paulrabenold Posted January 24, 2015 ID:932393 Share Posted January 24, 2015 Hi I have a form of a redirect infection. I did run Malwarebytes. Adw amd Hitman pro. I also cleaned up the brousers and search providers etc. Its not going away. I don't find that much on the internet about this that is very helpful. I need some help Paul Rabenold Here are the results of Farbar (FRST.txt and Addition.txt) FRST.txtScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015Ran by McKeil-2 (administrator) on MCKEIL-2-PC on 23-01-2015 21:01:38Running from C:\Users\McKeil-2\DesktopLoaded Profiles: McKeil-2 (Available profiles: McKeil-2)Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Processes (Whitelisted) =================(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\stacsv64.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0.2\ABService.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Microsoft Corporation) C:\Windows\System32\msiexec.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\sqlservr.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe() C:\Program Files\Everything\Everything.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SHELBY\Reporting Services\ReportServer\bin\ReportingServicesService.exe(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe() C:\Windows\SysWOW64\srvany.exe(Shelby Systems, Inc.) C:\Windows\SysWOW64\ShelbyServices.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe() C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdlauncher.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdhost.exe(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe==================== Registry (Whitelisted) ==================(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4119920 2010-01-15] (Dell Inc.)HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-11-19] (Dell Inc.)HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-21] (Microsoft Corporation)HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1055952 2014-09-29] (Carbonite, Inc.)HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\MountPoints2: {29a92962-06c9-11e0-9cfb-f04da2a8c034} - "G:\WD SmartWare.exe" autoplay=trueHKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)BootExecute: autocheck autochk * sdnclean64.exesicalDrive2-鈀⟸Ǫ!Ȁ==================== Internet (Whitelisted) ====================(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)HKU\S-1-5-21-12934214-2758422551-2789243025-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehpSearchScopes: HKLM -> DefaultScope {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBoxSearchScopes: HKLM -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBoxSearchScopes: HKLM-x32 -> DefaultScope {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBoxSearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =SearchScopes: HKU\S-1-5-21-12934214-2758422551-2789243025-1001 -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL =BHO: No Name -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> No FileBHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No FileBHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Toolbar: HKU\S-1-5-21-12934214-2758422551-2789243025-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileDPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - No FileHandler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76FireFox:========FF ProfilePath: C:\Users\McKeil-2\AppData\Roaming\Mozilla\Firefox\Profiles\iikcgkzu.defaultFF NetworkProxy: "type", 0FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-12934214-2758422551-2789243025-1001: @citrixonline.com/appdetectorplugin -> C:\Users\McKeil-2\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-01-15]FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextensionFF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-26]FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextensionFF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextensionFF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-01-15]FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextensionFF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-01-15]FF HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exeChrome:=======CHR Profile: C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]CHR Extension: (Google Wallet) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]CHR Extension: (Trend Micro Toolbar) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-01-15]CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - No Path==================== Services (Whitelisted) =================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912 2014-08-21] (AOMEI Tech Co., Ltd.)R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)R2 GFIBckHAtt; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe [858480 2010-07-30] (GFI Software Ltd.)R2 GFIBckHSched; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe [2324848 2010-07-30] (GFI Software Ltd.)S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AC_Service.exe [309568 2015-01-19] (Citrix Online, a division of Citrix Systems, Inc.)R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]R2 MSSQL$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)R3 MSSQLFDLauncher$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdlauncher.exe [42160 2014-07-10] (Microsoft Corporation)R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]R2 ReportServer$SHELBY; c:\Program Files\Microsoft SQL Server\MSRS10_50.SHELBY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194088 2014-07-10] (Microsoft Corporation)S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)R2 ShelbyServices; C:\Windows\SysWOW64\SRVANY.exe [8192 2003-04-18] () [File not signed]R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-19] (Enigma Software Group USA, LLC.)S4 SQLAgent$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe [247808 2010-04-07] (IDT, Inc.)R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)R2 WBA_Agent_Client; C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe [86016 2009-01-27] () [File not signed]S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-11-19] (Dell Inc.) [File not signed]R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]==================== Drivers (Whitelisted) ====================(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-22] (Emsisoft GmbH)R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2014-08-19] () [File not signed]R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2014-08-19] () [File not signed]R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2014-08-19] () [File not signed]S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-22] (Emsisoft GmbH)S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-01-19] (Enigma Software Group USA, LLC.)S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-19] ()R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-15] (Glarysoft Ltd)R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-23] ()S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)U2 TMAgent; No ImagePath==================== NetSvcs (Whitelisted) ===================(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)==================== One Month Created Files and Folders ========(If an entry is included in the fixlist, the file\folder will be moved.)2015-01-23 21:01 - 2015-01-23 21:02 - 00027043 _____ () C:\Users\McKeil-2\Desktop\FRST.txt2015-01-23 21:01 - 2015-01-23 21:01 - 00000000 ____D () C:\FRST2015-01-23 20:59 - 2015-01-23 20:59 - 02126848 _____ (Farbar) C:\Users\McKeil-2\Desktop\FRST64.exe2015-01-23 20:51 - 2015-01-23 20:51 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys2015-01-23 20:11 - 2015-01-23 20:41 - 00000000 ____D () C:\Users\McKeil-2\Desktop\mbar2015-01-23 20:11 - 2015-01-23 20:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)2015-01-23 20:03 - 2015-01-23 20:03 - 00000745 _____ () C:\Users\McKeil-2\Desktop\Start Emsisoft Emergency Kit.lnk2015-01-23 20:02 - 2015-01-23 20:03 - 00000000 ____D () C:\EEK2015-01-23 19:44 - 2014-12-28 03:01 - 01707939 _____ (Thisisu) C:\Users\McKeil-2\Desktop\JRT_NEW.exe2015-01-23 17:27 - 2015-01-23 20:50 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Everything2015-01-23 17:27 - 2015-01-23 17:27 - 00001027 _____ () C:\Users\McKeil-2\Desktop\Search Everything.lnk2015-01-23 17:27 - 2015-01-23 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything2015-01-23 17:27 - 2015-01-23 17:27 - 00000000 ____D () C:\Program Files\Everything2015-01-23 16:50 - 2015-01-23 16:51 - 346037874 _____ () C:\Users\McKeil-2\Desktop\bkup 01232015_reg.reg2015-01-23 16:35 - 2015-01-23 16:35 - 00000286 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}.job2015-01-23 16:31 - 2015-01-23 16:31 - 00000092 _____ () C:\Users\McKeil-2\Desktop\Metrocast email shortcut.txt2015-01-23 16:00 - 2015-01-23 16:00 - 00001144 _____ () C:\Windows\PFRO.log2015-01-23 06:19 - 2015-01-23 06:19 - 00003288 ____N () C:\bootsqm.dat2015-01-23 06:17 - 2015-01-23 06:17 - 00000000 __SHD () C:\found.0002015-01-22 13:03 - 2015-01-22 13:03 - 00000000 ____D () C:\Users\McKeil-2\Documents\Visual Studio 20052015-01-22 10:57 - 2015-01-22 10:57 - 723369977 _____ () C:\Windows\MEMORY.DMP2015-01-22 10:57 - 2015-01-22 10:57 - 00279824 _____ () C:\Windows\Minidump\012215-30014-01.dmp2015-01-22 10:57 - 2015-01-22 10:57 - 00000000 ____D () C:\Windows\Minidump2015-01-22 10:32 - 2015-01-22 10:32 - 00001237 _____ () C:\Windows\system32\Belarc Advisor - Free Personal PC Audit, for software, hardware and security configuration information on your computer_ Software license management, IT asset management, cyber security audits,.htm.lnk2015-01-20 11:41 - 2015-01-20 11:41 - 00011017 _____ () C:\Users\McKeil-2\Documents\DANDDDRAWINGS_2014.xlsx2015-01-19 16:59 - 2015-01-19 17:00 - 00406780 _____ () C:\Users\McKeil-2\Desktop\ESETPoweliksCleaner.exe_20150119.165957.8820.log2015-01-19 14:36 - 2015-01-19 14:36 - 498242522 _____ () C:\Users\McKeil-2\Desktop\bkupreg.reg2015-01-19 14:25 - 2015-01-23 20:51 - 00001709 _____ () C:\Windows\setupact.log2015-01-19 14:25 - 2015-01-19 14:25 - 00000000 _____ () C:\Windows\setuperr.log2015-01-19 14:15 - 2015-01-23 20:59 - 00516744 _____ () C:\Windows\WindowsUpdate.log2015-01-19 14:08 - 2015-01-19 14:08 - 00016576 _____ () C:\Users\McKeil-2\Documents\cc_20150119_140853.reg2015-01-19 13:42 - 2015-01-19 13:42 - 00000569 _____ () C:\Windows\Tasks\RegCure Pro_sch_EF54FF63-A00A-11E4-91C6-F04DA2A8C034.job2015-01-19 13:41 - 2015-01-19 13:41 - 00000338 _____ () C:\Windows\system32\.crusader2015-01-19 13:35 - 2015-01-19 13:41 - 00000000 ____D () C:\ProgramData\HitmanPro2015-01-19 13:06 - 2015-01-20 17:56 - 00001323 _____ () C:\Users\McKeil-2\Desktop\SpyHunter.lnk2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Enigma Software Group2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\sh4ldr2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 _____ () C:\autoexec.bat2015-01-19 13:05 - 2015-01-19 13:05 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys2015-01-19 13:05 - 2015-01-19 13:05 - 00000000 ____D () C:\Program Files\Enigma Software Group2015-01-19 11:57 - 2015-01-19 11:57 - 00037928 _____ () C:\Users\McKeil-2\Documents\cc_20150119_115731.reg2015-01-19 09:32 - 2015-01-19 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shelby Systems, Inc2015-01-18 21:41 - 2015-01-23 15:59 - 00000000 ____D () C:\AdwCleaner2015-01-18 20:25 - 2015-01-18 20:25 - 00001353 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2015-01-18 20:25 - 2015-01-18 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22015-01-18 20:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe2015-01-18 19:32 - 2015-01-18 19:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\SUPERAntiSpyware.com2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware2015-01-16 20:04 - 2015-01-16 20:04 - 00017016 _____ () C:\Users\McKeil-2\Documents\MONTHLY DRAW_2015.xlsx2015-01-15 12:20 - 2015-01-15 12:20 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk2015-01-15 12:20 - 2015-01-15 12:20 - 00000993 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk2015-01-15 12:18 - 2015-01-18 19:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer2015-01-15 12:13 - 2015-01-15 12:11 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe2015-01-15 12:13 - 2015-01-15 12:11 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe2015-01-15 12:13 - 2015-01-15 12:11 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll2015-01-15 11:51 - 2015-01-15 11:51 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2014.lnk2015-01-15 11:51 - 2015-01-15 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 20142015-01-15 11:35 - 2015-01-23 07:25 - 00000010 _____ () C:\Users\McKeil-2\AppData\Local\sponge.last.runtime.cache2015-01-15 11:34 - 2015-01-15 13:28 - 00000234 _____ () C:\Users\McKeil-2\Desktop\Shelby Systems Support.url2015-01-15 11:33 - 2015-01-18 19:22 - 00000254 _____ () C:\Users\McKeil-2\Desktop\Shelby Community Forum.url2015-01-15 10:38 - 2015-01-15 10:38 - 00002036 _____ () C:\Users\McKeil-2\Desktop\NEW LIFE CHRISTIAN CHURCH - Shortcut.lnk2015-01-15 10:37 - 2015-01-23 20:53 - 00000338 _____ () C:\Windows\Tasks\GlaryInitialize 5.job2015-01-15 10:37 - 2015-01-15 10:37 - 00002984 _____ () C:\Windows\System32\Tasks\GU5SkipUAC2015-01-15 10:37 - 2015-01-15 10:37 - 00002646 _____ () C:\Windows\System32\Tasks\GlaryInitialize 52015-01-15 10:37 - 2015-01-15 10:37 - 00001054 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk2015-01-15 10:37 - 2015-01-15 10:37 - 00001042 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk2015-01-15 10:37 - 2015-01-15 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 52015-01-15 10:36 - 2015-01-23 20:53 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 52015-01-15 10:36 - 2015-01-15 10:36 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys2015-01-15 10:36 - 2015-01-15 10:36 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\GlarySoft2015-01-15 10:36 - 2015-01-15 10:36 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\DiskDefrag2015-01-15 10:30 - 2015-01-15 10:30 - 00000000 ___HD () C:\TMRescueDisk2015-01-15 10:26 - 2015-01-15 10:26 - 00001443 _____ () C:\Users\McKeil-2\Desktop\Trend Micro Internet Security.lnk2015-01-15 10:26 - 2015-01-15 10:26 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security2015-01-15 10:25 - 2015-01-15 10:26 - 00003326 _____ () C:\Windows\System32\Tasks\Trend Micro Inspect of Platinum2015-01-15 10:25 - 2014-07-14 02:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys2015-01-15 10:25 - 2014-07-14 02:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys2015-01-15 10:25 - 2014-07-14 02:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys2015-01-15 10:25 - 2014-07-09 11:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys2015-01-15 10:25 - 2014-07-09 11:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys2015-01-15 10:25 - 2014-07-09 11:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys2015-01-15 10:25 - 2014-06-30 06:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys2015-01-15 10:23 - 2015-01-15 10:23 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat2015-01-15 10:22 - 2015-01-15 10:22 - 00000000 ____D () C:\Program Files\Trend Micro2015-01-15 10:18 - 2015-01-15 10:18 - 00000036 _____ () C:\Users\McKeil-2\AppData\Local\housecall.guid.cache2015-01-15 10:11 - 2015-01-15 10:26 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\Trend Micro2015-01-15 09:54 - 2015-01-18 21:35 - 00002443 _____ () C:\Windows\wininit.ini2015-01-15 09:45 - 2015-01-15 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype2015-01-14 11:11 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll2015-01-14 11:11 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys2015-01-14 11:11 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe2015-01-14 11:11 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll2015-01-14 11:11 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe2015-01-14 11:11 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll2015-01-14 11:11 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe2015-01-14 11:11 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe2015-01-14 11:11 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll2015-01-14 11:11 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe2015-01-14 11:11 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll2015-01-14 11:11 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll2015-01-14 11:11 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll2014-12-30 19:35 - 2014-12-30 19:35 - 00000000 ____D () C:\Users\McKeil-2\Documents\New folder2014-12-25 11:34 - 2014-12-25 11:34 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task==================== One Month Modified Files and Folders =======(If an entry is included in the fixlist, the file\folder will be moved.)2015-01-23 21:01 - 2009-07-14 00:13 - 00917342 _____ () C:\Windows\system32\PerfStringBackup.INI2015-01-23 21:01 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-01-23 21:01 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-01-23 20:53 - 2014-01-24 10:03 - 00000086 _____ () C:\Windows\SysWOW64\BRAgent.dat2015-01-23 20:52 - 2012-09-25 07:57 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2015-01-23 20:51 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2015-01-23 20:18 - 2013-03-27 10:25 - 00000000 ____D () C:\Users\McKeil-2\Documents\TurboTax2015-01-23 20:11 - 2014-09-06 10:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2015-01-23 20:11 - 2014-09-06 10:23 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2015-01-23 17:27 - 2011-08-25 16:21 - 00000000 ____D () C:\Program Files (x86)\Everything2015-01-23 16:38 - 2012-04-25 10:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-01-23 14:37 - 2011-06-14 10:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Skype2015-01-23 14:23 - 2012-09-25 07:57 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2015-01-23 13:54 - 2012-07-29 09:18 - 00000000 ____D () C:\Users\McKeil-2\Documents\Outlook Files2015-01-23 13:24 - 2010-12-03 13:01 - 00000000 ____D () C:\Users\McKeil-2\Documents\LTI2015-01-23 08:59 - 2012-04-23 08:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater2015-01-23 07:01 - 2011-05-30 10:04 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}2015-01-22 17:24 - 2014-02-01 07:42 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2015-01-22 17:05 - 2013-01-22 10:14 - 00000000 ____D () C:\Users\McKeil-2\Documents\Donor Receipt 12 month Letter2015-01-22 16:32 - 2013-02-19 09:44 - 00000000 ____D () C:\Users\McKeil-2\Documents\Donor Receipt Excel Data file2015-01-22 16:02 - 2010-12-03 13:02 - 00000000 ____D () C:\Users\McKeil-2\Documents\PERSONAL2015-01-22 13:03 - 2014-10-28 11:05 - 00000000 ____D () C:\Users\McKeil-2\Documents\SQL Server Management Studio2015-01-22 10:26 - 2013-10-24 09:33 - 00002094 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk2015-01-22 10:26 - 2013-10-24 09:33 - 00002082 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk2015-01-20 16:38 - 2014-06-03 16:39 - 00000270 _____ () C:\Windows\SysWOW64\debug.log2015-01-19 14:22 - 2014-10-28 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shelby v52015-01-19 14:22 - 2011-05-20 16:07 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox2015-01-19 11:55 - 2010-11-19 22:39 - 00000000 ____D () C:\Windows\Panther2015-01-19 09:28 - 2014-10-28 11:21 - 00001604 _____ () C:\Users\Public\Desktop\ShelbyEZ-VIEW.lnk2015-01-19 09:28 - 2014-10-28 11:20 - 00000059 _____ () C:\Windows\SysWOW64\SSV5DATE.INI2015-01-19 09:28 - 2014-10-28 11:20 - 00000000 ____D () C:\Program Files (x86)\Shelby Systems2015-01-19 09:28 - 2014-10-28 11:14 - 00000109 _____ () C:\Windows\SysWOW64\ShelbyServices.ini2015-01-19 09:28 - 2010-12-02 10:13 - 00001291 _____ () C:\Windows\Formset.ini2015-01-19 09:05 - 2012-07-30 14:24 - 00000000 ____D () C:\Program Files (x86)\Citrix2015-01-19 09:02 - 2010-12-13 08:59 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\Citrix2015-01-18 21:35 - 2014-06-03 16:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2015-01-18 20:30 - 2014-06-03 16:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22015-01-17 19:59 - 2014-10-04 12:03 - 00000000 ____D () C:\Users\McKeil-2\Documents\BIBLESTUDYNOTES2015-01-15 16:57 - 2010-12-03 13:01 - 00000000 ____D () C:\Users\McKeil-2\Documents\INTEGRITY2015-01-15 14:33 - 2010-11-25 18:49 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\VirtualStore2015-01-15 14:32 - 2012-10-25 16:38 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\TeamViewer2015-01-15 14:14 - 2014-09-06 10:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2015-01-15 14:14 - 2009-07-13 23:45 - 00437448 _____ () C:\Windows\system32\FNTCACHE.DAT2015-01-15 14:13 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security2015-01-15 13:27 - 2010-12-01 20:47 - 00122888 _____ () C:\Users\McKeil-2\AppData\Local\GDIPFONTCACHEV1.DAT2015-01-15 12:15 - 2014-06-03 17:00 - 00000000 ____D () C:\Windows\pss2015-01-15 12:14 - 2014-04-16 08:43 - 00000000 ____D () C:\ProgramData\Oracle2015-01-15 12:13 - 2014-04-16 08:42 - 00000000 ____D () C:\Program Files (x86)\Java2015-01-15 12:11 - 2014-04-16 08:43 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe2015-01-15 11:53 - 2012-10-04 09:21 - 00001545 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc2015-01-15 11:50 - 2011-04-03 16:22 - 00000000 ____D () C:\Program Files (x86)\TurboTax2015-01-15 10:38 - 2011-05-02 09:11 - 00247808 ___SH () C:\Users\McKeil-2\Documents\Thumbs.db2015-01-15 10:34 - 2014-09-06 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2015-01-15 10:34 - 2013-10-24 10:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2015-01-15 10:31 - 2012-03-15 09:36 - 00000000 ____D () C:\ProgramData\Trend Micro2015-01-15 10:15 - 2011-05-20 16:09 - 00000000 ___RD () C:\Users\McKeil-2\Dropbox2015-01-15 10:15 - 2011-05-20 16:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Dropbox2015-01-15 09:46 - 2011-06-14 10:05 - 00000000 ___RD () C:\Program Files (x86)\Skype2015-01-15 09:46 - 2011-06-14 10:05 - 00000000 ____D () C:\ProgramData\Skype2015-01-15 09:45 - 2014-09-06 08:49 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk2015-01-15 09:42 - 2009-07-14 00:08 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT2015-01-14 12:04 - 2014-08-21 09:08 - 00000000 ____D () C:\Users\McKeil-2\Documents\NEW LIFE CHRISTIAN CHURCH2015-01-13 05:30 - 2012-09-25 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2015-01-09 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF2014-12-31 12:50 - 2014-12-12 13:37 - 00004717 _____ () C:\ThankYou.txt2014-12-31 12:50 - 2014-11-06 16:49 - 00005865 _____ () C:\GiftRec.txt2014-12-28 14:56 - 2014-10-28 11:21 - 01568768 _____ (Shelby Systems, Inc.) C:\Windows\SysWOW64\ssv5axtax.dll2014-12-28 14:56 - 2014-10-28 11:21 - 00921600 _____ (Shelby Systems Inc.) C:\Windows\SysWOW64\ssv5axgn.dll==================== Files in the root of some directories =======2015-01-15 10:18 - 2015-01-15 10:18 - 0000036 _____ () C:\Users\McKeil-2\AppData\Local\housecall.guid.cache2014-06-03 17:07 - 2014-06-03 17:07 - 0000017 _____ () C:\Users\McKeil-2\AppData\Local\resmon.resmoncfg2015-01-15 11:35 - 2015-01-23 07:25 - 0000010 _____ () C:\Users\McKeil-2\AppData\Local\sponge.last.runtime.cache2011-06-14 10:16 - 2011-06-14 10:16 - 0000056 ____H () C:\ProgramData\ezsidmv.dat2012-09-26 13:40 - 2014-06-17 18:04 - 0004921 _____ () C:\ProgramData\hpzinstall.log2012-10-04 09:21 - 2015-01-15 11:53 - 0001545 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bcSome content of TEMP:====================C:\Users\McKeil-2\AppData\Local\Temp\Quarantine.exeC:\Users\McKeil-2\AppData\Local\Temp\sqlite3.dll==================== Bamital & volsnap Check =================(There is no automatic fix for files that do not pass verification.)C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed Addition.txtAdditional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015Ran by McKeil-2 at 2015-01-23 21:04:24Running from C:\Users\McKeil-2\DesktopBoot Mode: Normal============================================================================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Trend Micro Internet Security (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}AS: Trend Micro Internet Security (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}==================== Installed Programs ======================(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) HiddenAccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.11 - STMicroelectronics)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)AOMEI Backupper Standard Edition 2.0.2 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)B209a-m (x32 Version: 130.0.373.000 - Hewlett-Packard) HiddenBelarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)Brother BRAgent 1.34.0001 (HKLM-x32\...\{9390DEE7-32CF-4A2E-A47B-30270D624AA1}) (Version: 1.34.0001 - Brother)Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) HiddenCarbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.0 build 4390 (Sep-29-2014) - Carbonite)CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) HiddenDeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) HiddenDropbox (HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version: - )GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)Glary Utilities 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) HiddenGoogle Update Helper (x32 Version: 1.3.25.11 - Google Inc.) HiddenGoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.1.0.1055 - Citrix Online, a division of Citrix Systems, Inc.)GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) HiddenHP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{9FEF1A18-8F26-4F49-A5A4-956C12210624}) (Version: 13.0 - HP)HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) HiddenhppMSRedist (x32 Version: 1.00.0000 - Hewlett-Packard) HiddenhpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) HiddenHPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) HiddenhppusgP1000 (x32 Version: 1.1.0.1 - Hewlett-Packard) HiddenHPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) HiddenIntel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2141 - Intel Corporation)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) HiddenMalwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) HiddenMicrosoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)Microsoft IntelliPoint 8.0 (HKLM\...\{563F041C-DFDB-437B-A1E8-E141E0906076}) (Version: 8.0.225.0 - Microsoft)Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)Microsoft Sync Services for ADO.NET v2.0 (x64) (HKLM\...\{817BCC2B-76A8-4C8B-8B55-FD916C6969CC}) (Version: 2.0.1215.0 - Microsoft Corporation)Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)Network64 (Version: 130.0.572.000 - Hewlett-Packard) HiddenNetwork64 (Version: 140.0.221.000 - Hewlett-Packard) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)PS_AIO_06_B209a-m_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) HiddenQuickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 1.3.3 - Dell Inc.)Rapport (Version: 3.5.1205.20 - Trusteer) HiddenRevo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)Roxio Creator DE 10.3 (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) HiddenService Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)Shelby SOAP Install (HKLM-x32\...\{19E65209-31B3-41B1-B4B9-ACF9ACBF2594}) (Version: 1.00.0000 - Shelby Systems)Shelby v5 Server Setup (HKLM-x32\...\{F4BCB5DB-7713-4A76-9EFF-82EA130241A9}) (Version: 5.14.2000 - Shelby Systems, Inc.)Shelby v5 Workstation Setup (HKLM-x32\...\{131E485E-1FBF-44D0-A6BA-8960EA316968}) (Version: 5.14.2000 - Shelby Systems, Inc.)Shelby v5 Workstation Setup (x32 Version: 5.10.2000 - Shelby Systems, Inc.) HiddenShelby v5 Workstation Setup (x32 Version: 5.11.3000 - Shelby Systems, Inc.) HiddenShelby v5 Workstation Setup (x32 Version: 5.11.6000 - Shelby Systems, Inc.) HiddenShelby v5 Workstation Setup (x32 Version: 5.13.2350 - Shelby Systems, Inc.) HiddenShelby v5 Workstation Setup (x32 Version: 5.14.1001 - Shelby Systems, Inc.) HiddenShelby v5 Workstation Setup (x32 Version: 5.14.2000 - Shelby Systems, Inc.) HiddenShelbyIntelMail (HKLM-x32\...\{39AEF0C7-099C-421B-A2D3-BFA9D744BD32}) (Version: 1.0.0.0 - Shelby Systems)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) HiddenSolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) HiddenSpybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 BI Development Studio (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Full text search (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Management Studio (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSQL Server 2008 R2 SP2 Reporting Services (Version: 10.52.4000.0 - Microsoft Corporation) HiddenSql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) HiddenStatus (x32 Version: 130.0.373.000 - Hewlett-Packard) HiddenSUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) HiddenTrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) HiddenTrend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) HiddenTurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version: - Intuit, Inc)TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version: - Intuit, Inc)TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)v511constantcontact (HKLM-x32\...\{3C762D9D-D904-4D60-8BB6-169B7AC81447}) (Version: 1.0.0.0 - Shelby Systems)v513constantcontact (HKLM-x32\...\{A8B04D04-ED73-40AE-8DC5-5DE53D1A708D}) (Version: 1.0.0.4 - Shelby Systems)v5constantcontact (HKLM-x32\...\{82CF54D4-C8B3-4532-AFC8-F2B59DC45CB9}) (Version: 1.0.0.0 - Shelby Systems)Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) HiddenWIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom Corporation)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)==================== Custom CLSID (selected items): ==========================(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)==================== Restore Points =========================17-01-2015 06:45:08 Windows Backup18-01-2015 14:07:52 Windows Backup18-01-2015 23:00:27 Windows Backup19-01-2015 09:19:45 Configured Shelby v5 Server Setup19-01-2015 12:37:36 Removed Rapport19-01-2015 12:56:06 beore rdsrv removal22-01-2015 11:20:40 Restore Operation==================== Hosts content: ==========================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts==================== Scheduled Tasks (whitelisted) =============(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)Task: {07FBE726-77E5-4782-9F52-58867FCF4B34} - System32\Tasks\{8F175A02-97AE-40CE-A817-D0AD87D26C31} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsMainTask: {18C6A7A9-2054-474F-A127-4CF347030F89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)Task: {3240CC61-44F8-496C-B290-DB29E71E19B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)Task: {3F6EC6F5-E227-4FCF-BA6F-3C8C59002D6F} - System32\Tasks\{4DFBD16B-C084-45CA-8CF2-B8755F9FF5AB} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsMainTask: {44B5AC95-7FC7-4233-9D60-3910A9F8AB58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)Task: {5A66AC11-17EE-485F-ACA3-FD58B5E1B263} - System32\Tasks\{A6B06C0F-E2C8-4932-AF95-52B66030821D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)Task: {5B5D97F1-9AA3-402C-ACF0-277B51897DA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exeTask: {5ED52BDE-FC44-4EC7-8F24-2844DA7F5553} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe [2014-07-20] (Trend Micro Inc.)Task: {6D854A5C-325A-4D4E-869C-A433F1AB6687} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)Task: {7CEF366F-5439-48A2-A5BC-8FA3C78A611D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {8D5C86A9-C765-4BDC-B476-E0D227F63533} - System32\Tasks\{46E47F0A-E32C-443A-A910-DBD36ABCA6BE} => pcalua.exe -a C:\Windows\GFIBCK~1.EXE -c "C:\Windows\GFIBckHInstall.LOG"Task: {93B251E6-B450-42B7-9278-2B0AF5036FA8} - System32\Tasks\{7BFDBE5D-93F9-4242-AE90-2888A4C66791} => pcalua.exe -a C:\Windows\GFIBCK~1.EXE -c "C:\Windows\GFIBckHInstall.LOG"Task: {B26E55E6-BED5-441F-87D0-C77ED09D039F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)Task: {B498AABE-360E-4E38-8C8B-B7094A626B35} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvcTask: {C4DB429F-1ADE-4C7C-97FF-787B7987A06A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-01-05] (Glarysoft Ltd)Task: {D99DF314-07DC-42B2-8D7B-93B076F2F029} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exeTask: {E15BC032-73D4-4E37-B98D-171C3A198412} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exeTask: {E39BC32E-A55E-4AC9-BC92-A76A310A28F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exeTask: {FC2FC414-C9B6-4818-8F85-D4ABD19F3977} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\Windows\Tasks\RegCure Pro_sch_EF54FF63-A00A-11E4-91C6-F04DA2A8C034.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTIONTask: C:\Windows\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}.job => C:\Windows\system32\msfeedssync.exe Link to post Share on other sites More sharing options...
Valinorum Posted January 24, 2015 ID:932452 Share Posted January 24, 2015 Both logs are incomplete. Please attach the log files. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 30, 2015 Root Admin ID:934352 Share Posted January 30, 2015 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts