Jump to content

medic04

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I was sent from the Help topic because they found possible malware infection. I'm a home user and not a tech person at all. The Malware Bytes box comes up in the bottom corner as complete, with malware present (pups) quarantined those. Then there's a pop up that says "Scanner failed with error code 20034". Been having a lot of freezing and other issues. Took it to Office Depot which found one threat (paperwork didn't say what it was) seemed to do more harm than good. Thanks in advance for the help FRST.txt Addition.txt CheckResults.txt report.html
  2. I'm a home user and not a tech person at all. The Malware Bytes box comes up in the bottom corner as complete, with malware present (pups) quarantined those. Then there's a pop up that says "Scanner failed with error code 20034". Thanks in advance for the help FRST.txt Addition.txt CheckResults.txt
  3. Sorry about leaving the checkresults file out. That was an over site on my part. I went ahead and redid all the scans after completing the chkdsk. Also just an FYI if the mods if you don't want people copying and pasting the logs they should take it out of the directions that come with downloading the logs and sending them back. Just in case you weren't aware of it. Root AdminPosted 08 April 2014 - 08:34 AM If you're having issues with the Malwarebytes Anti-Malware 2 program or if one of the Staff or Honorary Members have asked you to run some Diagnostic Logs to help us to help you better then please do the following and post back the logs in your original topic posting. Please be patient and give helpers or Staff time to read and reply to your logs. If no one has replied within 24 hours to your post after you've posted your logs then please send a private message either to the one that requested you to post the log or to one of the Staff Moderators or Administrators for review and follow-up. Log Set 1 Please download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.In many cases the logs are too large to post and in those cases you should attach the file if needed.Click on the More Reply Options button, then click on the Browse button to locate your log then click the Attach button to attach the log to your post.I'm well aware that you do this on your own free time and appreciate it very much. This might help with any future conflicts. medic04 Addition.txt FRST.txt CheckResults.txt
  4. Addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01 Ran by Michelle at 2014-07-08 20:29:04 Running from C:\Users\Michelle\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} ==================== Installed Programs ====================== 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated) Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop Lightroom 4.3 64-bit (HKLM\...\{D759947B-8C5A-4480-B0DB-FC391F061C85}) (Version: 4.3.1 - Adobe) Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated) Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Backup Assistant Plus (HKLM-x32\...\Backup Assistant Plus) (Version: - Verizon Wireless) BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden BuzzSearch 2013.11.07.232809 (HKLM\...\BuzzSearch) (Version: 2013.11.07.232809 - BuzzSearch) <==== ATTENTION CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.) Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.) Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.) Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform) D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs) EasySetPackage (HKLM-x32\...\{266725C1-716F-43AC-BBFB-4201131ED656}) (Version: 2.4 - LG Soft India) Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.) Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden FBDownloader IE Add-on (x32 Version: 1.0.3 - HTTO Group, Ltd) Hidden ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard) HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard) HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard) HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard) HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP) HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard) HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation) iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.) Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab) Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Works 6-9 Converter (HKLM-x32\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0621 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility) Motorola Device Software Update (x32 Version: 13.02.1402 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0 - Motorola Inc.) Hidden Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org) opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden PC Pitstop Download Nitro 1.5.0.0 (HKLM-x32\...\PC Pitstop Download Nitro_is1) (Version: 1.5.0.0 - PC Pitstop, LLC) PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc) Perfect Effects 4.0.4 (HKLM-x32\...\{42FB8FF5-FBFD-4690-A5A8-75A6C94D7D0B}) (Version: 4.0.4 - onOne Software) Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software) Photomatix Pro version 4.2.3 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.3 - HDRsoft Sarl) Picturenaut 3.2 (HKLM\...\{7BDD99A3-CCDD-41DE-8B86-F636B95ADBBF}) (Version: 3.2.0.1698 - Marc M.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Radialpoint Security Advisor 2.5.15 (x32 Version: 2.5.15 - Radialpoint SafeCare Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2380.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Seagate Manager Installer (HKLM-x32\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate) Seagate Manager Installer (x32 Version: 2.02.0109 - Seagate) Hidden SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC) Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC) TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden Ultra File Opener (HKCU\...\Ultra File Opener) (Version: 4.1.3.78 - CompuClever Systems Inc.) Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{FC4DE34E-DA9E-4F02-9837-2E65F73A0234}) (Version: 1.11.0305 - Samsung Electronics Co., Ltd.) VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.3.64 - VeriSign) VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.) WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{EC39CC32-E144-42E4-9A59-53C20B408BDE}) (Version: 1.5.4 - Western Digital) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Ralink Technology, Corp. (netr28x) Net (11/14/2011 3.02.07.0000) (HKLM\...\5C3D8D507E2CC48CF2BA058331D0647D4B4FA2E5) (Version: 11/14/2011 3.02.07.0000 - Ralink Technology, Corp.) Windows Driver Package - Realtek (RTL8167) Net (06/12/2012 7.061.0612.2012) (HKLM\...\D7AE157A02BBDD2AFDC7ACDBE7652D398B0B265E) (Version: 06/12/2012 7.061.0612.2012 - Realtek) Windows Driver Package - Realtek (RTL8167) Net (11/23/2011 7.050.1123.2011) (HKLM\...\93D0B653D730EB57C01C763D1BE4E63ABC9204F0) (Version: 11/23/2011 7.050.1123.2011 - Realtek) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/27/2012 6.0.1.6602) (HKLM\...\C543BFEF10EAA83E7C100705911081C7D90E1D04) (Version: 03/27/2012 6.0.1.6602 - Realtek Semiconductor Corp.) Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) (HKLM\...\7B8CB01A84E3456C95B732366C105F2FCDA598A5) (Version: 06/19/2012 6.0.1.6662 - Realtek Semiconductor Corp.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windstream Diagnostic Tools 3.0.21 (x32 Version: 3.0.21 - Windstream) Hidden Windstream Service Agent 4.1.15 (HKLM-x32\...\RadialpointClientGateway_is1) (Version: 4.1.15 - Windstream) Wsys Control 15.2.1.2652 (HKLM-x32\...\WsysControl) (Version: 15.2.1.2652 - Wsys Co., Ltd.) <==== ATTENTION Zip Opener Packages (HKCU\...\Zip Opener Packages) (Version: - ) <==== ATTENTION ==================== Restore Points ========================= 04-07-2014 08:58:44 Windows Update ==================== Hosts content: ========================== 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0177AC78-46DF-4E76-AA2F-57C417234A17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {03745A5E-1A6F-4762-8BA1-E27EEA2EDDC2} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {0A4C7C1D-788E-4348-9FA3-004C6A19A108} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {0D2318CC-E3A2-45F4-9D4E-4158CBF11FAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated) Task: {1996E139-BDF5-4C00-825B-9E70C6C3BB3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard) Task: {20B6DA75-07D8-4C9A-A1D0-D5D5289B948A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {274C0867-5E4B-4381-8B1F-BB51E47A4DD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {2EC9819B-76EE-438E-8D8F-C66E0968F22B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {3EC17CF9-0761-48C6-92BE-86D2CDBDEF76} - System32\Tasks\HPCeeScheduleForMICHELLE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {43123A7A-8FA7-448A-85AE-2A8F409F64F8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {64E54F49-7363-406D-BB97-90D79B5F9D62} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {69ED3F7E-D7A4-4B42-A96F-2521E3B609D5} - System32\Tasks\DigitalSite => C:\Users\Michelle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {71DAEF60-F8F6-40ED-A4C6-993E5EE4CE39} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe Task: {815AFB55-3355-4046-8A05-BB298AE999C4} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] () Task: {86C485FB-7EAA-4DE8-875B-7EB8A6E14B05} - System32\Tasks\{90A606A7-CB46-4F4E-9B9F-B137210DCFA2} => C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2009-12-22] () Task: {8BAF9B2B-7666-47C6-A088-260897166426} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {A61F9425-BD00-4E42-825E-DC11D04435C9} - System32\Tasks\AdobeAAMUpdater-1.0-Michelle-HP-Michelle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated) Task: {BA694611-8F59-491F-8248-FE6AC6953011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.) Task: {C8059735-69C5-4FFE-97CF-D364AAF2D793} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {D3EC79EC-C823-46B4-A1A3-E2BDD69ED77E} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] () Task: {ED3FB23F-AD0D-4288-9FD6-571A2DD571A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {F529EC9A-7D8E-4628-8C75-5E9CD5E20FF7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {FB595E38-B14D-4E97-8969-FCAF586936D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.) Task: {FF043871-DAA1-457A-B634-E237C858D220} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Michelle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForMICHELLE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2012-03-02 19:29 - 2009-12-04 18:15 - 00062976 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK64.dll 2012-08-20 04:18 - 2012-08-20 04:18 - 07065224 _____ () C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe 2012-03-02 19:29 - 2009-12-22 13:30 - 00159744 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe 2012-03-02 19:29 - 2009-12-22 13:31 - 00024576 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe 2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe 2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-08-17 21:39 - 2013-07-09 00:54 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll 2013-03-25 15:44 - 2013-03-25 15:44 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2012-03-02 19:29 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 00684032 _____ () C:\Program Files\Backup Assistant Plus\libexpat.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 00466975 _____ () C:\Program Files\Backup Assistant Plus\sqlite3.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 00310272 _____ () C:\Program Files\Backup Assistant Plus\swscale-2.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 00142848 _____ () C:\Program Files\Backup Assistant Plus\avutil-51.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 13766656 _____ () C:\Program Files\Backup Assistant Plus\avcodec-54.dll 2012-08-20 04:17 - 2012-08-20 04:17 - 02535936 _____ () C:\Program Files\Backup Assistant Plus\avformat-54.dll 2012-03-02 19:29 - 2009-12-22 13:30 - 00012288 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll 2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll 2011-01-17 17:19 - 2012-02-27 23:48 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2014-06-18 00:14 - 2014-06-18 00:15 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2012-03-02 19:29 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\Hook.dll 2014-06-16 23:02 - 2014-06-16 23:02 - 17024688 ____N () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:373E1720 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service" ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/07/2014 10:54:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WLXPhotoGallery.exe version 15.4.3555.308 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1f08 Start Time: 01cf9a57e00aa1e2 Termination Time: 8 Application Path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe Report Id: 26ee1316-064b-11e4-9644-386077bed594 Error: (07/01/2014 08:52:54 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2b28 Start Time: 01cf942a74470715 Termination Time: 4 Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Report Id: Error: (06/25/2014 06:38:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/24/2014 11:10:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/24/2014 04:51:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/23/2014 09:56:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/23/2014 06:14:35 AM) (Source: Family Tree Maker) (EventID: 100) (User: ) Description: Timestamp: 23-Jun-14 10:14:35 AM Message: HandlingInstanceID: ee404b79-c4f1-4e3d-a93e-0108c5425922 An exception of type 'System.ServiceModel.EndpointNotFoundException' occurred and was caught. --------------------------------------------------------------------------------------------- 06/23/2014 06:14:35 Type : System.ServiceModel.EndpointNotFoundException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : There was no endpoint listening at http://service.familytreemaker.com/OhanaService/LocatorService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. Source : mscorlib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) HResult : -2146233087 Stack Trace : Server stack trace: at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream() at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data) at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data) at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute() Additional Info: MachineName : MICHELLE-HP TimeStamp : 23-Jun-14 10:14:35 AM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4 AppDomainName : FTM.exe ThreadIdentity : Michelle-HP\Michelle WindowsIdentity : Michelle-HP\Michelle Inner Exception --------------- Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : Unable to connect to the remote server Source : System Help link : Status : ConnectFailure Response : Data : System.Collections.ListDictionaryInternal TargetSite : System.IO.Stream GetRequestStream(System.Net.TransportContext ByRef) HResult : -2146233079 Stack Trace : at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream() Inner Exception --------------- Type : System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : No connection could be made because the target machine actively refused it 72.52.11.79:80 Source : System Help link : ErrorCode : 10061 SocketErrorCode : ConnectionRefused NativeErrorCode : 10061 Data : System.Collections.ListDictionaryInternal TargetSite : Void DoConnect(System.Net.EndPoint, System.Net.SocketAddress) HResult : -2147467259 Stack Trace : at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) Category: Exception Priority: 0 EventId: 100 Severity: Error Title:FTM Exception Handling Machine: MICHELLE-HP Application Domain: FTM.exe Process Id: 6768 Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe Win32 Thread Id: 5848 Thread Name: Extended Properties: Error: (06/23/2014 02:14:44 AM) (Source: Family Tree Maker) (EventID: 100) (User: ) Description: Timestamp: 23-Jun-14 6:14:44 AM Message: HandlingInstanceID: aeb87117-1873-4a6a-bcca-1c91384a41ea An exception of type 'System.TimeoutException' occurred and was caught. ----------------------------------------------------------------------- 06/23/2014 02:14:44 Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The request channel timed out while waiting for a reply after 00:00:29.8419909. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. Source : mscorlib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) HResult : -2146233083 Stack Trace : Server stack trace: at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data) at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data) at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute() Additional Info: MachineName : MICHELLE-HP TimeStamp : 23-Jun-14 6:14:44 AM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4 AppDomainName : FTM.exe ThreadIdentity : Michelle-HP\Michelle WindowsIdentity : Michelle-HP\Michelle Inner Exception --------------- Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The HTTP request to 'http://service.familytreemaker.com/OhanaService/LocatorService.svc' has exceeded the allotted timeout of 00:00:29.9880000. The time allotted to this operation may have been a portion of a longer timeout. Source : System.ServiceModel Help link : Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.HttpWebResponse ProcessGetResponseWebException(System.Net.WebException, System.Net.HttpWebRequest, System.ServiceModel.Channels.HttpAbortReason) HResult : -2146233083 Stack Trace : at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) Inner Exception --------------- Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The operation has timed out Source : System Help link : Status : Timeout Response : Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.WebResponse GetResponse() HResult : -2146233079 Stack Trace : at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) Category: Exception Priority: 0 EventId: 100 Severity: Error Title:FTM Exception Handling Machine: MICHELLE-HP Application Domain: FTM.exe Process Id: 6768 Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe Win32 Thread Id: 5848 Thread Name: Extended Properties: Error: (06/22/2014 02:45:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/21/2014 07:43:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 System errors: ============= Error: (06/27/2014 05:05:20 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 17:03:38 on ‎27/‎06/‎2014 was unexpected. Error: (06/19/2014 07:31:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 19:29:28 on ‎19/‎06/‎2014 was unexpected. Error: (06/12/2014 03:01:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Garmin Core Update Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (06/09/2014 02:22:41 AM) (Source: volsnap) (EventID: 27) (User: ) Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened. Error: (06/09/2014 02:22:39 AM) (Source: volsnap) (EventID: 27) (User: ) Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened. Error: (06/09/2014 02:16:57 AM) (Source: volsnap) (EventID: 25) (User: ) Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. Error: (05/21/2014 05:58:58 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. Error: (05/21/2014 05:57:06 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. Error: (05/21/2014 05:53:57 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. Error: (05/21/2014 05:50:41 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS. Microsoft Office Sessions: ========================= Error: (07/07/2014 10:54:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: WLXPhotoGallery.exe15.4.3555.3081f0801cf9a57e00aa1e28C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe26ee1316-064b-11e4-9644-386077bed594 Error: (07/01/2014 08:52:54 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: mbam.exe1.0.0.5322b2801cf942a744707154C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe Error: (06/25/2014 06:38:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/24/2014 11:10:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/24/2014 04:51:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/23/2014 09:56:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/23/2014 06:14:35 AM) (Source: Family Tree Maker) (EventID: 100) (User: ) Description: Timestamp: 23-Jun-14 10:14:35 AM Message: HandlingInstanceID: ee404b79-c4f1-4e3d-a93e-0108c5425922 An exception of type 'System.ServiceModel.EndpointNotFoundException' occurred and was caught. --------------------------------------------------------------------------------------------- 06/23/2014 06:14:35 Type : System.ServiceModel.EndpointNotFoundException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : There was no endpoint listening at http://service.familytreemaker.com/OhanaService/LocatorService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details. Source : mscorlib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) HResult : -2146233087 Stack Trace : Server stack trace: at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream() at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data) at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data) at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute() Additional Info: MachineName : MICHELLE-HP TimeStamp : 23-Jun-14 10:14:35 AM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4 AppDomainName : FTM.exe ThreadIdentity : Michelle-HP\Michelle WindowsIdentity : Michelle-HP\Michelle Inner Exception --------------- Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : Unable to connect to the remote server Source : System Help link : Status : ConnectFailure Response : Data : System.Collections.ListDictionaryInternal TargetSite : System.IO.Stream GetRequestStream(System.Net.TransportContext ByRef) HResult : -2146233079 Stack Trace : at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) at System.Net.HttpWebRequest.GetRequestStream() at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream() Inner Exception --------------- Type : System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : No connection could be made because the target machine actively refused it 72.52.11.79:80 Source : System Help link : ErrorCode : 10061 SocketErrorCode : ConnectionRefused NativeErrorCode : 10061 Data : System.Collections.ListDictionaryInternal TargetSite : Void DoConnect(System.Net.EndPoint, System.Net.SocketAddress) HResult : -2147467259 Stack Trace : at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress) at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception) Category: Exception Priority: 0 EventId: 100 Severity: Error Title:FTM Exception Handling Machine: MICHELLE-HP Application Domain: FTM.exe Process Id: 6768 Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe Win32 Thread Id: 5848 Thread Name: Extended Properties: Error: (06/23/2014 02:14:44 AM) (Source: Family Tree Maker) (EventID: 100) (User: ) Description: Timestamp: 23-Jun-14 6:14:44 AM Message: HandlingInstanceID: aeb87117-1873-4a6a-bcca-1c91384a41ea An exception of type 'System.TimeoutException' occurred and was caught. ----------------------------------------------------------------------- 06/23/2014 02:14:44 Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The request channel timed out while waiting for a reply after 00:00:29.8419909. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout. Source : mscorlib Help link : Data : System.Collections.ListDictionaryInternal TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) HResult : -2146233083 Stack Trace : Server stack trace: at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data) at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data) at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute() Additional Info: MachineName : MICHELLE-HP TimeStamp : 23-Jun-14 6:14:44 AM FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4 AppDomainName : FTM.exe ThreadIdentity : Michelle-HP\Michelle WindowsIdentity : Michelle-HP\Michelle Inner Exception --------------- Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The HTTP request to 'http://service.familytreemaker.com/OhanaService/LocatorService.svc' has exceeded the allotted timeout of 00:00:29.9880000. The time allotted to this operation may have been a portion of a longer timeout. Source : System.ServiceModel Help link : Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.HttpWebResponse ProcessGetResponseWebException(System.Net.WebException, System.Net.HttpWebRequest, System.ServiceModel.Channels.HttpAbortReason) HResult : -2146233083 Stack Trace : at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason) at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) Inner Exception --------------- Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Message : The operation has timed out Source : System Help link : Status : Timeout Response : Data : System.Collections.ListDictionaryInternal TargetSite : System.Net.WebResponse GetResponse() HResult : -2146233079 Stack Trace : at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) Category: Exception Priority: 0 EventId: 100 Severity: Error Title:FTM Exception Handling Machine: MICHELLE-HP Application Domain: FTM.exe Process Id: 6768 Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe Win32 Thread Id: 5848 Thread Name: Extended Properties: Error: (06/22/2014 02:45:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 Error: (06/21/2014 07:43:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80004005 CodeIntegrity Errors: =================================== Date: 2014-07-04 05:03:15.329 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-04 05:03:15.313 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-04 05:03:15.298 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-04 05:03:15.267 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-04 05:03:15.251 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-04 05:03:15.235 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-28 00:49:45.704 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-28 00:49:45.702 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-28 00:49:45.700 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-06-28 00:49:45.690 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Percentage of memory in use: 35% Total physical RAM: 8098.52 MB Available physical RAM: 5230.61 MB Total Pagefile: 16195.21 MB Available Pagefile: 13211.42 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1846.24 GB) (Free:1008.71 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:16.68 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive k: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1099.83 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BE457667) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=-216638947328) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS) ======================================================== Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107) Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS) ==================== End Of Log ============================
  5. They should have called it the Fubar Recovery system since that seems to be where I am The CheckResults.txt wasn't mentioned in the how to when I downloaded it and wasn't anywhere I could find in the program. The other two files popped up on their own. Wish I was more tech savvy. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Michelle (administrator) on MICHELLE-HP on 08-07-2014 20:28:31 Running from C:\Users\Michelle\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (WDC) C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (PC Pitstop, LLC) C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe () C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe (Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Samsung Electronices Co., Ltd.) C:\Users\Michelle\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe (InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe (Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Windstream) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe (Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe (TODO: <Company name>) C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESP64Proxy.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE () Q:\140066.enu\Office14\WINWORDC.EXE () C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe () Q:\140066.ENU\OFFICE14\OffSpon.EXE (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe [4244888 2011-12-15] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc) HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation) HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.) HKLM-x32\...\Run: [Windstream Service Agent.exe] => C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe [10204472 2011-10-14] (Windstream) HKLM-x32\...\Run: [DiagnosticTools.exe] => C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe [2037048 2011-04-25] (Windstream) HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-27] (Hewlett-Packard) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [Download Nitro] => C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe [3581160 2011-12-21] (PC Pitstop, LLC) HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [iSUSPM Startup] => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation) HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe [7065224 2012-08-20] () HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries) HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\MountPoints2: {ea0372dc-a1ae-11e2-9155-386077bed594} - K:\MotoCastSetup.exe -a Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk ShortcutTarget: EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Utility Application.lnk ShortcutTarget: Launch Utility Application.lnk -> C:\Users\Michelle\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe (Samsung Electronices Co., Ltd.) Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} URLSearchHook: HKCU - (No Name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No File StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} SearchScopes: HKLM - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms} SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms} SearchScopes: HKLM-x32 - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms} SearchScopes: HKCU - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF SearchScopes: HKCU - {D1EA8951-8539-4F75-9BA5-D083C77BD2B9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3295790&CUI=UN34519891102231928&UM=2 SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms} BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard) BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: FBDownloader BHO - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab Tcpip\Parameters: [DhcpNameServer] 192.168.254.254 FireFox: ======== FF ProfilePath: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461 FF Homepage: https://mail.google.com/mail/u/0/#inbox FF Keyword.URL: user_pref("keyword.URL", ""); FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @radialpoint.com/SPA,version=1 - C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @radialpoint.com/SPA,version=1 - C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\searchplugins\conduit.xml FF Extension: Viral Tube Community Toolbar - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\7de9vt2v.default\Extensions\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} [2012-07-15] FF Extension: BuzzSearch - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\7de9vt2v.default\Extensions\firefox@mybuzzsearch.com.xpi [2013-11-07] FF Extension: Garmin Communicator - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-12-29] FF Extension: appmarket - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{9d84f755-b891-4a4d-95c8-f6d01108a008} [2014-07-02] FF Extension: HP Detect - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-10-01] FF Extension: BuzzSearch - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\firefox@mybuzzsearch.com.xpi [2013-11-07] FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-06-18] FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-06-18] FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-25] FF HKLM-x32\...\Firefox\Extensions: [fbdownloader@KMcore] - C:\Program Files (x86)\SDIV 2.0\Lib\xpi FF Extension: fbdownloader - C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012-03-02] FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27] FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27] FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-07-09] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-07-09] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-07-09] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-07-09] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-07-09] FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-25] ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO) S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed] S3 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed] R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed] S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard) R2 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144 2013-03-25] (Motorola Mobility LLC) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed] S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed] R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] R2 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-14] (Radialpoint SafeCare Inc.) R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2011-12-05] (Symantec Corporation) R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [319384 2011-12-15] (WDC) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital) S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1977224 2011-12-15] (Western Digital ) S3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338264 2011-12-15] (Western Digital ) ==================== Drivers (Whitelisted) ==================== U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-09] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-09] (Kaspersky Lab ZAO) S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2009-12-22] (LG Soft India) [File not signed] S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19456 2009-12-22] (LG Soft India) [File not signed] S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-27] () S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-08 20:28 - 2014-07-08 20:28 - 00031448 _____ () C:\Users\Michelle\Desktop\FRST.txt 2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\FRST 2014-07-08 20:27 - 2014-07-08 20:27 - 02084352 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe 2014-07-08 12:15 - 2014-07-08 12:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michelle\Desktop\mbam-clean-2.1.1.1001.exe 2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CD072B51-E0C2-4423-9089-30E383E04D04} 2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{44F10827-C396-44C7-96C3-AFC4FD0C70ED} 2014-06-27 18:46 - 2014-06-27 18:46 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CED026FD-EA48-4120-8C91-B834221B7A20} 2014-06-19 15:22 - 2014-06-19 15:22 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{FDFCA89D-C0C7-4457-BB3D-41A1EAD1B05A} 2014-06-18 00:14 - 2014-06-18 00:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-17 02:00 - 2014-06-24 02:20 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Adobe 2014-06-12 03:02 - 2014-06-12 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-06-10 23:43 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-10 23:43 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-10 23:43 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-10 23:43 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-10 23:43 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-10 23:43 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-10 23:43 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-10 23:43 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-10 23:43 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-10 23:43 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-10 23:43 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-10 23:43 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-10 23:43 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-10 23:43 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-10 23:43 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-10 23:43 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-10 23:43 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-10 23:43 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-10 23:43 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-10 23:43 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-10 23:43 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-10 23:43 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-10 23:43 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-10 23:43 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-10 23:43 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-10 23:43 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-10 23:43 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-10 23:43 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-10 23:43 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-10 23:43 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-10 23:43 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-10 23:43 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-10 23:43 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-10 23:43 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-10 23:43 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-10 23:43 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-10 23:43 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-10 23:43 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-10 23:43 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-10 23:43 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-10 23:43 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-10 23:43 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-10 23:43 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-10 23:43 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-10 23:43 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-10 23:43 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-10 23:43 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-10 23:43 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-10 23:43 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-10 23:43 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-10 23:43 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-10 23:43 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-10 23:43 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-10 23:43 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-10 23:43 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-10 23:43 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-10 23:43 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-10 23:43 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-10 23:43 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-10 23:43 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-10 23:43 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-10 23:43 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-10 23:43 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-10 23:43 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-10 23:41 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-10 23:41 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-09 02:22 - 2014-07-08 12:17 - 00013952 _____ () C:\Windows\PFRO.log 2014-06-09 02:12 - 2014-06-20 23:32 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-09 00:33 - 2014-06-09 00:33 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{A626BA91-B0B4-4F61-8A0B-EC4C6E6FD37F} 2014-06-08 00:07 - 2014-06-08 00:07 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{5F67D7E1-4A2D-4C0C-A933-A2C0568C012C} ==================== One Month Modified Files and Folders ======= 2014-07-08 20:28 - 2014-07-08 20:28 - 00031448 _____ () C:\Users\Michelle\Desktop\FRST.txt 2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\FRST 2014-07-08 20:27 - 2014-07-08 20:27 - 02084352 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe 2014-07-08 20:27 - 2012-08-15 17:55 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Free Download Manager 2014-07-08 20:26 - 2013-04-18 00:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 20:26 - 2013-04-18 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 20:26 - 2013-04-18 00:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-08 20:26 - 2013-04-18 00:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-08 20:26 - 2013-01-17 15:23 - 00000000 ____D () C:\ProgramData\Radialpoint 2014-07-08 20:23 - 2013-10-01 22:40 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-08 20:17 - 2013-09-15 22:17 - 00000304 _____ () C:\Windows\Tasks\DigitalSite.job 2014-07-08 19:43 - 2012-02-24 19:20 - 01808268 _____ () C:\Windows\WindowsUpdate.log 2014-07-08 18:34 - 2013-07-07 03:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-07-08 16:18 - 2012-02-24 19:33 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DF63E44-9F23-40AC-96E1-C90D2BFAD595} 2014-07-08 15:23 - 2013-10-01 22:40 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-08 12:25 - 2009-07-14 01:13 - 00783360 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-08 12:25 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-08 12:25 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-08 12:18 - 2013-04-10 08:54 - 00000000 ____D () C:\Temp 2014-07-08 12:17 - 2014-06-09 02:22 - 00013952 _____ () C:\Windows\PFRO.log 2014-07-08 12:17 - 2014-05-21 18:18 - 00006341 _____ () C:\Windows\setupact.log 2014-07-08 12:17 - 2012-03-13 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-08 12:17 - 2012-02-24 20:26 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\SoftGrid Client 2014-07-08 12:17 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-08 12:15 - 2014-07-08 12:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michelle\Desktop\mbam-clean-2.1.1.1001.exe 2014-07-08 03:11 - 2013-10-18 00:09 - 00000000 ____D () C:\Users\Michelle\Documents\Family Tree Maker 2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CD072B51-E0C2-4423-9089-30E383E04D04} 2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{44F10827-C396-44C7-96C3-AFC4FD0C70ED} 2014-07-06 14:50 - 2012-02-26 15:52 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-07-06 14:49 - 2012-03-25 14:46 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-06-27 18:46 - 2014-06-27 18:46 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CED026FD-EA48-4120-8C91-B834221B7A20} 2014-06-27 02:28 - 2012-02-25 00:22 - 00000000 ____D () C:\Users\Michelle\Documents\Spn and Cafe Press 2014-06-24 02:20 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Adobe 2014-06-21 03:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2014-06-20 23:36 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-20 23:34 - 2012-02-29 06:09 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-20 23:32 - 2014-06-09 02:12 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-19 19:31 - 2012-05-04 08:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-19 15:22 - 2014-06-19 15:22 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{FDFCA89D-C0C7-4457-BB3D-41A1EAD1B05A} 2014-06-18 15:18 - 2013-10-01 22:40 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-18 15:18 - 2013-10-01 22:40 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-18 00:15 - 2014-06-18 00:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-12 03:03 - 2013-12-26 21:52 - 00000000 ____D () C:\ProgramData\Package Cache 2014-06-12 03:02 - 2014-06-12 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2014-06-12 03:02 - 2013-12-26 21:52 - 00000000 ____D () C:\ProgramData\Garmin 2014-06-12 03:01 - 2014-03-21 21:41 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask 2014-06-12 03:01 - 2013-12-26 21:52 - 00000000 ____D () C:\Program Files (x86)\Garmin 2014-06-10 18:43 - 2012-02-26 15:52 - 00003224 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMICHELLE-HP$ 2014-06-10 18:43 - 2012-02-26 15:52 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForMICHELLE-HP$.job 2014-06-09 02:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-06-09 00:33 - 2014-06-09 00:33 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{A626BA91-B0B4-4F61-8A0B-EC4C6E6FD37F} 2014-06-08 05:13 - 2014-06-10 23:41 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 05:08 - 2014-06-10 23:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-08 00:07 - 2014-06-08 00:07 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{5F67D7E1-4A2D-4C0C-A933-A2C0568C012C} Some content of TEMP: ==================== C:\Users\Michelle\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Michelle\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe C:\Users\Michelle\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-08 00:37 ==================== End Of Log ============================
  6. I've installed and reinstalled mbam 4 times now. The first scan went on for 36 hours on the heuristic scanning it found 293 pups all in the first two hours. Following scans more than 8 hours and I'd remove/reinstall. I used the mbam clean removal each time. I've been using mbam for years and never had a problem. I installed the free version but see people are having problems with the paid editions also. From what I'm seeing here and on the web this has been a continuos problem since the "new release". There hasn't been any resolution since the release, is there going to be?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.