Hello! I'm trying to help my wife with her old computer. Some how she clicked on something and now the comp. has a Pup ( Get-a-Clip) that I can't get rid of. Norton keeps showing that it blocked an attack by ( System Infected: Adware.Gen Activity 3) also that it Quarantined ( Bloodhound.MalPE). I have ran a full system scan With Norton, also the Power Eraser by Norton, Adware Cleaner and Malwarebytes trying to clear things up with no luck. I know it's an old computer, but right now thats what she uses.
Thank you for any help
Logs to follow
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-02-2016
Ran by Front Desk (administrator) on JEANNE (18-02-2016 15:16:25)
Running from C:\Documents and Settings\Front Desk\Desktop
Loaded Profiles: Front Desk (Available Profiles: Front Desk & LogMeInRemoteUser & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Dell Inc.) C:\WINDOWS\system32\EmsService.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe
() C:\Program Files\Get-a-Clip\MFLService2.exe
(Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\n360.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(Symantec Corporation) C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Symantec Corporation) C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\n360.exe
(Dell Inc.) C:\WINDOWS\system32\EmsServiceHelper.exe
() C:\Program Files\Get-a-Clip\mflstart.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EmsService] => C:\WINDOWS\system32\EmsServiceHelper.exe [2436448 2014-06-12] (Dell Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [mflstart] => C:\Program Files\Get-a-Clip\mflstart.exe [116208 2016-02-09] ()
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll [2015-11-19] (LogMeIn, Inc.)
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssstars.scr [14336 2008-04-13] (Microsoft Corporation)
AppInit_DLLs: mfllib.dll => C:\WINDOWS\system32\mfllib.dll [111600 2016-02-09] ()
Lsa: [Authentication Packages] msv1_0 nwprovau
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2239EF8C-819A-4115-AC14-D60C944FE5A9}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{319CB493-C1AA-42CD-89B4-2AE44929C51E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9479C24B-3DD6-4ED9-AA95-D0D78551B73E}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=1071009
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=en&pid=N360&pvid=21.6.0.32
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005 -> DefaultScope {DD259C95-6D0C-4027-9478-CEB509D0DDE3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=att-ie8
SearchScopes: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005 -> {DD259C95-6D0C-4027-9478-CEB509D0DDE3} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=att-ie8
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
BHO: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files\Norton 360 Premier Edition\Engine\21.7.0.11\IPS\IPSBHO.DLL => No File
BHO: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-30] (Oracle Corporation)
BHO: MFLHelper Class -> {B0932222-51E2-47D1-A4EF-CB10AE7DF086} -> C:\Program Files\Get-a-Clip\MFLPluginIE.dll [2016-02-09] (Get-a-Clip)
BHO: CBrowserHelperObject Object -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> C:\Program Files\BAE\BAE.dll [2007-01-26] (Dell Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-30] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {00140000-B1BA-11CE-ABC6-F5B2E79D9E3F} file:///D:/Scripts/LTOCX14N.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} hxxps://vpn.flaglerhospital.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {88D969C0-F192-11D4-A65F-0040963251E5} hxxps://images.flaglerhospital.org/ami/install/msxml4.cab
DPF: {8B9D77B2-39C0-4674-AF42-BBD50FF71781} hxxps://images.doctorsimaginggroup.com/ami/install/amiviewer.cab
DPF: {CAFEEFAC-0017-0000-0055-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_55-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D30CA0FD-1CA0-11D4-AC78-006008A9A8BC} hxxp://www.flaglerhospital.org/extranet/nav/vpn/webinst.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://mygp.gp.com/dana-cached/sc/JuniperSetupClient.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1083
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll [2012-05-14] (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\WINDOWS\system32\mscoree.dll [2009-11-07] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Front Desk\Application Data\Mozilla\Firefox\Profiles\som590nm.default-1455821559859
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\WINDOWS\system32\npdeployJava1.dll [2014-04-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/DownloadManager,version=1.1 -> C:\WINDOWS\ [] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nielsen/FirefoxTracker -> C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2007805527-2214855839-2415389009-1005: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\Front Desk\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll [2014-01-14] (Citrix Online)
FF Plugin HKU\S-1-5-21-2007805527-2214855839-2415389009-1005: @zoom.us/ZoomVideoPlugin -> C:\Documents and Settings\Front Desk\Application Data\Zoom\bin\npzoomplugin.dll [2015-11-30] (Zoom Video Communications, Inc.)
FF user.js: detected! => C:\Documents and Settings\Front Desk\Application Data\Mozilla\Firefox\Profiles\som590nm.default-1455821559859\user.js [2016-02-18]
FF Extension: Get-a-Clip Extension - C:\Documents and Settings\Front Desk\Application Data\Mozilla\Firefox\Profiles\som590nm.default-1455821559859\extensions\[email protected] [2016-02-18] [not signed]
FF Extension: Get-a-Clip Extension - C:\Program Files\Mozilla Firefox\extensions\[email protected] [2016-02-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\[email protected] => not found
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon
FF Extension: Norton Identity Safe - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon [2016-01-19]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Mozilla Firefox\extensions\[email protected]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\!mercury-autoenable.js [2016-02-18] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\!mercury-csp.js [2016-02-18]
FF ExtraCheck: C:\Program Files\mozilla firefox\mercury-autoenable.cfg [2016-02-18] <==== ATTENTION
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\48.0.2564.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\48.0.2564.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\48.0.2564.103\pdf.dll => No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Documents and Settings\Front Desk\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Citrix ICA Client) - C:\Program Files\Citrix\ICA Client\npicaN.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll => No File
CHR Plugin: (Java Platform SE 7 U55) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll => No File
CHR Plugin: (Java Deployment Toolkit 7.0.550.14) - C:\WINDOWS\system32\npdeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll => No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Documents and Settings\Front Desk\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\Front Desk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-12-19]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\Front Desk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-11-17]
CHR Extension: (Norton Safe) - C:\Documents and Settings\Front Desk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-01-15]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Front Desk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-05]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 EMS; C:\WINDOWS\system32\EMSService.exe [1698144 2014-06-12] (Dell Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-30] (Oracle Corporation)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Ignition\LMIGuardianSvc.exe [411632 2015-11-19] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MFLService2; C:\Program Files\Get-a-Clip\MFLService2.exe [1983640 2016-02-09] ()
R2 N360; C:\Program Files\Norton 360 Premier Edition\Engine\22.5.5.15\N360.exe [282016 2015-11-20] (Symantec Corporation)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [475136 2007-05-14] (Dell Inc.) [File not signed]
R2 Norton PC Checkup Application Launcher; C:\Program Files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [132504 2013-03-20] (Symantec Corporation)
R2 NWCWorkstation; C:\WINDOWS\System32\nwwks.dll [65536 2008-04-13] (Microsoft Corporation)
R2 NwSapAgent; C:\WINDOWS\System32\ipxsap.dll [66560 2004-08-04] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2012-05-14] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2012-07-28] (Intuit Inc.) [File not signed]
R2 STacSV; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [90112 2007-02-18] (SigmaTel, Inc.) [File not signed]
S3 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
R2 Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe /Processid:{BDFEFE06-0F3F-44F4-984D-3BF2A1CA8D75}
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 AE1000; C:\WINDOWS\System32\DRIVERS\AE1000XP.sys [816672 2010-02-12] (Ralink Technology, Corp.)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21393 2007-10-09] (Cisco Systems, Inc.)
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R1 BHDrvx86; C:\Program Files\Norton 360 Premier Edition\NortonData\22.5.0.124\Definitions\BASHDefs\20160213.002\BHDrvx86.sys [1270008 2016-02-12] (Symantec Corporation)
R2 BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed]
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360\1605050.00F\ccSetx86.sys [137456 2015-07-10] (Symantec Corporation)
R0 CmgPCS; C:\WINDOWS\System32\DRIVERS\CmgPCS.sys [143488 2014-05-19] (Dell Inc.)
R0 CmgShieldFFE; C:\WINDOWS\System32\DRIVERS\CmgFFE.sys [586496 2014-06-06] (Dell Inc.)
S3 CVirtA; C:\WINDOWS\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 DXEC01; C:\WINDOWS\System32\drivers\dxec01.sys [97536 2006-11-02] (Knowles Acoustics) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [389968 2015-11-17] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [125264 2015-11-17] (Symantec Corporation)
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [56320 2007-01-30] (O2Micro)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209152 2007-01-31] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [989696 2007-01-31] (Conexant Systems, Inc.)
R3 IDSxpx86; C:\Program Files\Norton 360 Premier Edition\NortonData\22.5.0.124\Definitions\IPSDefs\20160217.001\IDSxpx86.sys [548536 2016-02-13] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 NAVENG; C:\Program Files\Norton 360 Premier Edition\NortonData\22.5.0.124\Definitions\VirusDefs\20160218.002\NAVENG.SYS [104440 2016-01-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360 Premier Edition\NortonData\22.5.0.124\Definitions\VirusDefs\20160218.002\NAVEX15.SYS [1647216 2016-01-22] (Symantec Corporation)
R3 NETw4x32; C:\WINDOWS\System32\DRIVERS\NETw4x32.sys [2211456 2007-08-12] (Intel Corporation)
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [21784 2011-08-01] (Microsoft Corporation)
R2 NwlnkIpx; C:\WINDOWS\System32\DRIVERS\nwlnkipx.sys [88320 2008-04-13] (Microsoft Corporation)
R2 NwlnkNb; C:\WINDOWS\System32\DRIVERS\nwlnknb.sys [63232 2004-08-04] (Microsoft Corporation)
R2 NwlnkSpx; C:\WINDOWS\System32\DRIVERS\nwlnkspx.sys [55936 2004-08-04] (Microsoft Corporation)
R3 NWRDR; C:\WINDOWS\System32\DRIVERS\nwrdr.sys [163584 2008-04-13] (Microsoft Corporation)
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [36528 2006-07-24] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12416 2007-05-29] (Intel Corporation) [File not signed]
R1 SRTSP; C:\WINDOWS\System32\Drivers\N360\1605050.00F\SRTSP.SYS [712944 2015-11-11] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\1605050.00F\SRTSPX.SYS [44792 2015-07-10] (Symantec Corporation)
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1228296 2007-02-18] (SigmaTel, Inc.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\N360\1605050.00F\SYMEFASI.SYS [1287408 2015-11-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [103152 2015-07-23] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\1605050.00F\Ironx86.SYS [234744 2015-07-10] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\N360\1605050.00F\SYMTDI.SYS [388440 2015-11-11] (Symantec Corporation)
S3 HPZid412; system32\DRIVERS\HPZid412.sys [X]
S3 HPZipr12; system32\DRIVERS\HPZipr12.sys [X]
S3 HPZius12; system32\DRIVERS\HPZius12.sys [X]
S4 LMIRfsClientNP; no ImagePath
S3 NielGfx; system32\drivers\nielgfx.sys [X]
S0 nielprt; system32\DRIVERS\nielprt.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 vpnva; system32\DRIVERS\vpnva.sys [X]
S3 vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-18 15:16 - 2016-02-18 15:17 - 00023136 _____ C:\Documents and Settings\Front Desk\Desktop\FRST.txt
2016-02-18 15:15 - 2016-02-18 15:16 - 00000000 ____D C:\FRST
2016-02-18 15:11 - 2016-02-18 14:34 - 01722368 _____ (Farbar) C:\Documents and Settings\Front Desk\Desktop\FRST.exe
2016-02-10 14:05 - 2016-02-16 04:10 - 00000000 ____D C:\AdwCleaner
2016-02-10 14:05 - 2016-02-10 14:05 - 01508352 _____ C:\Documents and Settings\Front Desk\Desktop\AdwCleaner.exe
2016-02-10 12:38 - 2016-02-10 12:40 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-10 12:38 - 2016-02-10 12:38 - 00000777 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-10 12:38 - 2016-02-10 12:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-10 12:37 - 2016-02-10 12:38 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-10 12:37 - 2015-10-05 09:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-10 12:37 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-10 12:31 - 2016-02-10 12:33 - 22908888 _____ (Malwarebytes ) C:\Documents and Settings\Front Desk\Desktop\mbam-setup-2.2.0.1024.exe
2016-02-09 16:01 - 2016-02-18 12:27 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-09 06:25 - 2016-02-18 14:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-09 06:25 - 2016-02-18 12:27 - 00000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-09 06:25 - 2016-02-18 12:27 - 00000724 _____ C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2016-02-09 06:25 - 2016-02-09 06:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Mozilla
2016-02-09 06:22 - 2016-02-10 14:38 - 00000000 ____D C:\Program Files\Get-a-Clip
2016-02-09 06:22 - 2016-02-09 06:21 - 00111600 _____ C:\WINDOWS\system32\mfllib.dll
2016-02-09 06:21 - 2016-02-09 06:21 - 00000000 ____D C:\Documents and Settings\Front Desk\Temp
2016-01-30 18:12 - 2016-01-30 18:13 - 00000000 ____D C:\Documents and Settings\Front Desk\My Documents\METLIFE
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-18 15:17 - 2007-10-24 15:24 - 00000000 ____D C:\Documents and Settings\Front Desk\Local Settings\Temp
2016-02-18 15:07 - 2015-08-14 12:47 - 00000524 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2007805527-2214855839-2415389009-1005.job
2016-02-18 14:55 - 2014-11-17 12:44 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 14:55 - 2004-08-11 17:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2016-02-18 14:47 - 2007-10-09 01:05 - 00004322 _____ C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2016-02-18 14:47 - 2004-08-11 17:11 - 00000000 ____D C:\WINDOWS\Registration
2016-02-18 14:46 - 2004-08-11 17:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-18 14:45 - 2007-10-24 15:24 - 00000178 ___SH C:\Documents and Settings\Front Desk\ntuser.ini
2016-02-18 14:45 - 2004-08-11 17:20 - 00032146 _____ C:\WINDOWS\SchedLgU.Txt
2016-02-18 14:35 - 2014-11-17 12:44 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-18 14:32 - 2015-06-18 07:39 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-18 13:36 - 2015-08-23 12:32 - 00000620 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2007805527-2214855839-2415389009-1005.job
2016-02-18 12:32 - 2007-10-24 15:24 - 00000000 ____D C:\Documents and Settings\Front Desk
2016-02-16 04:03 - 2014-06-12 08:27 - 00000000 ____D C:\Documents and Settings\Front Desk\Local Settings\Application Data\Adobe
2016-02-14 01:05 - 2014-03-13 16:00 - 00000000 ____D C:\Documents and Settings\Front Desk\Local Settings\Application Data\NPE
2016-02-12 12:19 - 2015-11-19 20:37 - 00000000 ____D C:\Program Files\LogMeIn Ignition
2016-02-10 17:27 - 2014-12-21 08:14 - 00000682 _____ C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2016-02-10 17:10 - 2014-06-19 14:54 - 00000000 ____D C:\Documents and Settings\Front Desk\Desktop\Old Firefox Data
2016-02-10 17:00 - 2014-04-03 08:22 - 00064152 ____H C:\WINDOWS\system32\mlfcache.dat
2016-02-10 15:14 - 2004-08-11 17:00 - 00000211 __RSH C:\boot.ini
2016-02-10 14:09 - 2014-11-13 16:59 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\download-free-soft bundle uninstaller
2016-02-10 14:09 - 2011-05-17 16:44 - 00000000 ____D C:\Documents and Settings\Front Desk\Application Data\Yahoo!
2016-02-10 13:37 - 2014-10-04 08:30 - 00000258 __RSH C:\Documents and Settings\All Users\ntuser.pol
2016-02-10 13:37 - 2004-08-11 17:06 - 00000000 ____D C:\Documents and Settings\All Users
2016-02-10 13:35 - 2014-05-02 12:23 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2850869$
2016-02-10 12:14 - 2012-04-09 07:34 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2016-02-10 11:53 - 2013-02-06 17:10 - 01359594 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2007805527-2214855839-2415389009-1005-0.dat
2016-02-10 11:53 - 2013-01-17 17:04 - 00226746 ____C C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2016-02-10 11:08 - 2008-02-18 08:00 - 144254680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-10 06:32 - 2012-06-01 07:42 - 00796864 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-02-10 06:32 - 2012-06-01 07:42 - 00142528 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-02-09 22:58 - 2010-08-06 15:55 - 00000312 ____C C:\Documents and Settings\Front Desk\My Documents\spider.sav
2016-02-04 19:46 - 2014-11-17 12:45 - 00001819 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2016-02-04 19:46 - 2014-11-17 12:45 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2016-01-30 18:13 - 2007-10-24 15:24 - 00000000 ___RD C:\Documents and Settings\Front Desk\My Documents
2016-01-30 07:22 - 2015-07-17 19:21 - 00000000 ____D C:\Documents and Settings\Front Desk\My Documents\KATIE
2016-01-27 19:52 - 2012-04-23 14:54 - 00002515 _____ C:\Documents and Settings\Front Desk\Desktop\Microsoft Office Word 2007.lnk
==================== Files in the root of some directories =======
2015-12-02 21:23 - 2015-12-02 21:23 - 0000093 _____ () C:\Documents and Settings\Front Desk\Application Data\ARCompanion.log
2014-11-17 10:39 - 2014-11-17 10:39 - 0001122 ____C () C:\Documents and Settings\Front Desk\Application Data\ConvAPIPlugin.log
2007-11-05 10:11 - 2007-11-05 10:11 - 0012358 ____C () C:\Documents and Settings\Front Desk\Application Data\PFP110JCM.{PB
2007-11-05 10:11 - 2007-11-05 10:11 - 0061678 ____C () C:\Documents and Settings\Front Desk\Application Data\PFP110JPR.{PB
2014-10-14 23:16 - 2014-10-14 23:16 - 0000042 ____C () C:\Documents and Settings\Front Desk\Application Data\WB.CFG
2008-06-19 16:00 - 2008-06-19 16:00 - 0003584 ____C () C:\Documents and Settings\Front Desk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-07-28 08:24 - 2011-07-28 10:31 - 0015842 __SHC () C:\Documents and Settings\Front Desk\Local Settings\Application Data\xn20f483ph53a0o7q33nv25f33vqr33fh881r37xjcc0
2013-05-10 07:31 - 2013-05-10 07:31 - 0000057 ____C () C:\Documents and Settings\All Users\Application Data\Ament.ini
2014-11-17 09:37 - 2015-12-02 22:39 - 0009099 ____C () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2011-07-28 08:24 - 2011-07-28 10:31 - 0015842 __SHC () C:\Documents and Settings\All Users\Application Data\xn20f483ph53a0o7q33nv25f33vqr33fh881r37xjcc0
Some files in TEMP:
====================
C:\Documents and Settings\Front Desk\Local Settings\Temp\hpuninstaller.exe
C:\Documents and Settings\Front Desk\Local Settings\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-02-2016
Ran by Front Desk (2016-02-18 15:17:59)
Running from C:\Documents and Settings\Front Desk\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2007-10-24 20:24:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2007805527-2214855839-2415389009-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Front Desk (S-1-5-21-2007805527-2214855839-2415389009-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Front Desk
Guest (S-1-5-21-2007805527-2214855839-2415389009-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2007805527-2214855839-2415389009-1004 - Limited - Disabled)
LogMeInRemoteUser (S-1-5-21-2007805527-2214855839-2415389009-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\LogMeInRemoteUser
SUPPORT_388945a0 (S-1-5-21-2007805527-2214855839-2415389009-1002 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 Premier (Enabled - Up to date) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 Premier (Disabled) {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
biolsp patch (Version: 01.00.01.0010 - Wave Systems Corp) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brother HL-2040 (HKLM\...\{6319890B-22D5-44C2-ADC3-028226CACF67}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-6490CW (HKLM\...\{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Calendar Packages (HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\Calendar Packages) (Version: - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Dell Embassy Trust Suite by Wave Systems (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 02.00.00.039 - Wave Systems Corp)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: Version 7.1.101.6 - )
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DR Systems Web Ambassador (HKLM\...\{98BCB68E-274F-11D4-B2FA-00105AA9021A}) (Version: - )
EMBASSY Security Setup (Version: 03.00.00.035 - Wave Systems Corp) Hidden
EMS (HKLM\...\{A21585BC-27A4-4641-9100-875D80FEE805}) (Version: 8.4.0.6197 - Dell Inc.)
ESC Home Page Plugin (Version: 03.00.00.013 - Wave Systems Corp) Hidden
ETS Upgrade (Version: 02.00.00.012 - Wave Systems Corp) Hidden
Get-a-Clip (HKLM\...\Get-a-Clip) (Version: - Get-a-Clip)
Google Chrome (HKLM\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 7.11.1.4419 (HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\GoToMeeting) (Version: 7.11.1.4419 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartExpress (Version: 70.0.170.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
InstantShareAlert (Version: 1.00.0000 - HP) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
IntelliSonic Speech Enhancement (HKLM\...\{D9FCA292-1186-421F-8D93-9A5D272AD5D0}) (Version: 2.1.37 - Knowles Acoustics)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Juniper Networks Setup Client (HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\Juniper_Setup_Client) (Version: 2.2.3.8885 - Juniper Networks)
LaserJet 1020 series (HKLM\...\HP-LaserJet 1020 series) (Version: - )
LogMeIn (HKLM\...\{EE4CA5AF-4A55-418C-8CB8-74435814207B}) (Version: 4.1.2450 - LogMeIn, Inc.)
LogMeIn Client (HKLM\...\{26F88B15-E5F0-47D2-8176-1A9312DD44AD}) (Version: 1.3.1648 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marketsplash Shortcuts (HKLM\...\{16FCDD97-AE09-476B-88CD-261D852BD34C}) (Version: 1.0.1.7 - Hewlett-Packard)
mCore (Version: 9.24.0000 - Intel Corporation) Hidden
MEDITECH Workstation4.x (HKLM\...\Workstation4.x) (Version: - )
mHlpDell (Version: 9.24.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Download Manager (HKLM\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
mIWA (Version: 9.24.0000 - Intel Corporation) Hidden
mLogView (Version: 9.24.0000 - Intel Corporation) Hidden
mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden
mPfWiz (Version: 9.24.0000 - Intel Corporation) Hidden
MPM (HKLM\...\{D48AD533-BAD5-469B-A9AA-272C6D80E70B}) (Version: 1.00.0000 - Hewlett-Packard)
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
MyCalendar (HKLM\...\Tweaks MyCalendar) (Version: 1.1.3 - Tweaks)
mZConfig (Version: 9.24.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
Norton 360 Premier (HKLM\...\N360) (Version: 22.5.5.15 - Symantec Corporation)
Norton PC Checkup (HKLM\...\Norton PC Checkup_is1) (Version: 3.0.2.122.0 - NortonLive Services)
O2Micro USB Smart Card Reader (Version: 1.00.0000 - Dell Inc.) Hidden
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PowerDVD (HKLM\...\{281ECE39-F043-492B-8337-F2E546B5604A}) (Version: 7.0 - Dell)
QuickBooks (Version: 21.0.4011.904 - Intuit Inc.) Hidden
QuickBooks Pro 2011 (HKLM\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4011.904 - Intuit Inc.)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 8.1.12 - Dell Computer Corporation)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
ScanSoft PaperPort 11 (HKLM\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Secure Fast PC (HKLM\...\Secure Fast PC1.0) (Version: 1.0 - Developerts LLC)
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.4820.0 - SigmaTel)
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
Time Clock SBE 2.3 (HKLM\...\Time Clock SBE 2.3) (Version: 2.3 - Barger Solutions)
Toolbox (Version: 70.0.170.000 - Hewlett-Packard) Hidden
Unload (Version: 7.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
upekmsi (Version: 02.00.02.0010 - Wave Systems Corp) Hidden
URL Assistant (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
Wave Infrastructure Installer (Version: 03.05.10.0050 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.04.00.018 - Wave Systems Corp) Hidden
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - O2Micro (guardian2) SmartCardReader (02/05/2007 1.1.3.7) (HKLM\...\5FD5E95A18EBF60A056BA7A51A2E794E4216D3DD) (Version: 02/05/2007 1.1.3.7 - O2Micro)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM\...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WordPerfect Office 11 (HKLM\...\{54F90B55-BEB3-4F0D-8802-228822FA5921}) (Version: 11.0 - Corel Corporation)
Zoom (HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{0C1F87AE-AE62-11D3-911C-00105A17B608}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{371D0743-7A57-11D2-AD5A-00105A17B608}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{3E1A2BBD-5707-4646-B268-518B997DC94D}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{4F99A075-5227-11D2-AD06-00105A17B608}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\2553\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{B22FE43C-D1E8-432A-A862-9F83D5F04732}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{CA4FC24B-C65C-11D1-AA6F-000000000000}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{DDD136CE-517B-11D2-AD03-00105A17B608}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{E9D55102-9683-11D2-BA68-0040053687FE}\InprocServer32 -> C:\WINDOWS\system32\dartsock.dll (Dart Communications)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2011\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2007805527-2214855839-2415389009-1005.job => C:\Program Files\Citrix\GoToMeeting\4419\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2007805527-2214855839-2415389009-1005.job => C:\Program Files\Citrix\GoToMeeting\4419\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job => c:\Program Files\Microsoft IntelliPoint\ipoint.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-02-09 06:22 - 2016-02-09 06:21 - 00111600 _____ () C:\WINDOWS\system32\mfllib.dll
2016-02-09 06:22 - 2016-02-09 06:21 - 00111600 _____ () C:\WINDOWS\System32\mfllib.dll
2012-06-06 07:20 - 2010-05-13 22:47 - 00059904 ____N () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\pphp1020.dll
2016-02-09 06:22 - 2016-02-09 06:21 - 01983640 _____ () C:\Program Files\Get-a-Clip\MFLService2.exe
2016-02-09 06:22 - 2016-02-09 06:21 - 00121912 _____ () C:\Program Files\Get-a-Clip\Get-a-Clip.Config.dll
2012-07-27 22:57 - 2002-11-26 12:43 - 00106496 ____N () C:\WINDOWS\system32\BrMuSNMP.dll
2016-02-09 06:22 - 2016-02-09 06:21 - 00116208 _____ () C:\Program Files\Get-a-Clip\mflstart.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nm.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Software\Classes\.exe: exefile => <===== ATTENTION
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Software\Classes\exefile: <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\audible.com -> hxxps://www.audible.com
IE trusted site: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\doctorsimaginggroup.com -> hxxps://images.doctorsimaginggroup.com
IE trusted site: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\flaglerhospital.org -> hxxps://images.flaglerhospital.org
IE trusted site: HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\...\radmd.com -> hxxps://www.radmd.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2004-08-11 17:00 - 2014-05-06 14:20 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2007805527-2214855839-2415389009-1005\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\Front Desk\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 192.168.1.254
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
DomainProfile\AuthorizedApplications: [C:\Documents and Settings\Front Desk\Local Settings\Temp\7zS414E\OJP8500vA909_Full_14\setup\hpznui01.exe] => Enabled:hpznui01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqsudi.exe] => Enabled:hpqsudi.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqpsapp.exe] => Enabled:hpqpsapp.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxs08.exe] => Enabled:hpofxs08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqfxt08.exe] => Enabled:hpqfxt08.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqpse.exe] => Enabled:hpqpse.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\Front Desk\Local Settings\Temp\7zS414E\OJP8500vA909_Full_14\setup\hpznui01.exe] => Enabled:hpznui01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe] => Enabled:hpqtra08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe] => Enabled:hpqste08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxm08.exe] => Enabled:hpofxm08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposfx08.exe] => Enabled:hposfx08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe] => Enabled:hposid01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe] => Enabled:hpqkygrp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpfcCopy.exe] => Enabled:hpfccopy.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpzwiz01.exe] => Enabled:hpzwiz01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoews01.exe] => Enabled:hpoews01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqnrs08.exe] => Enabled:hpqnrs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpiscnapp.exe] => Enabled:hpiscnapp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe] => Enabled:hpqphotocrm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqsudi.exe] => Enabled:hpqsudi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqpsapp.exe] => Enabled:hpqpsapp.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpofxs08.exe] => Enabled:hpofxs08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqfxt08.exe] => Enabled:hpqfxt08.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqpse.exe] => Enabled:hpqpse.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgplgtupl.exe] => Enabled:hpqgplgtupl.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe] => Enabled:hpqgpc01.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusgm.exe] => Enabled:hpqusgm.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqusgh.exe] => Enabled:hpqusgh.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe] => Enabled:smartwebprintexe.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\ADBServer\rmAGenerator.exe] => Enabled:RMA Gen
StandardProfile\AuthorizedApplications: [C:\Program Files\Get-a-Clip\Get-a-Clip.exe] => Enabled:Get-a-Clip
StandardProfile\AuthorizedApplications: [C:\Program Files\Get-a-Clip\MFLService2.exe] => Enabled:Get-a-Clip
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
DomainProfile\GloballyOpenPorts: [427:TCP] => :LocalSubNet:Enabled:SLP_Port(427)_TCP
DomainProfile\GloballyOpenPorts: [427:UDP] => :LocalSubNet:Enabled:SLP_Port(427)_UDP
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [427:TCP] => :LocalSubNet:Enabled:SLP_Port(427)_TCP
StandardProfile\GloballyOpenPorts: [427:UDP] => :LocalSubNet:Enabled:SLP_Port(427)_UDP
StandardProfile\GloballyOpenPorts: [12005:TCP] => Enabled:Get-a-Clip
==================== Restore Points =========================
20-11-2015 21:25:20 System Checkpoint
21-11-2015 22:07:36 System Checkpoint
22-11-2015 23:26:46 System Checkpoint
23-11-2015 23:52:49 System Checkpoint
25-11-2015 03:44:06 System Checkpoint
26-11-2015 03:53:39 System Checkpoint
27-11-2015 04:19:41 System Checkpoint
28-11-2015 04:53:42 System Checkpoint
29-11-2015 05:04:49 System Checkpoint
30-11-2015 05:22:18 System Checkpoint
01-12-2015 05:22:50 System Checkpoint
02-12-2015 07:11:40 System Checkpoint
02-12-2015 21:19:08 Removed Centricity Enterprise Web 3.0 Client (SPa10)
02-12-2015 21:20:05 Removed Cisco AnyConnect VPN Client
02-12-2015 21:21:09 Removed Citrix Online Launcher
02-12-2015 21:26:44 Removed Code-X 2013
02-12-2015 21:32:44 Removed Code-X 2014
02-12-2015 21:36:59 Removed DR Systems Web Product Installation
02-12-2015 21:40:39 Removed HP Officejet 6500 E710a-f Product Improvement Study
02-12-2015 21:41:12 Removed HP Officejet 6500 E710n-z Help
02-12-2015 21:41:43 Removed HP Officejet 6500 E710n-z Product Improvement Study
02-12-2015 21:54:18 Removed HP Officejet 6500 E710a-f Help
02-12-2015 22:20:28 Removed MPM
02-12-2015 22:34:04 Removed HP Officejet Pro 8600 Basic Device Software
02-12-2015 22:36:20 Removed HP Officejet Pro 8600 Help
02-12-2015 22:37:01 Removed HP Officejet Pro 8600 Product Improvement Study
02-12-2015 22:41:08 Removed HP Photosmart Essential
02-12-2015 22:41:40 Removed HP Product Detection
02-12-2015 22:42:32 Removed HP Update.
02-12-2015 22:43:44 Removed MSN Toolbar
03-12-2015 23:28:05 System Checkpoint
04-12-2015 23:52:29 System Checkpoint
06-12-2015 01:18:35 System Checkpoint
07-12-2015 01:52:25 System Checkpoint
08-12-2015 01:52:47 System Checkpoint
09-12-2015 02:51:24 System Checkpoint
09-12-2015 03:00:36 Software Distribution Service 3.0
10-12-2015 04:03:55 System Checkpoint
11-12-2015 04:20:24 System Checkpoint
12-12-2015 04:55:55 System Checkpoint
13-12-2015 05:55:53 System Checkpoint
14-12-2015 07:43:40 System Checkpoint
15-12-2015 08:20:02 System Checkpoint
16-12-2015 08:32:03 System Checkpoint
17-12-2015 09:08:37 System Checkpoint
18-12-2015 09:56:37 System Checkpoint
19-12-2015 11:01:09 System Checkpoint
20-12-2015 11:21:19 System Checkpoint
21-12-2015 13:36:56 System Checkpoint
22-12-2015 17:00:21 System Checkpoint
23-12-2015 18:44:07 System Checkpoint
24-12-2015 19:20:34 System Checkpoint
25-12-2015 20:20:35 System Checkpoint
26-12-2015 22:00:33 System Checkpoint
27-12-2015 22:49:30 System Checkpoint
29-12-2015 01:04:17 System Checkpoint
30-12-2015 01:22:27 System Checkpoint
31-12-2015 01:41:07 System Checkpoint
01-01-2016 02:55:33 System Checkpoint
02-01-2016 03:41:02 System Checkpoint
03-01-2016 03:41:22 System Checkpoint
04-01-2016 06:35:50 System Checkpoint
05-01-2016 07:28:15 System Checkpoint
06-01-2016 07:40:31 System Checkpoint
07-01-2016 08:00:11 System Checkpoint
08-01-2016 18:19:05 System Checkpoint
09-01-2016 22:00:38 System Checkpoint
10-01-2016 23:07:09 System Checkpoint
12-01-2016 00:06:08 System Checkpoint
13-01-2016 00:54:03 System Checkpoint
13-01-2016 03:00:20 Software Distribution Service 3.0
14-01-2016 03:42:04 System Checkpoint
15-01-2016 04:54:06 System Checkpoint
16-01-2016 05:54:08 System Checkpoint
17-01-2016 06:42:09 System Checkpoint
18-01-2016 07:26:51 System Checkpoint
19-01-2016 07:35:51 System Checkpoint
20-01-2016 07:58:57 System Checkpoint
21-01-2016 08:00:26 System Checkpoint
22-01-2016 08:53:10 System Checkpoint
23-01-2016 09:45:46 System Checkpoint
24-01-2016 10:45:49 System Checkpoint
25-01-2016 11:06:10 System Checkpoint
26-01-2016 11:45:46 System Checkpoint
27-01-2016 16:33:52 System Checkpoint
28-01-2016 21:19:39 System Checkpoint
30-01-2016 01:19:16 System Checkpoint
31-01-2016 02:31:23 System Checkpoint
01-02-2016 03:11:14 System Checkpoint
02-02-2016 07:23:23 System Checkpoint
03-02-2016 08:19:56 System Checkpoint
04-02-2016 09:45:41 System Checkpoint
05-02-2016 20:08:20 System Checkpoint
06-02-2016 20:52:29 System Checkpoint
08-02-2016 00:09:22 System Checkpoint
09-02-2016 00:21:46 System Checkpoint
10-02-2016 00:33:28 System Checkpoint
10-02-2016 11:06:29 Software Distribution Service 3.0
10-02-2016 12:12:13 Software Distribution Service 3.0
11-02-2016 12:40:49 System Checkpoint
12-02-2016 14:22:50 System Checkpoint
13-02-2016 18:28:22 System Checkpoint
14-02-2016 18:54:30 System Checkpoint
15-02-2016 23:55:25 System Checkpoint
17-02-2016 00:16:24 System Checkpoint
18-02-2016 00:16:32 System Checkpoint
==================== Faulty Device Manager Devices =============
Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/18/2016 02:53:57 PM) (Source: Ci) (EventID: 4124) (User: )
Description: Content index on c:\system volume information\catalog.wci is corrupt. Please shutdown and restart
the Indexing Service (cisvc).
Error: (02/18/2016 02:53:54 PM) (Source: Ci) (EventID: 4126) (User: )
Description: Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci. Index will
be automatically restored by refiltering all documents.
Error: (02/18/2016 02:47:30 PM) (Source: COM+) (EventID: 4691) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)
Error: (02/18/2016 02:47:30 PM) (Source: MSDTC) (EventID: 4112) (User: )
Description: Could not start the MS DTC Transaction Manager.
Error: (02/18/2016 02:47:30 PM) (Source: MSDTC) (EventID: 4185) (User: )
Description: MS DTC Transaction Manager start failed. LogInit returned error 0x2.
Error: (02/18/2016 02:47:30 PM) (Source: MSDTC) (EventID: 4163) (User: )
Description: MS DTC log file not found. After ensuring that all Resource Managers coordinated by MS DTC have no indoubt transactions, please run msdtc -resetlog to create the log file.
Error: (02/18/2016 02:46:58 PM) (Source: Credant EMS) (EventID: 4096) (User: )
Description: EMS Critical Error: [EmsService] Error [0x0000045a] while creating and starting PCS! "Could not load ProcessConnector library!"
Error: (02/18/2016 11:42:58 AM) (Source: Ci) (EventID: 4124) (User: )
Description: Content index on c:\system volume information\catalog.wci is corrupt. Please shutdown and restart
the Indexing Service (cisvc).
Error: (02/18/2016 11:42:55 AM) (Source: Ci) (EventID: 4126) (User: )
Description: Cleaning up corrupt content index metadata on c:\system volume information\catalog.wci. Index will
be automatically restored by refiltering all documents.
Error: (02/18/2016 11:38:14 AM) (Source: COM+) (EventID: 4691) (User: )
Description: The run-time environment was unable to initialize for transactions required to support transactional components. Make sure that MS-DTC is running. (DtcGetTransactionManagerEx(): hr = 0x8004d01b)
System errors:
=============
Error: (02/18/2016 02:47:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
Error: (02/18/2016 11:38:13 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
Error: (02/18/2016 10:48:37 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
Error: (02/18/2016 10:38:44 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
Error: (02/16/2016 04:14:01 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Distributed Transaction Coordinator service terminated with service-specific error 3221229584 (0xC0001010).
Error: (02/16/2016 04:10:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MFL Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/16/2016 04:10:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/16/2016 04:10:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (02/16/2016 04:10:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Wave UCSPlus service terminated unexpectedly. It has done this 1 time(s).
Error: (02/16/2016 04:10:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T7100 @ 1.80GHz
Percentage of memory in use: 29%
Total physical RAM: 2038.04 MB
Available physical RAM: 1431 MB
Total Virtual: 3406.14 MB
Available Virtual: 2961.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.73 GB) (Free:79.01 GB) NTFS ==>[drive with boot components (Windows XP)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=63 MB) - (Type=DE)
Partition 2: (Active) - (Size=111.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================