Rita\AppData\Local\tmpPICTURE1.JPG
2011-12-12 16:53 - 2011-12-12 16:52 - 0491435 _____ () C:\Users\Rita\AppData\Local\tmpRILEY 040.JPG
2011-12-12 16:52 - 2011-12-12 16:52 - 0015112 _____ () C:\Users\Rita\AppData\Local\tmpRILEY 040_navi.JPG
2011-05-17 08:19 - 2011-05-17 08:19 - 0329139 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.0
2011-05-17 08:19 - 2011-05-17 08:19 - 0100668 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.1
2011-05-17 08:19 - 2011-05-17 08:19 - 0101121 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.JPG
2012-02-07 09:01 - 2012-02-07 09:01 - 0135452 _____ () C:\ProgramData\1328545554.bdinstall.bin
2015-09-10 13:47 - 2015-09-10 13:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-19 14:25 - 2012-02-02 09:43 - 0536762 _____ () C:\ProgramData\bdinstall.bin
2010-05-26 13:56 - 2015-09-17 07:38 - 0007453 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-09 00:28
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Rita (2016-01-13 13:16:07)
Running from C:\Users\Rita\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-20 15:57:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3816076352-1316818048-2459394720-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3816076352-1316818048-2459394720-1002 - Limited - Enabled)
Guest (S-1-5-21-3816076352-1316818048-2459394720-501 - Limited - Disabled)
Rita (S-1-5-21-3816076352-1316818048-2459394720-1000 - Administrator - Enabled) => C:\Users\Rita
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: BitDefender Antivirus (Enabled - Out of date) {50909708-FF80-02AF-F814-B28405891E92}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: BitDefender AntiSpyware (Enabled - Out of date) {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: BitDefender Firewall (Enabled) {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
APC PowerChute Personal Edition (HKLM-x32\...\{5A0C892E-FD1C-4203-941E-0956AED20A6A}) (Version: 2.1.1 - American Power Conversion Corporation)
AT&T Communication Manager (HKLM-x32\...\{39A13F18-2AA2-4AB2-B7E3-5D356BCD48F7}) (Version: 9.2.444.7 - AT&T)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.09 - Avanquest Software)
Avery Template - U_0087_01_PlateauLines_0805_01_en (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000002}) (Version: 1.0.0.0 - Avery)
Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000005}) (Version: 2.0.0.0 - Avery)
BitDefender Total Security 2011 (Version: 14.0.29 - BitDefender) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
CutePDF Writer 2.9 (HKLM\...\CutePDF Writer Installation) (Version: 2.9 - CutePDF.com)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.7.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.1 - FileZilla Project)
Google Chrome (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
join.me (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{6344718C-AE30-4C86-B5CD-459077A83623}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMailList Deluxe (HKLM-x32\...\{DD3A31EB-916D-42AE-913A-B1C29B599EB2}) (Version: 8.0.1.0 - Avanquest USA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickBooks (x32 Version: 23.0.4015.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4005.2305 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secret Diaries: Florence Ashford (x32 Version: 2.2.0.95 - WildTangent) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games App (HP Games) (x32 Version: 4.0.4.12 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {011A7DB2-EC46-488D-A310-CB2C799CAD97} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {01862455-7CE2-4E47-837A-D5A30463655A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {05A34E55-46C4-433D-8EAC-DBFDC0846100} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0B7D27A5-EEB9-4075-B0F9-FDD9439A1B83} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {228E4C70-8F33-4752-A9F4-467F2AA94266} - \RocketTab -> No File <==== ATTENTION
Task: {259D2E61-569D-471E-96DF-E9B36F76C0BF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {2AA8AAF1-0B60-43D4-931B-205EA52568E7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {42BE31A4-852E-448C-8A2D-68CD65D6C225} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {43E26A22-8C06-47B6-8BD3-67F97B2CA08F} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {4BD5164A-791D-45DC-99B4-4D631893AE24} - System32\Tasks\{7696C71C-A8B4-48C4-982D-80168A39DE04} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {533A092B-CD93-48FA-AD78-4737913CA035} - System32\Tasks\HP AR Program Upload - ccf4601ac0fb4bc8bd46df0b473f3197d6816af7b554412f8d007499219da621 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5D08D0F8-E213-4CA6-9F53-D45FC19B5C91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6171D387-EDCC-4708-8D11-D44CF3ED680D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {69B43B57-CFB2-4F70-86FB-9972319046DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {78874EA2-DC0A-4BC8-991B-D259AC2A0A96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7F4F0FAA-2CB5-409B-9803-6F4D40C5564E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {83F3B163-B0D6-4B37-AB0C-539B0765F4B7} - System32\Tasks\{D6BB8FCE-AEE0-4653-B593-F63EE1D81924} => pcalua.exe -a H:\Setup.exe -d H:\
Task: {8525602E-9A60-4987-90B1-23C54D8966D6} - System32\Tasks\{C1BEAAC4-01AA-40D8-90F4-92052767B3BF} => pcalua.exe -a E:\ThirdParty\DotNET35\dotNetFX35\x64\netfx35_x64.exe -d E:\ThirdParty\DotNET35\dotNetFX35\x64
Task: {89AA89EC-65BB-4134-B7E3-DB13C2FA3543} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {96BEE6A9-31D6-4002-82ED-8305BCA4CB51} - System32\Tasks\{9BD3DB69-BDE1-4AA0-BEA4-D77AFC6312AD} => pcalua.exe -a E:\ThirdParty\DotNET35\dotNetFX35\x86\netfx35_x86.exe -d E:\ThirdParty\DotNET35\dotNetFX35\x86
Task: {96C63879-8434-4AE3-910E-793EDD8983E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {9D104730-2752-4143-83B7-7085A888FA72} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {A45D4F49-E07D-4CD3-957D-EE8F242D4A59} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {ACC27FC4-98AE-4E8C-AE43-D4EF344B800B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {B954F51F-5B63-43C5-90F8-DD4AD28E9149} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {C18B7D6A-4A4C-48B0-8910-84E7501DC017} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {C4328551-BC52-4433-AEF7-703A004F5242} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D2EFC405-0A79-49DE-BFF3-0C6AD46B08F8} - System32\Tasks\{2357939A-60D3-4EAE-A090-3688729889C2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {DCA119C8-4C0D-498D-8B47-2D9F14479BBE} - System32\Tasks\HPCeeScheduleForRita => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRita.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-03-24 18:49 - 2011-06-01 11:34 - 00239648 _____ () C:\Program Files\BitDefender\BitDefender 2011\txmlutil.dll
2010-11-30 08:56 - 2011-06-01 11:33 - 00036768 _____ () C:\Program Files\BitDefender\BitDefender 2011\strdecoder.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00003584 _____ () C:\Program Files\BitDefender\BitDefender 2011\UI\DetectSMTPSettings.ui
2011-06-01 11:35 - 2011-06-01 11:35 - 00245328 _____ () C:\Program Files\BitDefender\BitDefender 2011\framework.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00142328 _____ () C:\Program Files\BitDefender\BitDefender 2011\accessl.dll
2011-06-01 11:34 - 2011-06-01 11:34 - 00161368 _____ () C:\Program Files\BitDefender\BitDefender 2011\connector.dll
2011-03-24 17:41 - 2011-06-01 11:34 - 00086208 _____ () C:\Program Files\BitDefender\BitDefender 2011\bdmltusrsrv.dll
2010-11-30 06:18 - 2010-11-30 06:18 - 00303008 _____ () C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\smartscn.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00029552 _____ () C:\Program Files\BitDefender\BitDefender 2011\knownfilessp.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00086696 _____ () C:\Program Files\BitDefender\BitDefender 2011\ExcludeMgr.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00008704 _____ () C:\Program Files\BitDefender\BitDefender 2011\UI\accessl.ui
2011-06-01 11:35 - 2011-06-01 11:35 - 00054272 _____ () C:\Program Files\BitDefender\BitDefender 2011\procinfo.dll
2011-06-01 11:34 - 2011-06-01 11:34 - 00025432 _____ () C:\Program Files\BitDefender\BitDefender 2011\smartscnal.dll
2010-08-20 17:42 - 2010-08-20 17:42 - 00152616 _____ () C:\Program Files\BitDefender\BitDefender 2011\bdfwcore.dll
2011-06-30 06:02 - 2011-06-30 06:02 - 00265928 _____ () C:\Program Files\BitDefender\BitDefender 2011\midasal.dll
2011-07-11 09:23 - 2011-07-11 09:23 - 00096520 _____ () C:\Program Files\BitDefender\BitDefender 2011\midasdp.dll
2011-03-24 18:49 - 2011-06-01 11:34 - 00042424 _____ () C:\Program Files\BitDefender\BitDefender 2011\containerdatasp.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 01048064 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpbr.mdl
2011-01-31 20:21 - 2011-06-01 11:34 - 01168384 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpdsp.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 02789376 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpf.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02614784 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpfr.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02732544 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpph.mdl
2011-06-01 11:36 - 2011-06-01 11:36 - 01440768 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttprbl.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 01007104 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimbr.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 01089536 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimdsp.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02545664 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimf.mdl
2012-09-27 10:24 - 2012-09-12 14:33 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2012-12-18 09:06 - 2012-12-18 09:06 - 00056360 _____ () C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-09-14 19:17 - 2009-09-14 19:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2012-12-18 09:06 - 2012-12-18 09:06 - 00219688 _____ () C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:B85A9C0F
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice => "(Default)"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTRSupport => "(Default)"="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2015-12-11 10:21 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^APC UPS Status.lnk => C:\Windows\pss\APC UPS Status.lnk.CommonStartup
MSCONFIG\startupreg: attcm.exe => C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
MSCONFIG\startupreg: BDAgent => "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
MSCONFIG\startupreg: BitDefender Antiphishing Helper => "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7BDF9A3E-F198-4F6B-B44C-F0E4C299FCD3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{4880A744-175E-4894-824F-13A151A2A132}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{1D054CA5-E329-40AF-A202-1479C4FCD6DE}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{18B8E588-C53C-479E-A225-CED02417B9B3}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{866089F2-FBAC-4F31-B012-69AFE1A98C37}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{772D1779-862C-4621-9AB8-321BB6AD39AD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{D4D41897-0F0F-468C-A76B-66F24BF41520}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{E49859A7-4440-498A-A4C8-D89C8AD1F088}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{4CC63F80-65E2-4950-9015-5D14A093F0DB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{E5880B7B-7944-419E-97EB-5A5D132F13DA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7E96A93B-A280-4D1F-873C-52D1A2633B07}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{DB1572C1-3FA6-4D06-A23D-44948DB3CF44}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{7FFE5900-3116-4649-9157-4C8AB7647095}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6DE2D9DE-38B3-4B6D-BD8F-974956CCE4AB}] => (Allow) svchost.exe
FirewallRules: [{30A44DB5-4E2C-4B38-BC1F-A162FBC750E3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C21649AB-6BEF-4372-A8E5-CC6671681BE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5D6FD0C0-A951-454A-A365-C173229A883E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3A5719DD-8472-4403-B189-15DC0AF95219}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2EDBD106-C6F9-421F-BC37-262DFAB1D65F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F118BDE8-1A1E-4861-8AAF-EE1870732164}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{570AAEE1-6415-4ED6-B8D5-0E0A9FA9BA81}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CEC7ACA0-BDCA-4CE4-9A19-6657BEA9BD0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63DA2820-E2D6-4954-A921-814B6856E85E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{40013AFE-9375-4F15-A545-16BE9CC0C812}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D3369961-BC27-408C-97AB-4E19C8C81A19}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{2DF8E00B-9959-447B-80C8-55F5C588F73C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0FA6F10B-10EC-4400-8B32-ACF91D98AC7E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33B16A11-D814-458D-9748-A20A7DC34379}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AF79BFE3-605C-4B04-8C95-B5D1CF2D001B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{00A01F16-74A7-4195-A306-D0201199F021}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2663C4CE-884A-4A1A-B563-534AA20C822B}] => (Allow) LPort=2869
FirewallRules: [{57743DC6-35C7-4BA0-A3BA-BB32BB5661D3}] => (Allow) LPort=1900
FirewallRules: [{81469496-C246-45ED-A48D-391E341A1986}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0AD0FA57-10B0-4CEA-AB38-95FBB64DC9BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37FFFCF3-A973-4645-855E-761BACB01165}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC935C3D-AAFC-44C3-8BB2-197ECB59BB0C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27E5D7E7-C7B0-43EC-87F1-4BCA8CAD18AC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{A6A30CD4-EB02-450D-A477-42437CC4E921}] => (Allow) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D00199B6-62CD-413D-840B-9F471DE22EF9}] => (Allow) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{40C5272C-1304-409B-A7B0-186A9CDA55DE}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{6AB70344-A93A-4DC8-AA26-DFD40443C617}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B2969D06-7DE0-4B82-9672-4502D92F88D9}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{F00B4C98-67D9-442F-B291-D22490A44AAB}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{5E92EFC5-DAA4-49A1-9570-AD982AD79458}C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{76C55CE6-3D58-4F31-9C31-271238080C9C}C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8BC27531-5606-4634-90AC-0BBA00D6753E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B9936B8-F156-44DD-87B4-D30B6A9DEAF2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{8AE3BA28-29E6-45D1-B140-FD113C4DC45C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{819DC76B-B885-42A4-B997-C5725874B539}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{1F420FE4-02C1-436F-A424-894349022B3B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{5F785759-E5E4-4A9D-B9AB-F0E604B47A6B}] => (Allow) LPort=5357
FirewallRules: [{439735A4-3422-43B7-945A-6B588FE793B0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{20848D1E-2E08-4E46-9E32-3E10EEFCF9C7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C30F609A-976E-4ED5-81D2-8E80FB24B390}] => (Allow) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
01-01-2016 02:04:32 Windows Update
05-01-2016 02:04:28 Windows Update
12-01-2016 02:04:27 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/13/2016 12:07:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScanToPCActivationApp.exe, version: 32.3.198.49673, time stamp: 0x53cda154
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000004eec00
Faulting process id: 0xf44
Faulting application start time: 0xScanToPCActivationApp.exe0
Faulting application path: ScanToPCActivationApp.exe1
Faulting module path: ScanToPCActivationApp.exe2
Report Id: ScanToPCActivationApp.exe3
Error: (01/12/2016 02:27:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: SALESRECEIPT, TxnID: 701210
Error: (01/12/2016 02:25:09 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701210
Error: (01/12/2016 01:56:30 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: INVOICE, TxnID: 700697
Error: (01/12/2016 01:56:29 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: RECEIVEPAYMENT, TxnID: 701203
Error: (01/12/2016 01:53:48 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: INVOICE, TxnID: 700697
Error: (01/12/2016 01:47:03 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701193
Error: (01/12/2016 01:29:49 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701186
Error: (01/11/2016 04:23:55 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
The user canceled one of the dialog boxes. No message was sent.
Error: (01/11/2016 04:23:55 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
Failed to send mail message:
System errors:
=============
Error: (01/13/2016 12:12:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:09:06 PM on 1/13/2016 was unexpected.
Error: (01/13/2016 11:56:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:38:18 AM on 1/13/2016 was unexpected.
Error: (01/11/2016 02:25:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
Error: (01/08/2016 05:04:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (01/06/2016 11:26:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
Error: (01/06/2016 11:26:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (01/05/2016 04:30:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (01/04/2016 03:55:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
Error: (12/30/2015 01:27:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (12/30/2015 01:13:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:32:00 PM on 12/30/2015 was unexpected.
CodeIntegrity:
===================================
Date: 2015-09-03 15:58:17.202
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.182
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.162
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.157
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.151
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.142
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.136
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.121
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.106
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
Date: 2015-09-03 15:58:17.103
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.
==================== Memory info ===========================
Processor: AMD Athlon II X2 250 Processor
Percentage of memory in use: 63%
Total physical RAM: 3839.3 MB
Available physical RAM: 1415.13 MB
Total Virtual: 7676.82 MB
Available Virtual: 4410.84 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:585.31 GB) (Free:497.32 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.77 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1860.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt ============================