The 36 hour scan

medic04 · July 8, 2014

I've installed and reinstalled mbam 4 times now. The first scan went on for 36 hours on the heuristic scanning it found 293 pups all in the first two hours. Following scans more than 8 hours and I'd remove/reinstall. I used the mbam clean removal each time. I've been using mbam for years and never had a problem. I installed the free version but see people are having problems with the paid editions also. From what I'm seeing here and on the web this has been a continuos problem since the "new release". There hasn't been any resolution since the release, is there going to be?

Firefox · July 8, 2014

Hello and :welcome:

Scan times vary for computer to computer and there are many factors that come into play as far as how long it will take. You did not mention what type of scan you performed. You mentioned that some items were detected, it could very well be those infections that could cause it to take some time.

Can you provide the scan logs so we can review them as well as the diagnostic logs below so the team can review them and see if they can tell whats going on?

Please read the following and post back the 3 requested logs - Diagnostic Logs

(the three files should be CheckResults.txt, FRST.txt and Addition.txt)Thank You,

Firefox

medic04 · July 9, 2014

They should have called it the Fubar Recovery system since that seems to be where I am The CheckResults.txt wasn't mentioned in the how to when I downloaded it and wasn't anywhere I could find in the program. The other two files popped up on their own. Wish I was more tech savvy.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Michelle (administrator) on MICHELLE-HP on 08-07-2014 20:28:31
Running from C:\Users\Michelle\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Radialpoint SafeCare Inc.) C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(PC Pitstop, LLC) C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe
() C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Samsung Electronices Co., Ltd.) C:\Users\Michelle\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Seagate LLC) C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Windstream) C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe
(Windstream) C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
(TODO: <Company name>) C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\ESP64Proxy.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() Q:\140066.enu\Office14\WINWORDC.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() Q:\140066.ENU\OFFICE14\OffSpon.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe [4244888 2011-12-15] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [iSUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [MaxMenuMgr] => C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe [185640 2009-05-01] (Seagate LLC)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [Windstream Service Agent.exe] => C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe [10204472 2011-10-14] (Windstream)
HKLM-x32\...\Run: [DiagnosticTools.exe] => C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe [2037048 2011-04-25] (Windstream)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-27] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [Download Nitro] => C:\Program Files (x86)\PCPitstop\Download Nitro\pcpitstop-nitro.exe [3581160 2011-12-21] (PC Pitstop, LLC)
HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [iSUSPM Startup] => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [196608 2004-04-17] (InstallShield Software Corporation)
HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [HLBackupScheduler] => C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe [7065224 2012-08-20] ()
HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [122200 2014-06-09] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1923585713-2837861824-2380672059-1000\...\MountPoints2: {ea0372dc-a1ae-11e2-9155-386077bed594} - K:\MotoCastSetup.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EasySetPackage.lnk
ShortcutTarget: EasySetPackage.lnk -> C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Utility Application.lnk
ShortcutTarget: Launch Utility Application.lnk -> C:\Users\Michelle\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe (Samsung Electronices Co., Ltd.)
Startup: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
URLSearchHook: HKCU - (No Name) - {93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
SearchScopes: HKLM - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.aartemis.com/web/?type=ds&ts=1385535749&from=cor&uid=HitachiXHDS723020BLA642_MN1240F32W6N2D2W6N2DX&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {278C6E9B-166B-479D-AF4F-F555F532415E} URL = http://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {D1EA8951-8539-4F75-9BA5-D083C77BD2B9} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3295790&CUI=UN34519891102231928&UM=2
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/710-111095-2958-2/4?mpre=http://www.ebay.co.uk/sch/i.html?_nkw={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: FBDownloader BHO - {553318DA-D010-469E-84B1-496563CAE1BF} - C:\Program Files (x86)\HTTO Group, Ltd\FBDownloader IE Add-on\FBDownloader.dll (HTTO Group, Ltd)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Symantec VIP Access Add-On - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {070DC617-E3B7-468B-A29C-D4E84FAE938C} http://utilities.pcpitstop.com/pctuneup2/controls/pctuneup.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254

FireFox:
========
FF ProfilePath: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461
FF Homepage: https://mail.google.com/mail/u/0/#inbox
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @radialpoint.com/SPA,version=1 - C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @radialpoint.com/SPA,version=1 - C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\searchplugins\conduit.xml
FF Extension: Viral Tube Community Toolbar - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\7de9vt2v.default\Extensions\{93c338de-5fb5-4fb5-ab4e-0eedc0bd9f3a} [2012-07-15]
FF Extension: BuzzSearch - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\7de9vt2v.default\Extensions\firefox@mybuzzsearch.com.xpi [2013-11-07]
FF Extension: Garmin Communicator - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013-12-29]
FF Extension: appmarket - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{9d84f755-b891-4a4d-95c8-f6d01108a008} [2014-07-02]
FF Extension: HP Detect - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2013-10-01]
FF Extension: BuzzSearch - C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\exw0zl2r.default-1366605944461\Extensions\firefox@mybuzzsearch.com.xpi [2013-11-07]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-06-18]
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-25]
FF HKLM-x32\...\Firefox\Extensions: [fbdownloader@KMcore] - C:\Program Files (x86)\SDIV 2.0\Lib\xpi
FF Extension: fbdownloader - C:\Program Files (x86)\SDIV 2.0\Lib\xpi [2012-03-02]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27]
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-07-09]
FF HKLM-x32\...\Firefox\Extensions: [VIP3X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-12-27]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-02-25]

==================== Services (Whitelisted) =================

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed]
S3 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [435032 2014-06-09] (Garmin Ltd or its subsidiaries)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 HsdService; C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe [1393976 2011-04-25] (Windstream)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [121144 2013-03-25] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 ServicepointService; C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe [10315064 2011-10-14] (Radialpoint SafeCare Inc.)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2011-12-05] (Symantec Corporation)
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WDDMService.exe [319384 2011-12-15] (WDC)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)
S3 WDFMEService; C:\Program Files\Western Digital\WD SmartWare\WDFME.exe [1977224 2011-12-15] (Western Digital )
S3 WDRulesService; C:\Program Files\Western Digital\WD SmartWare\WDRulesEngine.exe [1338264 2011-12-15] (Western Digital )

==================== Drivers (Whitelisted) ====================

U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-09] (Kaspersky Lab ZAO)
S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2009-12-22] (LG Soft India) [File not signed]
S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [19456 2009-12-22] (LG Soft India) [File not signed]
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-12-27] ()
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-08 20:28 - 2014-07-08 20:28 - 00031448 _____ () C:\Users\Michelle\Desktop\FRST.txt
2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\FRST
2014-07-08 20:27 - 2014-07-08 20:27 - 02084352 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
2014-07-08 12:15 - 2014-07-08 12:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michelle\Desktop\mbam-clean-2.1.1.1001.exe
2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CD072B51-E0C2-4423-9089-30E383E04D04}
2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{44F10827-C396-44C7-96C3-AFC4FD0C70ED}
2014-06-27 18:46 - 2014-06-27 18:46 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CED026FD-EA48-4120-8C91-B834221B7A20}
2014-06-19 15:22 - 2014-06-19 15:22 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{FDFCA89D-C0C7-4457-BB3D-41A1EAD1B05A}
2014-06-18 00:14 - 2014-06-18 00:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 02:00 - 2014-06-24 02:20 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Adobe
2014-06-12 03:02 - 2014-06-12 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-10 23:43 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-10 23:43 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-10 23:43 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-10 23:43 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-10 23:43 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-10 23:43 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-10 23:43 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-10 23:43 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-10 23:43 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-10 23:43 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-10 23:43 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-10 23:43 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-10 23:43 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-10 23:43 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-10 23:43 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-10 23:43 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-10 23:43 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-10 23:43 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-10 23:43 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 23:43 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-10 23:43 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-10 23:43 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-10 23:43 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-10 23:43 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-10 23:43 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-10 23:43 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-10 23:43 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-10 23:43 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-10 23:43 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-10 23:43 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-10 23:43 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-10 23:43 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-10 23:43 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-10 23:43 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-10 23:43 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-10 23:43 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-10 23:43 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-10 23:43 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-10 23:43 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-10 23:43 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-10 23:43 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-10 23:43 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-10 23:43 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-10 23:43 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-10 23:43 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-10 23:43 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-10 23:43 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-10 23:43 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-10 23:43 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-10 23:43 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-10 23:43 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-10 23:43 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-10 23:43 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-10 23:43 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-10 23:43 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-10 23:43 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-10 23:43 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-10 23:43 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-10 23:43 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-10 23:43 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 23:43 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-10 23:43 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-10 23:43 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-10 23:43 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-10 23:41 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-10 23:41 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-09 02:22 - 2014-07-08 12:17 - 00013952 _____ () C:\Windows\PFRO.log
2014-06-09 02:12 - 2014-06-20 23:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-09 00:33 - 2014-06-09 00:33 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{A626BA91-B0B4-4F61-8A0B-EC4C6E6FD37F}
2014-06-08 00:07 - 2014-06-08 00:07 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{5F67D7E1-4A2D-4C0C-A933-A2C0568C012C}

==================== One Month Modified Files and Folders =======

2014-07-08 20:28 - 2014-07-08 20:28 - 00031448 _____ () C:\Users\Michelle\Desktop\FRST.txt
2014-07-08 20:28 - 2014-07-08 20:28 - 00000000 ____D () C:\FRST
2014-07-08 20:27 - 2014-07-08 20:27 - 02084352 _____ (Farbar) C:\Users\Michelle\Desktop\FRST64.exe
2014-07-08 20:27 - 2012-08-15 17:55 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\Free Download Manager
2014-07-08 20:26 - 2013-04-18 00:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:26 - 2013-04-18 00:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 20:26 - 2013-04-18 00:26 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:26 - 2013-04-18 00:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-08 20:26 - 2013-01-17 15:23 - 00000000 ____D () C:\ProgramData\Radialpoint
2014-07-08 20:23 - 2013-10-01 22:40 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 20:17 - 2013-09-15 22:17 - 00000304 _____ () C:\Windows\Tasks\DigitalSite.job
2014-07-08 19:43 - 2012-02-24 19:20 - 01808268 _____ () C:\Windows\WindowsUpdate.log
2014-07-08 18:34 - 2013-07-07 03:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-08 16:18 - 2012-02-24 19:33 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5DF63E44-9F23-40AC-96E1-C90D2BFAD595}
2014-07-08 15:23 - 2013-10-01 22:40 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-08 12:25 - 2009-07-14 01:13 - 00783360 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-08 12:25 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-08 12:25 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-08 12:18 - 2013-04-10 08:54 - 00000000 ____D () C:\Temp
2014-07-08 12:17 - 2014-06-09 02:22 - 00013952 _____ () C:\Windows\PFRO.log
2014-07-08 12:17 - 2014-05-21 18:18 - 00006341 _____ () C:\Windows\setupact.log
2014-07-08 12:17 - 2012-03-13 14:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-08 12:17 - 2012-02-24 20:26 - 00000000 ____D () C:\Users\Michelle\AppData\Roaming\SoftGrid Client
2014-07-08 12:17 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-08 12:15 - 2014-07-08 12:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Michelle\Desktop\mbam-clean-2.1.1.1001.exe
2014-07-08 03:11 - 2013-10-18 00:09 - 00000000 ____D () C:\Users\Michelle\Documents\Family Tree Maker
2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CD072B51-E0C2-4423-9089-30E383E04D04}
2014-07-07 22:54 - 2014-07-07 22:54 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{44F10827-C396-44C7-96C3-AFC4FD0C70ED}
2014-07-06 14:50 - 2012-02-26 15:52 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-06 14:49 - 2012-03-25 14:46 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-27 18:46 - 2014-06-27 18:46 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{CED026FD-EA48-4120-8C91-B834221B7A20}
2014-06-27 02:28 - 2012-02-25 00:22 - 00000000 ____D () C:\Users\Michelle\Documents\Spn and Cafe Press
2014-06-24 02:20 - 2014-06-17 02:00 - 00000000 ____D () C:\Users\Michelle\AppData\Local\Adobe
2014-06-21 03:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 23:36 - 2013-08-14 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-20 23:34 - 2012-02-29 06:09 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-20 23:32 - 2014-06-09 02:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-19 19:31 - 2012-05-04 08:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 15:22 - 2014-06-19 15:22 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{FDFCA89D-C0C7-4457-BB3D-41A1EAD1B05A}
2014-06-18 15:18 - 2013-10-01 22:40 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 15:18 - 2013-10-01 22:40 - 00003646 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 00:15 - 2014-06-18 00:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-12 03:03 - 2013-12-26 21:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-12 03:02 - 2014-06-12 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-12 03:02 - 2013-12-26 21:52 - 00000000 ____D () C:\ProgramData\Garmin
2014-06-12 03:01 - 2014-03-21 21:41 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-06-12 03:01 - 2013-12-26 21:52 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-06-10 18:43 - 2012-02-26 15:52 - 00003224 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMICHELLE-HP$
2014-06-10 18:43 - 2012-02-26 15:52 - 00000348 _____ () C:\Windows\Tasks\HPCeeScheduleForMICHELLE-HP$.job
2014-06-09 02:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-09 00:33 - 2014-06-09 00:33 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{A626BA91-B0B4-4F61-8A0B-EC4C6E6FD37F}
2014-06-08 05:13 - 2014-06-10 23:41 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-10 23:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 00:07 - 2014-06-08 00:07 - 00000000 ____D () C:\Users\Michelle\AppData\Local\{5F67D7E1-4A2D-4C0C-A933-A2C0568C012C}

Some content of TEMP:
====================
C:\Users\Michelle\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Michelle\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe
C:\Users\Michelle\AppData\Local\Temp\sqlite-3.6.20-sqlitejdbc.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-08 00:37

==================== End Of Log ============================

medic04 · July 9, 2014

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Michelle at 2014-07-08 20:29:04
Running from C:\Users\Michelle\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 4.3 64-bit (HKLM\...\{D759947B-8C5A-4480-B0DB-FC391F061C85}) (Version: 4.3.1 - Adobe)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.07 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Assistant Plus (HKLM-x32\...\Backup Assistant Plus) (Version: - Verizon Wireless)
BCL easyConverter SDK 3 (Word Version) 64 (HKLM\...\{350CC85B-CA59-4F85-909D-8E4CDBF532FA}) (Version: 3.0.64 - BCL Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BuzzSearch 2013.11.07.232809 (HKLM\...\BuzzSearch) (Version: 2013.11.07.232809 - BuzzSearch) <==== ATTENTION
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
EasySetPackage (HKLM-x32\...\{266725C1-716F-43AC-BBFB-4201131ED656}) (Version: 2.4 - LG Soft India)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Elevated Installer (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Family Tree Maker 2014 (HKLM-x32\...\Family Tree Maker 2014) (Version: 22.0.207 - Ancestry.com, Inc.)
Family Tree Maker 2014 (Version: 22.0.207 - Ancestry.com, Inc.) Hidden
FBDownloader IE Add-on (x32 Version: 1.0.3 - HTTO Group, Ltd) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Garmin Express (HKLM-x32\...\{55ae01f2-f0a8-4342-a9cc-a0327cdaa811}) (Version: 3.2.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.7.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Intel® Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Works 6-9 Converter (HKLM-x32\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.3.9 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.02.1402 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.0.0 (Version: 6.0.0 - Motorola Inc.) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PC Pitstop Download Nitro 1.5.0.0 (HKLM-x32\...\PC Pitstop Download Nitro_is1) (Version: 1.5.0.0 - PC Pitstop, LLC)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Perfect Effects 4.0.4 (HKLM-x32\...\{42FB8FF5-FBFD-4690-A5A8-75A6C94D7D0B}) (Version: 4.0.4 - onOne Software)
Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)
Photomatix Pro version 4.2.3 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.3 - HDRsoft Sarl)
Picturenaut 3.2 (HKLM\...\{7BDD99A3-CCDD-41DE-8B86-F636B95ADBBF}) (Version: 3.2.0.1698 - Marc M.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Radialpoint Security Advisor 2.5.15 (x32 Version: 2.5.15 - Radialpoint SafeCare Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2380.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Seagate Manager Installer (HKLM-x32\...\InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}) (Version: 2.02.0109 - Seagate)
Seagate Manager Installer (x32 Version: 2.02.0109 - Seagate) Hidden
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Ultra File Opener (HKCU\...\Ultra File Opener) (Version: 4.1.3.78 - CompuClever Systems Inc.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{FC4DE34E-DA9E-4F02-9837-2E65F73A0234}) (Version: 1.11.0305 - Samsung Electronics Co., Ltd.)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.3.64 - VeriSign)
VIP Access SDK (1.0.1.4) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.4 - Symantec Inc.)
WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{EC39CC32-E144-42E4-9A59-53C20B408BDE}) (Version: 1.5.4 - Western Digital)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Ralink Technology, Corp. (netr28x) Net (11/14/2011 3.02.07.0000) (HKLM\...\5C3D8D507E2CC48CF2BA058331D0647D4B4FA2E5) (Version: 11/14/2011 3.02.07.0000 - Ralink Technology, Corp.)
Windows Driver Package - Realtek (RTL8167) Net (06/12/2012 7.061.0612.2012) (HKLM\...\D7AE157A02BBDD2AFDC7ACDBE7652D398B0B265E) (Version: 06/12/2012 7.061.0612.2012 - Realtek)
Windows Driver Package - Realtek (RTL8167) Net (11/23/2011 7.050.1123.2011) (HKLM\...\93D0B653D730EB57C01C763D1BE4E63ABC9204F0) (Version: 11/23/2011 7.050.1123.2011 - Realtek)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (03/27/2012 6.0.1.6602) (HKLM\...\C543BFEF10EAA83E7C100705911081C7D90E1D04) (Version: 03/27/2012 6.0.1.6602 - Realtek Semiconductor Corp.)
Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (06/19/2012 6.0.1.6662) (HKLM\...\7B8CB01A84E3456C95B732366C105F2FCDA598A5) (Version: 06/19/2012 6.0.1.6662 - Realtek Semiconductor Corp.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windstream Diagnostic Tools 3.0.21 (x32 Version: 3.0.21 - Windstream) Hidden
Windstream Service Agent 4.1.15 (HKLM-x32\...\RadialpointClientGateway_is1) (Version: 4.1.15 - Windstream)
Wsys Control 15.2.1.2652 (HKLM-x32\...\WsysControl) (Version: 15.2.1.2652 - Wsys Co., Ltd.) <==== ATTENTION
Zip Opener Packages (HKCU\...\Zip Opener Packages) (Version: - ) <==== ATTENTION

==================== Restore Points =========================

04-07-2014 08:58:44 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0177AC78-46DF-4E76-AA2F-57C417234A17} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {03745A5E-1A6F-4762-8BA1-E27EEA2EDDC2} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {0A4C7C1D-788E-4348-9FA3-004C6A19A108} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {0D2318CC-E3A2-45F4-9D4E-4158CBF11FAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {1996E139-BDF5-4C00-825B-9E70C6C3BB3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {20B6DA75-07D8-4C9A-A1D0-D5D5289B948A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {274C0867-5E4B-4381-8B1F-BB51E47A4DD8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {2EC9819B-76EE-438E-8D8F-C66E0968F22B} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {3EC17CF9-0761-48C6-92BE-86D2CDBDEF76} - System32\Tasks\HPCeeScheduleForMICHELLE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {43123A7A-8FA7-448A-85AE-2A8F409F64F8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {64E54F49-7363-406D-BB97-90D79B5F9D62} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {69ED3F7E-D7A4-4B42-A96F-2521E3B609D5} - System32\Tasks\DigitalSite => C:\Users\Michelle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {71DAEF60-F8F6-40ED-A4C6-993E5EE4CE39} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {815AFB55-3355-4046-8A05-BB298AE999C4} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-03-25] ()
Task: {86C485FB-7EAA-4DE8-875B-7EB8A6E14B05} - System32\Tasks\{90A606A7-CB46-4F4E-9B9F-B137210DCFA2} => C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe [2009-12-22] ()
Task: {8BAF9B2B-7666-47C6-A088-260897166426} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {A61F9425-BD00-4E42-825E-DC11D04435C9} - System32\Tasks\AdobeAAMUpdater-1.0-Michelle-HP-Michelle => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {BA694611-8F59-491F-8248-FE6AC6953011} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {C8059735-69C5-4FFE-97CF-D364AAF2D793} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {D3EC79EC-C823-46B4-A1A3-E2BDD69ED77E} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-06-09] ()
Task: {ED3FB23F-AD0D-4288-9FD6-571A2DD571A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F529EC9A-7D8E-4628-8C75-5E9CD5E20FF7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FB595E38-B14D-4E97-8969-FCAF586936D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-01] (Google Inc.)
Task: {FF043871-DAA1-457A-B634-E237C858D220} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Michelle\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMICHELLE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-03-02 19:29 - 2009-12-04 18:15 - 00062976 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK64.dll
2012-08-20 04:18 - 2012-08-20 04:18 - 07065224 _____ () C:\Program Files\Backup Assistant Plus\V CAST Backup Scheduler.exe
2012-03-02 19:29 - 2009-12-22 13:30 - 00159744 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EasySetPackage.exe
2012-03-02 19:29 - 2009-12-22 13:31 - 00024576 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\TestDDCCI.exe
2010-02-28 03:33 - 2010-02-28 03:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 21:39 - 2013-07-09 00:54 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2013-03-25 15:44 - 2013-03-25 15:44 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2012-03-02 19:29 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\HOOK.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 00684032 _____ () C:\Program Files\Backup Assistant Plus\libexpat.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 00466975 _____ () C:\Program Files\Backup Assistant Plus\sqlite3.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 00310272 _____ () C:\Program Files\Backup Assistant Plus\swscale-2.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 00142848 _____ () C:\Program Files\Backup Assistant Plus\avutil-51.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 13766656 _____ () C:\Program Files\Backup Assistant Plus\avcodec-54.dll
2012-08-20 04:17 - 2012-08-20 04:17 - 02535936 _____ () C:\Program Files\Backup Assistant Plus\avformat-54.dll
2012-03-02 19:29 - 2009-12-22 13:30 - 00012288 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\EngRes.dll
2012-08-17 21:38 - 2012-08-17 21:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2011-01-17 17:19 - 2012-02-27 23:48 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-06-18 00:14 - 2014-06-18 00:15 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-03-02 19:29 - 2009-12-22 13:30 - 00057344 _____ () C:\Program Files (x86)\LG Soft India\EasySetPackage\bin\Hook.dll
2014-06-16 23:02 - 2014-06-16 23:02 - 17024688 ____N () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HsdService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/07/2014 10:54:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WLXPhotoGallery.exe version 15.4.3555.308 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f08

Start Time: 01cf9a57e00aa1e2

Termination Time: 8

Application Path: C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe

Report Id: 26ee1316-064b-11e4-9644-386077bed594

Error: (07/01/2014 08:52:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2b28

Start Time: 01cf942a74470715

Termination Time: 4

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id:

Error: (06/25/2014 06:38:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/24/2014 11:10:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/24/2014 04:51:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/23/2014 09:56:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/23/2014 06:14:35 AM) (Source: Family Tree Maker) (EventID: 100) (User: )
Description: Timestamp: 23-Jun-14 10:14:35 AM
Message: HandlingInstanceID: ee404b79-c4f1-4e3d-a93e-0108c5425922
An exception of type 'System.ServiceModel.EndpointNotFoundException' occurred and was caught.
---------------------------------------------------------------------------------------------
06/23/2014 06:14:35
Type : System.ServiceModel.EndpointNotFoundException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : There was no endpoint listening at http://service.familytreemaker.com/OhanaService/LocatorService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Source : mscorlib
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
HResult : -2146233087
Stack Trace :
Server stack trace:
   at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()
   at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data)
   at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data)
   at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute()

Additional Info:

MachineName : MICHELLE-HP
TimeStamp : 23-Jun-14 10:14:35 AM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4
AppDomainName : FTM.exe
ThreadIdentity : Michelle-HP\Michelle
WindowsIdentity : Michelle-HP\Michelle
   Inner Exception
   ---------------
   Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
   Message : Unable to connect to the remote server
   Source : System
   Help link :
   Status : ConnectFailure
   Response :
   Data : System.Collections.ListDictionaryInternal
   TargetSite : System.IO.Stream GetRequestStream(System.Net.TransportContext ByRef)
   HResult : -2146233079
   Stack Trace :    at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
       at System.Net.HttpWebRequest.GetRequestStream()
       at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()

       Inner Exception
       ---------------
       Type : System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
       Message : No connection could be made because the target machine actively refused it 72.52.11.79:80
       Source : System
       Help link :
       ErrorCode : 10061
       SocketErrorCode : ConnectionRefused
       NativeErrorCode : 10061
       Data : System.Collections.ListDictionaryInternal
       TargetSite : Void DoConnect(System.Net.EndPoint, System.Net.SocketAddress)
       HResult : -2147467259
       Stack Trace :    at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
           at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)

Category: Exception
Priority: 0
EventId: 100
Severity: Error
Title:FTM Exception Handling
Machine: MICHELLE-HP
Application Domain: FTM.exe
Process Id: 6768
Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe
Win32 Thread Id: 5848
Thread Name:
Extended Properties:

Error: (06/23/2014 02:14:44 AM) (Source: Family Tree Maker) (EventID: 100) (User: )
Description: Timestamp: 23-Jun-14 6:14:44 AM
Message: HandlingInstanceID: aeb87117-1873-4a6a-bcca-1c91384a41ea
An exception of type 'System.TimeoutException' occurred and was caught.
-----------------------------------------------------------------------
06/23/2014 02:14:44
Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request channel timed out while waiting for a reply after 00:00:29.8419909. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.
Source : mscorlib
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
HResult : -2146233083
Stack Trace :
Server stack trace:
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data)
   at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data)
   at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute()

Additional Info:

MachineName : MICHELLE-HP
TimeStamp : 23-Jun-14 6:14:44 AM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4
AppDomainName : FTM.exe
ThreadIdentity : Michelle-HP\Michelle
WindowsIdentity : Michelle-HP\Michelle
   Inner Exception
   ---------------
   Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
   Message : The HTTP request to 'http://service.familytreemaker.com/OhanaService/LocatorService.svc' has exceeded the allotted timeout of 00:00:29.9880000. The time allotted to this operation may have been a portion of a longer timeout.
   Source : System.ServiceModel
   Help link :
   Data : System.Collections.ListDictionaryInternal
   TargetSite : System.Net.HttpWebResponse ProcessGetResponseWebException(System.Net.WebException, System.Net.HttpWebRequest, System.ServiceModel.Channels.HttpAbortReason)
   HResult : -2146233083
   Stack Trace :    at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
       at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)

       Inner Exception
       ---------------
       Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
       Message : The operation has timed out
       Source : System
       Help link :
       Status : Timeout
       Response :
       Data : System.Collections.ListDictionaryInternal
       TargetSite : System.Net.WebResponse GetResponse()
       HResult : -2146233079
       Stack Trace :    at System.Net.HttpWebRequest.GetResponse()
           at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)

Category: Exception
Priority: 0
EventId: 100
Severity: Error
Title:FTM Exception Handling
Machine: MICHELLE-HP
Application Domain: FTM.exe
Process Id: 6768
Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe
Win32 Thread Id: 5848
Thread Name:
Extended Properties:

Error: (06/22/2014 02:45:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/21/2014 07:43:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

System errors:
=============
Error: (06/27/2014 05:05:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:03:38 on ‎27/‎06/‎2014 was unexpected.

Error: (06/19/2014 07:31:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:29:28 on ‎19/‎06/‎2014 was unexpected.

Error: (06/12/2014 03:01:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Garmin Core Update Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (06/09/2014 02:22:41 AM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.

Error: (06/09/2014 02:22:39 AM) (Source: volsnap) (EventID: 27) (User: )
Description: The shadow copies of volume C: were aborted during detection because a critical control file could not be opened.

Error: (06/09/2014 02:16:57 AM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/21/2014 05:58:58 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (05/21/2014 05:57:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (05/21/2014 05:53:57 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Error: (05/21/2014 05:50:41 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.

Microsoft Office Sessions:
=========================
Error: (07/07/2014 10:54:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WLXPhotoGallery.exe15.4.3555.3081f0801cf9a57e00aa1e28C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe26ee1316-064b-11e4-9644-386077bed594

Error: (07/01/2014 08:52:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.5322b2801cf942a744707154C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Error: (06/25/2014 06:38:18 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/24/2014 11:10:07 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/24/2014 04:51:20 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/23/2014 09:56:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/23/2014 06:14:35 AM) (Source: Family Tree Maker) (EventID: 100) (User: )
Description: Timestamp: 23-Jun-14 10:14:35 AM
Message: HandlingInstanceID: ee404b79-c4f1-4e3d-a93e-0108c5425922
An exception of type 'System.ServiceModel.EndpointNotFoundException' occurred and was caught.
---------------------------------------------------------------------------------------------
06/23/2014 06:14:35
Type : System.ServiceModel.EndpointNotFoundException, System.ServiceModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : There was no endpoint listening at http://service.familytreemaker.com/OhanaService/LocatorService.svc that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Source : mscorlib
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
HResult : -2146233087
Stack Trace :
Server stack trace:
   at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()
   at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
   at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data)
   at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data)
   at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute()

Additional Info:

MachineName : MICHELLE-HP
TimeStamp : 23-Jun-14 10:14:35 AM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4
AppDomainName : FTM.exe
ThreadIdentity : Michelle-HP\Michelle
WindowsIdentity : Michelle-HP\Michelle
   Inner Exception
   ---------------
   Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
   Message : Unable to connect to the remote server
   Source : System
   Help link :
   Status : ConnectFailure
   Response :
   Data : System.Collections.ListDictionaryInternal
   TargetSite : System.IO.Stream GetRequestStream(System.Net.TransportContext ByRef)
   HResult : -2146233079
   Stack Trace :    at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
       at System.Net.HttpWebRequest.GetRequestStream()
       at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()

       Inner Exception
       ---------------
       Type : System.Net.Sockets.SocketException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
       Message : No connection could be made because the target machine actively refused it 72.52.11.79:80
       Source : System
       Help link :
       ErrorCode : 10061
       SocketErrorCode : ConnectionRefused
       NativeErrorCode : 10061
       Data : System.Collections.ListDictionaryInternal
       TargetSite : Void DoConnect(System.Net.EndPoint, System.Net.SocketAddress)
       HResult : -2147467259
       Stack Trace :    at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
           at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)

Category: Exception
Priority: 0
EventId: 100
Severity: Error
Title:FTM Exception Handling
Machine: MICHELLE-HP
Application Domain: FTM.exe
Process Id: 6768
Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe
Win32 Thread Id: 5848
Thread Name:
Extended Properties:

Error: (06/23/2014 02:14:44 AM) (Source: Family Tree Maker) (EventID: 100) (User: )
Description: Timestamp: 23-Jun-14 6:14:44 AM
Message: HandlingInstanceID: aeb87117-1873-4a6a-bcca-1c91384a41ea
An exception of type 'System.TimeoutException' occurred and was caught.
-----------------------------------------------------------------------
06/23/2014 02:14:44
Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Message : The request channel timed out while waiting for a reply after 00:00:29.8419909. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout.
Source : mscorlib
Help link :
Data : System.Collections.ListDictionaryInternal
TargetSite : Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
HResult : -2146233083
Stack Trace :
Server stack trace:
   at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]:
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at FTM.Services.Wcf.ILocatorService.GetEndpoint(String id, Byte[] data)
   at WebServiceProxies.LocatorService.ClientLocatorService.GetEndpoint(String id, Byte[] data)
   at Microsoft.Practices.SmartClient.Library.Commands.CommandWithCallback`2.DoExecute()

Additional Info:

MachineName : MICHELLE-HP
TimeStamp : 23-Jun-14 6:14:44 AM
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=2.0.0.0, Culture=neutral, PublicKeyToken=69cf5367912b86b4
AppDomainName : FTM.exe
ThreadIdentity : Michelle-HP\Michelle
WindowsIdentity : Michelle-HP\Michelle
   Inner Exception
   ---------------
   Type : System.TimeoutException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
   Message : The HTTP request to 'http://service.familytreemaker.com/OhanaService/LocatorService.svc' has exceeded the allotted timeout of 00:00:29.9880000. The time allotted to this operation may have been a portion of a longer timeout.
   Source : System.ServiceModel
   Help link :
   Data : System.Collections.ListDictionaryInternal
   TargetSite : System.Net.HttpWebResponse ProcessGetResponseWebException(System.Net.WebException, System.Net.HttpWebRequest, System.ServiceModel.Channels.HttpAbortReason)
   HResult : -2146233083
   Stack Trace :    at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
       at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)
       at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)

       Inner Exception
       ---------------
       Type : System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
       Message : The operation has timed out
       Source : System
       Help link :
       Status : Timeout
       Response :
       Data : System.Collections.ListDictionaryInternal
       TargetSite : System.Net.WebResponse GetResponse()
       HResult : -2146233079
       Stack Trace :    at System.Net.HttpWebRequest.GetResponse()
           at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout)

Category: Exception
Priority: 0
EventId: 100
Severity: Error
Title:FTM Exception Handling
Machine: MICHELLE-HP
Application Domain: FTM.exe
Process Id: 6768
Process Name: C:\Program Files\Family Tree Maker 2014\FTM.exe
Win32 Thread Id: 5848
Thread Name:
Extended Properties:

Error: (06/22/2014 02:45:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (06/21/2014 07:43:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

CodeIntegrity Errors:
===================================
Date: 2014-07-04 05:03:15.329
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-04 05:03:15.313
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-04 05:03:15.298
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-04 05:03:15.267
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-04 05:03:15.251
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-04 05:03:15.235
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-28 00:49:45.704
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-28 00:49:45.702
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-28 00:49:45.700
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-06-28 00:49:45.690
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 35%
Total physical RAM: 8098.52 MB
Available physical RAM: 5230.61 MB
Total Pagefile: 16195.21 MB
Available Pagefile: 13211.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1846.24 GB) (Free:1008.71 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:16.68 GB) (Free:2.08 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive k: (My Passport) (Fixed) (Total:1862.98 GB) (Free:1099.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: BE457667)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-216638947328) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005F107)
Partition 1: (Not Active) - (Size=-198659014656) - (Type=07 NTFS)

==================== End Of Log ============================

1PW · July 9, 2014

Hello medic04:

Although totally not required, a few members will post their requested individual attachment files in separate posts.

It is likely that the forum awaited your still missing Log Set 2, and your thread was regrettably passed over.

If you performed the requested mbam-check-2.1.1.1001.exe step, and you forgot to attach the CheckResults.txt file, please do so now.

If you overlooked Log Set 2 diagnostic step, please perform that necessary critical step now.

Please do not Copy & Paste, but instead attach by way of the "More Reply Options" button.

Thank you for your patience and understanding.

Firefox · July 9, 2014

Well this could very well be the issue, you have some disk corruption going on with this computer, it could be a sign of a failing hard drive, you can try running a check disk to see if it helps.

Error: (05/21/2014 05:58:58 PM) (Source: Ntfs) (EventID: 55) (User: )Description: The file system structure on the disk is corrupt and unusable.Please run the chkdsk utility on the volume OS.

Please see the instructions below to do a full disk check which should take at least 10 minutes and could take hours to complete.

How to Run Check Disk at Startup in Vista or Windows 7

medic04 · July 15, 2014

Sorry about leaving the checkresults file out. That was an over site on my part. I went ahead and redid all the scans after completing the chkdsk. Also just an FYI if the mods if you don't want people copying and pasting the logs they should take it out of the directions that come with downloading the logs and sending them back. Just in case you weren't aware of it.

Root Admin

Posted 08 April 2014 - 08:34 AM

If you're having issues with the Malwarebytes Anti-Malware 2 program or if one of the Staff or Honorary Members have asked you to run some Diagnostic Logs to help us to help you better then please do the following and post back the logs in your original topic posting. Please be patient and give helpers or Staff time to read and reply to your logs. If no one has replied within 24 hours to your post after you've posted your logs then please send a private message either to the one that requested you to post the log or to one of the Staff Moderators or Administrators for review and follow-up.

Log Set 1

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.
You can check here if you're not sure if your computer is 32-bit or 64-bit

Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply as well.
In many cases the logs are too large to post and in those cases you should attach the file if needed.
Click on the More Reply Options button, then click on the Browse button to locate your log then click the Attach button to attach the log to your post.

I'm well aware that you do this on your own free time and appreciate it very much. This might help with any future conflicts.

medic04

Addition.txt

FRST.txt

CheckResults.txt

Firefox · July 15, 2014

Thanks for re-posting and attaching your log files.

The instructions provided mentioned that you attach the files. I also see that it mentions copy and paste. The reason both are included is some folks logs are too large to just copy and paste so they have to attach them. Also its a matter of preference of the person helping you, some prefer you attach them others prefer you copy and paste.

That being said, you logs still show some disk corruption. Did the chkdsk complete and did it find any corruptions and fix it? (it is possible that your hard drive will need to be replace, so make sure you have a good backup of all your data).

Further analysis will have to be performed and we can not do that type of trouble shooting in this section of the forum. You will have to get help one on one with this issue, simply follow my instructions below go get that needed help.

To resolve your issues, feel free to follow the instructions below to receive free, one-on-one expert assistance in checking your system and clearing out any infections and correcting any damage done by the malware.

Please see the following pinned topic which has information on how to get help with this: Available Assistance for Possibly Infected Computers

Thank you

The 36 hour scan

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Important Information