Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Infection - Keyboard & Mouse stop working


  • Please log in to reply

#1
bwnetpro

bwnetpro

    New Member

  • Member
  • Pip
  • 1 posts

From time to time, my keyboard and mouse will stop working. I tried to open the task manager by pressing Ctrl+Alt+Delete, but i cannot move the cursor from the choice of Switch User. 

I restarted the machine by just turning it off and on again. Eventually it made 4 loud beeps, and began to work again. 

This has happened at least 5 times over the past month or so.  Thanks in advance for your help and suggestions. 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Rita (administrator) on BETHMICHELLE (13-01-2016 13:15:23)
Running from C:\Users\Rita\Downloads
Loaded Profiles: Rita (Available Profiles: Rita)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe
(American Power Conversion Corporation) C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
(Intuit Inc.) C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Sierra Wireless, Inc.) C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
(BitDefender S.R.L.) C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-09-14] ()
HKLM\...\Run: [PC-Doctor for Windows localizer] => C:\Program Files\PC-Doctor for Windows\localizer.exe [95728 2009-09-17] (PC-Doctor, Inc.)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
HKLM-x32\...\Run: [BitDefender Antiphishing Helper] => C:\Program Files\BitDefender\BitDefender 2011\Antispam32\ieshow.exe [92352 2011-06-01] (BitDefender S.R.L.)
HKLM-x32\...\Run: [Intuit SyncManager] => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [3776824 2015-11-10] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [attcm_AppStart.exe] => C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe [219688 2012-12-18] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\BitDefender <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\BitDefender <====== ATTENTION
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-08] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [Google Update] => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [HLBackupScheduler] => "C:\Program Files\Verizon Cloud\Verizon Cloud Service.exe"
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [GoogleChromeAutoLaunch_6E4996946B3B13D2E79DFA4372FB9ECB] => C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe [741704 2015-12-10] (Google Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [Dropbox Update] => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\MountPoints2: {116f340a-1c84-11e3-a4f6-7071bc0a8d51} - H:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\MountPoints2: {b96d556e-a5e1-11e1-b9ec-7071bc0a8d51} - H:\WIN\setup.exe -ap
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Intuit Data Protect.lnk [2015-12-23]
ShortcutTarget: Intuit Data Protect.lnk -> C:\Program Files (x86)\Common Files\Intuit\DataProtect\IntuitDataProtect.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk [2015-12-23]
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks_Standard_21.lnk [2015-12-23]
ShortcutTarget: QuickBooks_Standard_21.lnk -> C:\Program Files (x86)\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2010-05-26]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK [2012-08-10]
ShortcutTarget: WKCALREM.LNK -> C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE (No File)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [S-1-5-21-3816076352-1316818048-2459394720-1000] => http=127.0.0.1:53686;https=127.0.0.1:53686
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{906E20D3-E1C2-4DEA-BA95-423C2B960A4D}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{A0F133D9-8F35-49F7-9CFC-89BAECB7DEF1}: [NameServer] 172.26.38.1 172.26.38.2
Tcpip\..\Interfaces\{C24CADA4-9C69-41A7-9FD0-AB93644A81F7}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKLM-x32 -> {49218725-54B1-4FE5-ACA3-5ADE4D65021D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {13C1216B-1C15-4569-B1CD-574A8567ED9A} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://start.att.iplay.com/searchresultsredirect.aspx?o=chrome&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-mapquest-chromesbox-en-us&tb_uuid=20101119164101673&tb_oid=19-11-2010&tb_mrud=21-04-2011
SearchScopes: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> {F428B9DE-82E4-4601-ABBC-7418BDE94929} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=5297CEFB-8BEC-4324-9CBE-EDBEC6DF52CC&apn_sauid=47881EE8-B1ED-42BF-A51F-89FE5F31621F
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-04] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-04] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Toolbar: HKLM - Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [2011-06-01] (BitDefender S.R.L.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll [2009-07-16] (Microsoft Corp.)
Toolbar: HKLM-x32 - Bitdefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\Antispam32\IEToolbar.dll [2011-06-01] (BitDefender S.R.L.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-21] (Google Inc.)
Toolbar: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-21] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files (x86)\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2015-12-10] (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Rita\AppData\Roaming\Mozilla\Firefox\Profiles\40dwrf98.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll [2014-10-16] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-04] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll [2014-10-16] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-3816076352-1316818048-2459394720-1000: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Rita\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-07-30] (Yahoo! Inc.)
FF HKLM\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext
FF Extension: BitDefender Antiphishing Toolbar - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext [2012-06-07] [not signed]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2011\bdtbext
FF Extension: bdToolbar - C:\Program Files\BitDefender\BitDefender 2011\bdtbext [2012-06-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFToolbar@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2011\bdaphffext
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\BitDefender\BitDefender 2011\bdtbext
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=M2E8F2061-6648-4489-BB40-45E960015F4C&SearchSource=55&CUI=&UM=6&UP=SP76347E91-61BB-48B0-8E45-EBED0DF3610F&SSPV="
CHR Profile: C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Rita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
StartMenuInternet: Google Chrome.FIQNJXA2IYJ3VWIZ4CSZ2AXNKI - C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdminHelper.exe; C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe [56360 2012-12-18] ()
R2 APC UPS Service; C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe [689408 2007-07-19] (American Power Conversion Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-12-10] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2012-12-22] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-12-22] (Intuit Inc.) [File not signed]
R2 SwiCardDetectSvc; C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe [317296 2011-06-24] (Sierra Wireless, Inc.)
S3 Update Server; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [467248 2010-11-30] (BitDefender)
R2 Updatesrv; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [53224 2011-06-01] (BitDefender S.R.L.)
R2 VSSERV; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2660624 2011-06-01] (BitDefender S.R.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [591968 2010-11-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [1186272 2010-11-29] (BitDefender)
R3 bdfm; C:\Windows\System32\DRIVERS\bdfm.sys [162896 2010-05-13] (BitDefender S.R.L. Bucharest, ROMANIA)
R1 Bdfndisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [88144 2010-08-20] (BitDefender)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [431176 2012-02-16] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [99408 2010-08-20] (BitDefender)
R1 Bdvedisk; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 Linksys_adapter_H; C:\Windows\System32\DRIVERS\AE2500w764.sys [1254464 2011-03-28] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-13] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R2 SCWFPFilter; C:\Windows\System32\DRIVERS\WFPFilter.sys [25552 2012-01-10] ()
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-05-13] (Sierra Wireless Incorporated)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-05-16] (Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [297472 2011-05-28] (Sierra Wireless Inc.)
U4 bdselfpr; no ImagePath
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-13 13:15 - 2016-01-13 13:15 - 00030788 _____ C:\Users\Rita\Downloads\FRST.txt
2016-01-13 13:03 - 2016-01-13 13:15 - 00000000 ____D C:\FRST
2016-01-13 13:02 - 2016-01-13 13:02 - 02370560 _____ (Farbar) C:\Users\Rita\Desktop\FRST64.exe
2016-01-13 12:46 - 2016-01-13 12:46 - 00000000 ____D C:\AdwCleaner
2016-01-13 12:45 - 2016-01-13 12:45 - 01754112 _____ C:\Users\Rita\Downloads\adwcleaner_5.029.exe
2016-01-11 12:00 - 2016-01-11 12:01 - 43412816 _____ (Amazon.com) C:\Users\Rita\Downloads\KindleForPC-installer-1.14.43019.exe
2016-01-11 09:32 - 2016-01-11 09:32 - 00658050 _____ C:\Users\Rita\Downloads\Photos (4).zip
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms.pdf
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms (2).pdf
2016-01-08 08:46 - 2016-01-08 08:46 - 00052775 _____ C:\Users\Rita\Downloads\Liberty Mutual Forms (1).pdf
2016-01-07 16:28 - 2016-01-07 16:28 - 00003550 _____ C:\Windows\System32\Tasks\HP AR Program Upload - ccf4601ac0fb4bc8bd46df0b473f3197d6816af7b554412f8d007499219da621
2016-01-04 13:44 - 2016-01-04 13:44 - 00129161 _____ C:\Users\Rita\Downloads\MonthlyFinancialSummary (1).pdf
2016-01-04 12:38 - 2016-01-04 12:38 - 00128893 _____ C:\Users\Rita\Downloads\MonthlyFinancialSummary.pdf
2016-01-04 12:34 - 2016-01-04 12:35 - 00094384 _____ C:\Users\Rita\Downloads\MSR-201511.PDF
2016-01-04 12:34 - 2016-01-04 12:35 - 00094384 _____ C:\Users\Rita\Downloads\MSR-201511 (1).PDF
2016-01-04 09:23 - 2016-01-04 09:23 - 00363769 _____ C:\Users\Rita\Downloads\35 Years reeves_final.ai
2015-12-28 14:24 - 2015-12-28 14:24 - 00058507 _____ C:\Users\Rita\Desktop\Nissan Tax receipt.pdf
2015-12-22 13:40 - 2015-12-22 13:40 - 00960548 _____ C:\Users\Rita\Downloads\Photos (3).zip
2015-12-22 13:03 - 2015-12-22 13:03 - 00715110 _____ C:\Users\Rita\Downloads\Photos (2).zip
2015-12-22 12:56 - 2015-12-22 12:56 - 00848677 _____ C:\Users\Rita\Downloads\Photos (1).zip
2015-12-22 08:54 - 2015-12-22 08:54 - 00432438 _____ C:\Users\Rita\Downloads\Hall Family Pharmacy.pdf
2015-12-22 08:54 - 2015-12-22 08:54 - 00432438 _____ C:\Users\Rita\Downloads\Hall Family Pharmacy (1).pdf
2015-12-21 11:15 - 2015-12-21 11:15 - 00000443 _____ C:\Users\Rita\Downloads\Attachment
2015-12-17 09:33 - 2015-12-17 09:33 - 00000101 _____ C:\Users\Rita\Documents\backupandreset.txt
2015-12-17 09:15 - 2015-12-17 09:15 - 02846045 _____ C:\Users\Rita\Downloads\attachments (2).zip
2015-12-16 15:58 - 2015-12-16 15:58 - 00063862 _____ C:\Users\Rita\Documents\Piedmont Companies Credit Memo.pdf
2015-12-14 11:51 - 2015-12-14 11:51 - 01172291 _____ C:\Users\Rita\Downloads\attachments (1).zip
2015-12-14 11:51 - 2015-12-14 11:51 - 00383410 _____ C:\Users\Rita\Downloads\fwd.zip
2015-12-14 11:21 - 2015-12-14 11:22 - 00436826 _____ C:\Users\Rita\Downloads\attachments.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-13 13:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-13 13:07 - 2009-07-13 23:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-13 13:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows
2016-01-13 12:51 - 2012-04-26 14:55 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job
2016-01-13 12:47 - 2012-08-02 08:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-13 12:38 - 2015-06-30 09:27 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job
2016-01-13 12:28 - 2010-07-08 12:43 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-13 12:14 - 2014-10-23 12:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-13 12:14 - 2013-03-27 10:54 - 00000000 ___RD C:\Users\Rita\Dropbox
2016-01-13 12:14 - 2013-03-27 10:50 - 00000000 ____D C:\Users\Rita\AppData\Roaming\Dropbox
2016-01-13 12:12 - 2010-07-08 12:43 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 12:12 - 2009-12-04 19:35 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Help & Tools
2016-01-13 12:12 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-13 03:51 - 2012-04-26 14:55 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job
2016-01-12 16:49 - 2015-06-30 09:27 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job
2016-01-12 14:48 - 2013-09-26 15:57 - 00053036 _____ C:\Users\Rita\Desktop\Prospecting List.xlsx
2016-01-11 19:02 - 2013-03-28 17:50 - 00003180 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRita
2016-01-11 19:02 - 2013-03-28 17:50 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForRita.job
2016-01-11 09:33 - 2013-08-08 15:28 - 00000000 ____D C:\Users\Rita\Desktop\Reeves Pictures
2016-01-07 16:52 - 2012-08-30 10:59 - 00016087 _____ C:\Users\Rita\Desktop\bank balance caluclator.xlsx
2016-01-04 14:30 - 2013-01-08 16:03 - 00014440 _____ C:\Users\Rita\Documents\Expense Report regular.xlsx
2016-01-04 13:45 - 2015-03-31 16:17 - 00027523 _____ C:\Users\Rita\Documents\Paypal Balance Calculator.xlsx
2016-01-04 08:56 - 2010-05-20 11:41 - 00000448 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2016-01-03 01:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2015-12-30 16:00 - 2012-12-28 16:48 - 00080896 _____ C:\Users\Rita\Documents\happy new year closing.pub
2015-12-30 15:49 - 2012-08-07 15:33 - 00000000 ____D C:\Users\Rita\Documents\Beth
2015-12-30 09:23 - 2015-09-14 13:46 - 00000000 ____D C:\Users\Rita\Desktop\8260 Scans
2015-12-28 09:54 - 2014-05-28 07:44 - 00000000 ____D C:\Users\Rita\Desktop\LOGO FILES
2015-12-24 09:00 - 2010-05-20 12:56 - 00143311 _____ C:\bdlog.txt
2015-12-24 08:59 - 2012-12-06 15:06 - 00120320 _____ C:\Users\Rita\Documents\Christmas closing #3.pub
2015-12-23 08:23 - 2013-03-18 12:43 - 00002073 _____ C:\Users\Public\Desktop\QuickBooks Pro 2013.lnk
2015-12-23 08:23 - 2013-03-18 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2015-12-23 08:23 - 2010-05-25 14:29 - 00000089 _____ C:\Windows\QBChanUtil_Trigger.ini
2015-12-17 14:55 - 2010-07-06 10:09 - 00000000 ____D C:\Users\Rita\AppData\Local\ElevatedDiagnostics
2015-12-17 12:55 - 2012-09-05 14:56 - 00000000 ____D C:\Users\Rita\Documents\Avery Templates
2015-12-16 17:53 - 2013-10-02 14:31 - 00002371 _____ C:\Users\Rita\Desktop\Google Chrome.lnk
2015-12-16 03:01 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-16 03:01 - 2015-04-04 02:00 - 00000000 ___SD C:\Windows\system32\GWX
 
==================== Files in the root of some directories =======
 
2010-07-08 09:37 - 2010-07-08 09:37 - 0101544 _____ () C:\Program Files\Common Files\LinkInstaller.exe
2010-05-20 13:48 - 2010-05-20 13:48 - 0000025 _____ () C:\Users\Rita\AppData\Roaming\bdfvconp.ini
2012-11-20 09:01 - 2012-11-20 09:01 - 0024273 _____ () C:\Users\Rita\AppData\Roaming\UserTile.png
2010-05-26 10:24 - 2014-07-21 13:26 - 0004716 _____ () C:\Users\Rita\AppData\Roaming\wklnhst.dat
2013-05-01 14:40 - 2015-11-23 14:43 - 0001456 _____ () C:\Users\Rita\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-02-18 13:51 - 2015-04-13 11:35 - 0005120 _____ () C:\Users\Rita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-11 13:56 - 2014-09-11 13:56 - 0007681 _____ () C:\Users\Rita\AppData\Local\Resmon.ResmonCfg
2011-11-10 10:18 - 2011-11-10 10:18 - 0373202 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).0
2011-11-10 10:18 - 2011-11-10 10:18 - 0069688 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).1
2011-11-10 10:18 - 2011-11-10 10:18 - 0069539 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).2
2011-11-10 10:18 - 2011-11-10 10:18 - 0070732 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).3
2011-11-10 10:18 - 2011-11-10 10:18 - 0069531 _____ () C:\Users\Rita\AppData\Local\tmp902_(768X1024).JPG
2011-10-06 13:49 - 2011-10-06 13:49 - 0057728 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.0
2011-10-06 13:49 - 2011-10-06 13:49 - 0044774 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.1
2011-10-06 13:49 - 2011-10-06 13:49 - 0045121 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.2
2011-10-06 13:49 - 2011-10-06 13:49 - 0044685 _____ () C:\Users\Rita\AppData\Local\tmpIMG00856-20111006-1111.JPG
2012-02-14 16:47 - 2012-02-14 16:47 - 0999612 _____ () C:\Users\Rita\AppData\Local\tmpIMG_20120214_154344.0
2012-02-14 16:47 - 2012-02-14 16:47 - 0430472 _____ () C:\Users\Rita\AppData\Local\tmpIMG_20120214_154344.JPG
2012-05-21 14:41 - 2012-05-21 14:41 - 0577200 _____ () C:\Users\Rita\AppData\Local\tmpP1010041.0
2012-05-21 14:41 - 2012-05-21 14:41 - 0455308 _____ () C:\Users\Rita\AppData\Local\tmpP1010041.JPG
2012-07-16 10:50 - 2012-07-17 12:36 - 0121226 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 1.0
2012-07-17 12:36 - 2012-07-17 12:36 - 0045181 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 1.JPG
2012-07-16 10:50 - 2012-07-17 12:42 - 0130619 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.0
2012-07-17 08:45 - 2012-07-17 08:45 - 0030828 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.1
2012-07-17 12:42 - 2012-07-17 12:42 - 0048586 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 2.JPG
2012-07-16 10:52 - 2012-07-17 12:38 - 0127561 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.0
2012-07-17 08:46 - 2012-07-17 08:46 - 0040643 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.1
2012-07-17 12:38 - 2012-07-17 12:38 - 0046020 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 3.JPG
2012-07-16 10:53 - 2012-07-17 08:47 - 0116826 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.0
2012-07-17 08:48 - 2012-07-17 08:47 - 0039314 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.1
2012-07-17 08:48 - 2012-07-17 08:48 - 0040669 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 4.JPG
2012-07-16 10:54 - 2012-07-16 10:54 - 0036310 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 5.0
2012-07-16 10:54 - 2012-07-16 10:54 - 0013752 _____ () C:\Users\Rita\AppData\Local\tmpPHOTO 5.JPG
2012-05-07 11:00 - 2012-05-07 11:00 - 0058238 _____ () C:\Users\Rita\AppData\Local\tmpPICTURE1.0
2012-05-07 11:00 - 2012-05-07 11:00 - 0060606 _____ () C:\Users\Rita\AppData\Local\tmpPICTURE1.JPG
2011-12-12 16:53 - 2011-12-12 16:52 - 0491435 _____ () C:\Users\Rita\AppData\Local\tmpRILEY 040.JPG
2011-12-12 16:52 - 2011-12-12 16:52 - 0015112 _____ () C:\Users\Rita\AppData\Local\tmpRILEY 040_navi.JPG
2011-05-17 08:19 - 2011-05-17 08:19 - 0329139 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.0
2011-05-17 08:19 - 2011-05-17 08:19 - 0100668 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.1
2011-05-17 08:19 - 2011-05-17 08:19 - 0101121 _____ () C:\Users\Rita\AppData\Local\tmpSCAN0010.JPG
2012-02-07 09:01 - 2012-02-07 09:01 - 0135452 _____ () C:\ProgramData\1328545554.bdinstall.bin
2015-09-10 13:47 - 2015-09-10 13:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-19 14:25 - 2012-02-02 09:43 - 0536762 _____ () C:\ProgramData\bdinstall.bin
2010-05-26 13:56 - 2015-09-17 07:38 - 0007453 _____ () C:\ProgramData\hpzinstall.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-01-09 00:28
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Rita (2016-01-13 13:16:07)
Running from C:\Users\Rita\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-05-20 15:57:24)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3816076352-1316818048-2459394720-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3816076352-1316818048-2459394720-1002 - Limited - Enabled)
Guest (S-1-5-21-3816076352-1316818048-2459394720-501 - Limited - Disabled)
Rita (S-1-5-21-3816076352-1316818048-2459394720-1000 - Administrator - Enabled) => C:\Users\Rita
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: BitDefender Antivirus (Enabled - Out of date) {50909708-FF80-02AF-F814-B28405891E92}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: BitDefender AntiSpyware  (Enabled - Out of date) {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
FW: BitDefender Firewall  (Enabled) {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
APC PowerChute Personal Edition (HKLM-x32\...\{5A0C892E-FD1C-4203-941E-0956AED20A6A}) (Version: 2.1.1 - American Power Conversion Corporation)
AT&T Communication Manager (HKLM-x32\...\{39A13F18-2AA2-4AB2-B7E3-5D356BCD48F7}) (Version: 9.2.444.7 - AT&T)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.09 - Avanquest Software)
Avery Template - U_0087_01_PlateauLines_0805_01_en (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000002}) (Version: 1.0.0.0 - Avery)
Avery Template (HKLM-x32\...\{A760067A-C07E-1033-0000-A764AC000005}) (Version: 2.0.0.0 - Avery)
BitDefender Total Security 2011 (Version: 14.0.29 - BitDefender) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
CutePDF Writer 2.9 (HKLM\...\CutePDF Writer Installation) (Version:  2.9 - CutePDF.com)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2115 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 3.1.3224 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 3.1.3224 - Hewlett-Packard) Hidden
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FileZilla Client 3.7.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.0.1 - FileZilla Project)
Google Chrome (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5247.34 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.1.3317 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3422 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.1.0.1 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{35021DFB-F9CA-402A-89A2-47F91E506465}) (Version: 1.0.2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Officejet Pro 8620 Basic Device Software (HKLM\...\{A977D10D-989A-40D4-B0B1-450954516543}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Help (HKLM-x32\...\{9A4D71AB-9C68-4702-A4A2-A4DB7B0FE270}) (Version: 32.0.0 - Hewlett Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.11.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
join.me (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\JoinMe) (Version: 1.8.0.108 - LogMeIn, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2017 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2017 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.566.0 - Microsoft Live Search Toolbar)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM-x32\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{6344718C-AE30-4C86-B5CD-459077A83623}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.2047.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.1.3310 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 3.1.3310 - Hewlett-Packard) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMailList Deluxe (HKLM-x32\...\{DD3A31EB-916D-42AE-913A-B1C29B599EB2}) (Version: 8.0.1.0 - Avanquest USA)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3304 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3304 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3405 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3405 - CyberLink Corp.) Hidden
Product Improvement Study for HP Officejet Pro 8620 (HKLM\...\{99039186-EBEB-4127-BFA2-18B10A05ACE2}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickBooks (x32 Version: 23.0.4015.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (HKLM-x32\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4005.2305 - Intuit Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5938 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2216 - CyberLink Corp.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Secret Diaries: Florence Ashford (x32 Version: 2.2.0.95 - WildTangent) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games App (HP Games) (x32 Version: 4.0.4.12 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D9}) (Version: 17.0.10381 - WinZip Computing, S.L. )
Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Rita\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3816076352-1316818048-2459394720-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Rita\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {011A7DB2-EC46-488D-A310-CB2C799CAD97} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {01862455-7CE2-4E47-837A-D5A30463655A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {05A34E55-46C4-433D-8EAC-DBFDC0846100} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0B7D27A5-EEB9-4075-B0F9-FDD9439A1B83} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-10-22] (CyberLink)
Task: {228E4C70-8F33-4752-A9F4-467F2AA94266} - \RocketTab -> No File <==== ATTENTION
Task: {259D2E61-569D-471E-96DF-E9B36F76C0BF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {2AA8AAF1-0B60-43D4-931B-205EA52568E7} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {42BE31A4-852E-448C-8A2D-68CD65D6C225} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-30] (Dropbox, Inc.)
Task: {43E26A22-8C06-47B6-8BD3-67F97B2CA08F} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18] (PC-Doctor, Inc.)
Task: {4BD5164A-791D-45DC-99B4-4D631893AE24} - System32\Tasks\{7696C71C-A8B4-48C4-982D-80168A39DE04} => pcalua.exe -a E:\autorun.exe -d E:\
Task: {533A092B-CD93-48FA-AD78-4737913CA035} - System32\Tasks\HP AR Program Upload - ccf4601ac0fb4bc8bd46df0b473f3197d6816af7b554412f8d007499219da621 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5D08D0F8-E213-4CA6-9F53-D45FC19B5C91} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6171D387-EDCC-4708-8D11-D44CF3ED680D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {69B43B57-CFB2-4F70-86FB-9972319046DE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {78874EA2-DC0A-4BC8-991B-D259AC2A0A96} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7F4F0FAA-2CB5-409B-9803-6F4D40C5564E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {83F3B163-B0D6-4B37-AB0C-539B0765F4B7} - System32\Tasks\{D6BB8FCE-AEE0-4653-B593-F63EE1D81924} => pcalua.exe -a H:\Setup.exe -d H:\
Task: {8525602E-9A60-4987-90B1-23C54D8966D6} - System32\Tasks\{C1BEAAC4-01AA-40D8-90F4-92052767B3BF} => pcalua.exe -a E:\ThirdParty\DotNET35\dotNetFX35\x64\netfx35_x64.exe -d E:\ThirdParty\DotNET35\dotNetFX35\x64
Task: {89AA89EC-65BB-4134-B7E3-DB13C2FA3543} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {96BEE6A9-31D6-4002-82ED-8305BCA4CB51} - System32\Tasks\{9BD3DB69-BDE1-4AA0-BEA4-D77AFC6312AD} => pcalua.exe -a E:\ThirdParty\DotNET35\dotNetFX35\x86\netfx35_x86.exe -d E:\ThirdParty\DotNET35\dotNetFX35\x86
Task: {96C63879-8434-4AE3-910E-793EDD8983E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {9D104730-2752-4143-83B7-7085A888FA72} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {A45D4F49-E07D-4CD3-957D-EE8F242D4A59} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
Task: {ACC27FC4-98AE-4E8C-AE43-D4EF344B800B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {B954F51F-5B63-43C5-90F8-DD4AD28E9149} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {C18B7D6A-4A4C-48B0-8910-84E7501DC017} - \RocketTab Update Task -> No File <==== ATTENTION
Task: {C4328551-BC52-4433-AEF7-703A004F5242} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D2EFC405-0A79-49DE-BFF3-0C6AD46B08F8} - System32\Tasks\{2357939A-60D3-4EAE-A090-3688729889C2} => pcalua.exe -a E:\setup.exe -d E:\
Task: {DCA119C8-4C0D-498D-8B47-2D9F14479BBE} - System32\Tasks\HPCeeScheduleForRita => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job => C:\Users\Rita\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000Core.job => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816076352-1316818048-2459394720-1000UA.job => C:\Users\Rita\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRita.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-03-24 18:49 - 2011-06-01 11:34 - 00239648 _____ () C:\Program Files\BitDefender\BitDefender 2011\txmlutil.dll
2010-11-30 08:56 - 2011-06-01 11:33 - 00036768 _____ () C:\Program Files\BitDefender\BitDefender 2011\strdecoder.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00003584 _____ () C:\Program Files\BitDefender\BitDefender 2011\UI\DetectSMTPSettings.ui
2011-06-01 11:35 - 2011-06-01 11:35 - 00245328 _____ () C:\Program Files\BitDefender\BitDefender 2011\framework.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00142328 _____ () C:\Program Files\BitDefender\BitDefender 2011\accessl.dll
2011-06-01 11:34 - 2011-06-01 11:34 - 00161368 _____ () C:\Program Files\BitDefender\BitDefender 2011\connector.dll
2011-03-24 17:41 - 2011-06-01 11:34 - 00086208 _____ () C:\Program Files\BitDefender\BitDefender 2011\bdmltusrsrv.dll
2010-11-30 06:18 - 2010-11-30 06:18 - 00303008 _____ () C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\smartscn.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00029552 _____ () C:\Program Files\BitDefender\BitDefender 2011\knownfilessp.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00086696 _____ () C:\Program Files\BitDefender\BitDefender 2011\ExcludeMgr.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 00008704 _____ () C:\Program Files\BitDefender\BitDefender 2011\UI\accessl.ui
2011-06-01 11:35 - 2011-06-01 11:35 - 00054272 _____ () C:\Program Files\BitDefender\BitDefender 2011\procinfo.dll
2011-06-01 11:34 - 2011-06-01 11:34 - 00025432 _____ () C:\Program Files\BitDefender\BitDefender 2011\smartscnal.dll
2010-08-20 17:42 - 2010-08-20 17:42 - 00152616 _____ () C:\Program Files\BitDefender\BitDefender 2011\bdfwcore.dll
2011-06-30 06:02 - 2011-06-30 06:02 - 00265928 _____ () C:\Program Files\BitDefender\BitDefender 2011\midasal.dll
2011-07-11 09:23 - 2011-07-11 09:23 - 00096520 _____ () C:\Program Files\BitDefender\BitDefender 2011\midasdp.dll
2011-03-24 18:49 - 2011-06-01 11:34 - 00042424 _____ () C:\Program Files\BitDefender\BitDefender 2011\containerdatasp.dll
2011-06-01 11:35 - 2011-06-01 11:35 - 01048064 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpbr.mdl
2011-01-31 20:21 - 2011-06-01 11:34 - 01168384 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpdsp.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 02789376 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpf.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02614784 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpfr.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02732544 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttpph.mdl
2011-06-01 11:36 - 2011-06-01 11:36 - 01440768 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\ashttprbl.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 01007104 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimbr.mdl
2011-06-01 11:34 - 2011-06-01 11:34 - 01089536 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimdsp.mdl
2011-06-01 11:35 - 2011-06-01 11:35 - 02545664 _____ () C:\Program Files\BitDefender\BitDefender 2011\as2core\asimf.mdl
2012-09-27 10:24 - 2012-09-12 14:33 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2012-12-18 09:06 - 2012-12-18 09:06 - 00056360 _____ () C:\Program Files (x86)\AT&T\AT&T Communication Manager\AdminHelper.exe
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-09-14 19:17 - 2009-09-14 19:17 - 00610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2012-12-18 09:06 - 2012-12-18 09:06 - 00219688 _____ () C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm_AppStart.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:B85A9C0F
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ntrexeservice => "(Default)"="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTRSupport => "(Default)"="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-12-11 10:21 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
 
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3816076352-1316818048-2459394720-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Rita\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^APC UPS Status.lnk => C:\Windows\pss\APC UPS Status.lnk.CommonStartup
MSCONFIG\startupreg: attcm.exe => C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
MSCONFIG\startupreg: BDAgent => "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"
MSCONFIG\startupreg: BitDefender Antiphishing Helper => "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{7BDF9A3E-F198-4F6B-B44C-F0E4C299FCD3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{4880A744-175E-4894-824F-13A151A2A132}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{1D054CA5-E329-40AF-A202-1479C4FCD6DE}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{18B8E588-C53C-479E-A225-CED02417B9B3}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{866089F2-FBAC-4F31-B012-69AFE1A98C37}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{772D1779-862C-4621-9AB8-321BB6AD39AD}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{D4D41897-0F0F-468C-A76B-66F24BF41520}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{E49859A7-4440-498A-A4C8-D89C8AD1F088}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{4CC63F80-65E2-4950-9015-5D14A093F0DB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{E5880B7B-7944-419E-97EB-5A5D132F13DA}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{7E96A93B-A280-4D1F-873C-52D1A2633B07}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{DB1572C1-3FA6-4D06-A23D-44948DB3CF44}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{7FFE5900-3116-4649-9157-4C8AB7647095}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6DE2D9DE-38B3-4B6D-BD8F-974956CCE4AB}] => (Allow) svchost.exe
FirewallRules: [{30A44DB5-4E2C-4B38-BC1F-A162FBC750E3}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C21649AB-6BEF-4372-A8E5-CC6671681BE9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5D6FD0C0-A951-454A-A365-C173229A883E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3A5719DD-8472-4403-B189-15DC0AF95219}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{2EDBD106-C6F9-421F-BC37-262DFAB1D65F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F118BDE8-1A1E-4861-8AAF-EE1870732164}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{570AAEE1-6415-4ED6-B8D5-0E0A9FA9BA81}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{CEC7ACA0-BDCA-4CE4-9A19-6657BEA9BD0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{63DA2820-E2D6-4954-A921-814B6856E85E}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{40013AFE-9375-4F15-A545-16BE9CC0C812}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D3369961-BC27-408C-97AB-4E19C8C81A19}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{2DF8E00B-9959-447B-80C8-55F5C588F73C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{0FA6F10B-10EC-4400-8B32-ACF91D98AC7E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{33B16A11-D814-458D-9748-A20A7DC34379}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{AF79BFE3-605C-4B04-8C95-B5D1CF2D001B}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{00A01F16-74A7-4195-A306-D0201199F021}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2663C4CE-884A-4A1A-B563-534AA20C822B}] => (Allow) LPort=2869
FirewallRules: [{57743DC6-35C7-4BA0-A3BA-BB32BB5661D3}] => (Allow) LPort=1900
FirewallRules: [{81469496-C246-45ED-A48D-391E341A1986}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0AD0FA57-10B0-4CEA-AB38-95FBB64DC9BB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37FFFCF3-A973-4645-855E-761BACB01165}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FC935C3D-AAFC-44C3-8BB2-197ECB59BB0C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{27E5D7E7-C7B0-43EC-87F1-4BCA8CAD18AC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [{A6A30CD4-EB02-450D-A477-42437CC4E921}] => (Allow) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D00199B6-62CD-413D-840B-9F471DE22EF9}] => (Allow) C:\Users\Rita\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{40C5272C-1304-409B-A7B0-186A9CDA55DE}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{6AB70344-A93A-4DC8-AA26-DFD40443C617}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{B2969D06-7DE0-4B82-9672-4502D92F88D9}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{F00B4C98-67D9-442F-B291-D22490A44AAB}] => (Allow) C:\Users\Rita\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{5E92EFC5-DAA4-49A1-9570-AD982AD79458}C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{76C55CE6-3D58-4F31-9C31-271238080C9C}C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\rita\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8BC27531-5606-4634-90AC-0BBA00D6753E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B9936B8-F156-44DD-87B4-D30B6A9DEAF2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{8AE3BA28-29E6-45D1-B140-FD113C4DC45C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{819DC76B-B885-42A4-B997-C5725874B539}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{1F420FE4-02C1-436F-A424-894349022B3B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{5F785759-E5E4-4A9D-B9AB-F0E604B47A6B}] => (Allow) LPort=5357
FirewallRules: [{439735A4-3422-43B7-945A-6B588FE793B0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{20848D1E-2E08-4E46-9E32-3E10EEFCF9C7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C30F609A-976E-4ED5-81D2-8E80FB24B390}] => (Allow) C:\Users\Rita\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
01-01-2016 02:04:32 Windows Update
05-01-2016 02:04:28 Windows Update
12-01-2016 02:04:27 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/13/2016 12:07:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScanToPCActivationApp.exe, version: 32.3.198.49673, time stamp: 0x53cda154
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000004eec00
Faulting process id: 0xf44
Faulting application start time: 0xScanToPCActivationApp.exe0
Faulting application path: ScanToPCActivationApp.exe1
Faulting module path: ScanToPCActivationApp.exe2
Report Id: ScanToPCActivationApp.exe3
 
Error: (01/12/2016 02:27:45 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: SALESRECEIPT, TxnID: 701210
 
Error: (01/12/2016 02:25:09 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701210
 
Error: (01/12/2016 01:56:30 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: INVOICE, TxnID: 700697
 
Error: (01/12/2016 01:56:29 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: RECEIVEPAYMENT, TxnID: 701203
 
Error: (01/12/2016 01:53:48 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling modify notification to Left Nav Bar - TxnType: INVOICE, TxnID: 700697
 
Error: (01/12/2016 01:47:03 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701193
 
Error: (01/12/2016 01:29:49 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
LeftNavDataHelper: Error handling add notification to Left Nav Bar- TxnType: SALESRECEIPT, TxnID: 701186
 
Error: (01/11/2016 04:23:55 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
The user canceled one of the dialog boxes. No message was sent.
 
Error: (01/11/2016 04:23:55 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2013":
Failed to send mail message:
 
 
System errors:
=============
Error: (01/13/2016 12:12:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:09:06 PM on ‎1/‎13/‎2016 was unexpected.
 
Error: (01/13/2016 11:56:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:38:18 AM on ‎1/‎13/‎2016 was unexpected.
 
Error: (01/11/2016 02:25:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
 
Error: (01/08/2016 05:04:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (01/06/2016 11:26:09 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
 
Error: (01/06/2016 11:26:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (01/05/2016 04:30:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (01/04/2016 03:55:01 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (12/30/2015 01:27:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (12/30/2015 01:13:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:32:00 PM on ‎12/‎30/‎2015 was unexpected.
 
 
CodeIntegrity:
===================================
  Date: 2015-09-03 15:58:17.202
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.182
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.162
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.157
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.151
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.142
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.136
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.121
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.106
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
  Date: 2015-09-03 15:58:17.103
  Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked.  Check with the publisher to see if a new signed version of the kernel module is available.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X2 250 Processor
Percentage of memory in use: 63%
Total physical RAM: 3839.3 MB
Available physical RAM: 1415.13 MB
Total Virtual: 7676.82 MB
Available Virtual: 4410.84 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:585.31 GB) (Free:497.32 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.77 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Seagate Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:1860.56 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.8 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP