ogtuner Posted February 11, 2015 ID:938887 Share Posted February 11, 2015 Uninstalled myclean pc pc optimizer pro but it still boots up with start up. Took it out of start up. Have run MB multiple times with no luck.Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-02-2015 02Ran by Liza Phillips (administrator) on LIZAPHILLIPS-PC on 11-02-2015 17:07:30Running from C:\Users\Liza Phillips\DesktopLoaded Profiles: Liza Phillips (Available profiles: Liza Phillips & DefaultAppPool)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11 (Default browser: Chrome)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe(Intel Corporation) C:\Windows\System32\igfxtray.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe() C:\Windows\System32\spool\drivers\x64\3\dldtserv.exe( ) C:\Windows\System32\dldtcoms.exe() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(Golden Frog, GmbH.) C:\Program Files (x86)\VyprVPN\VyprVPNService.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(USTechSupport, LLC (www.ustechsupport.com)) C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCOCheckUpdate.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Microsoft Corporation) C:\Windows\System32\wbengine.exe(Microsoft Corporation) C:\Windows\System32\vds.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [229824 2013-10-09] (Trend Micro Inc.)HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\Run: [Google Update] => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-03] (Google Inc.)HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\RunOnce: [uninstall C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\RunOnce: [uninstall C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\RunOnce: [uninstall C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\RunOnce: [uninstall C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Liza Phillips\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811"AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not FoundAppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL File Not FoundBootExecute: autocheck autochk * 訢扗錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥1DKNpS訧扗蠀autocheck autochk * 訤扗言訢扗錀畍瑬卩牴湩彧潂瑯硅捥瑵䭥祥13訩扗退敐ʟ5䒪䔖ᆤ躠ȄGroupPolicy: Group Policy on Chrome detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTIONProxyServer: [s-1-5-21-2184019481-1676405275-390902612-1001] => http=127.0.0.1:14171HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blankHKU\S-1-5-21-2184019481-1676405275-390902612-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSESearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSESearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_uid=1405353594214381&apn_dtid=IME001&o=APN10653&apn_ptnrs=AGE&q={searchTerms}SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=405&v=r11205-243&apn_uid=1405353594214381&apn_dtid=BND405&o=APN10647&apn_ptnrs=AG8&q={searchTerms}SearchScopes: HKLM-x32 -> DefaultScope 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL = SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBoxSearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=0&systemid=405&v=r11205-243&apn_uid=1405353594214381&apn_dtid=BND405&o=APN10647&apn_ptnrs=AG8&q={searchTerms}SearchScopes: HKLM-x32 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = http://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm017^YYA^us&si=pconverter&ptb=9F722B6C-A43A-4264-8980-672D1DE47429&ind=2013100301&n=77fd790d&psa=&st=sb&searchfor={searchTerms}BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No FileBHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe64.dll (Trend Micro Inc.)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.)BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No FileBHO-x32: TSToolbarBHO -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe32.dll (Trend Micro Inc.)BHO-x32: IEExtension.Extension -> {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Toolbar: HKLM-x32 - No Name - {609bbd0c-ac47-40e5-b047-27520779c4c9} - No FileToolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Toolbar: HKU\S-1-5-21-2184019481-1676405275-390902612-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No FileToolbar: HKU\S-1-5-21-2184019481-1676405275-390902612-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No FileHandler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe64.dll (Trend Micro Inc.)Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\TmBpIe32.dll (Trend Micro Inc.)Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg.dll (Trend Micro Inc.)Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\3.0.1313\6.8.1120\TmIEPlg32.dll (Trend Micro Inc.)Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 FireFox:========FF ProfilePath: C:\Users\Liza Phillips\AppData\Roaming\Mozilla\Firefox\Profiles\t1xhi2j2.defaultFF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)FF Plugin-x32: @java.com/DTPlugin,version=10.3.1 -> C:\windows\system32\npDeployJava1.dll No FileFF Plugin-x32: @java.com/JavaPlugin,version=10.3.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-2184019481-1676405275-390902612-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKU\S-1-5-21-2184019481-1676405275-390902612-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xmlFF Extension: Define Ext - C:\Program Files (x86)\Mozilla Firefox\extensions\umylsm@sqhjcpzmeselzlp.org [2014-02-15]FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextensionFF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextension [2015-02-04]FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1173\8.0.1173\firefoxextensionFF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextensionFF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2014-06-06]FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextensionFF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension [2014-06-08] Chrome: =======CHR HomePage: Default -> hxxp://google.com/CHR DefaultSearchKeyword: Default -> search.comCHR DefaultSearchURL: Default -> https://www.google.com/#q={searchTerms}CHR DefaultSuggestURL: Default -> {google:baseURL}webhp?sourceid=chrome-instant&{google:RLZ}{google:forceInstantResults}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}CHR Plugin: (Remoting Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No FileCHR Plugin: (Chrome PDF Viewer) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\Application\40.0.2214.111\pdf.dll ()CHR Plugin: (Shockwave Flash) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\Application\40.0.2214.111\gcswf32.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (Java Platform SE 7 U3) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\windows\system32\npDeployJava1.dll No FileCHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No FileCHR Plugin: (Windows Live0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (Google Update) - C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No FileCHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No FileCHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No FileCHR Plugin: (Default Plug-in) - default_plugin No FileCHR Profile: C:\Users\Liza Phillips\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-06]CHR Extension: (Google Cast) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-07-20]CHR Extension: (Google Wallet) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-29]CHR Extension: (Trend Micro Toolbar) - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-11]CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\module\20002\8.0.1095\8.0.1095\chrome_tmbep.crx [Not Found]CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - No PathStartMenuInternet: Google Chrome - C:\Users\Liza Phillips\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]R2 dldtCATSCustConnectService; C:\windows\system32\spool\DRIVERS\x64\3\\dldtserv.exe [33448 2009-07-09] ()R2 dldt_device; C:\windows\system32\dldtcoms.exe [1045232 2008-02-25] ( )R2 dldt_device; C:\windows\SysWOW64\dldtcoms.exe [595184 2008-02-25] ( )R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025408 2014-01-09] (Enigma Software Group USA, LLC.)R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [144896 2014-11-20] (Golden Frog, GmbH.) [File not signed]R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]S2 AppDriverRemote.exe; C:\Users\Liza Phillips\AppData\Local\d32c8e733464802a51450381e50ba27a\AppDriverRemote.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()R2 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [93400 2014-12-15] (Malwarebytes Corporation)R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-11] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2013-04-30] (support.com, Inc)S3 tapvyprvpn; C:\Windows\System32\DRIVERS\tapvyprvpn.sys [44896 2014-11-20] (The OpenVPN Project)R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [117312 2013-12-03] (Trend Micro Inc.)R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [283160 2013-12-03] (Trend Micro Inc.)R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2013-07-01] (Trend Micro Inc.)R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [100640 2013-06-13] (Trend Micro Inc.)R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [85936 2013-12-03] (Trend Micro Inc.)R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [303392 2013-05-15] (Trend Micro Inc.)R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2011-08-22] (Trend Micro Inc.)S3 RegFltrX64; \??\C:\Users\Liza Phillips\AppData\Local\d32c8e733464802a51450381e50ba27a\RegFltrX64.sys [X]U4 smu; No ImagePathU2 TMAgent; No ImagePath ========================== Drivers MD5 ======================= C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legitC:\Windows\System32\drivers\ACPI.sys ==> MD5 is legitC:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legitC:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legitC:\Windows\system32\drivers\adpahci.sys ==> MD5 is legitC:\Windows\system32\drivers\adpu320.sys ==> MD5 is legitC:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9C:\Windows\system32\drivers\agp440.sys ==> MD5 is legitC:\Windows\system32\drivers\aliide.sys ==> MD5 is legitC:\Windows\system32\drivers\amdide.sys ==> MD5 is legitC:\Windows\system32\drivers\amdk8.sys ==> MD5 is legitC:\Windows\system32\drivers\amdppm.sys ==> MD5 is legitC:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legitC:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048C:\Windows\System32\DRIVERS\Apfiltr.sys 6690E42CED5D067233ABAD42DA141213C:\Windows\system32\drivers\appid.sys ==> MD5 is legitC:\Windows\system32\drivers\arc.sys ==> MD5 is legitC:\Windows\system32\drivers\arcsas.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legitC:\Windows\System32\drivers\atapi.sys ==> MD5 is legitC:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\bcmwl664.sys 783F1C7ED6B39454A8D1028D4F30768DC:\Windows\System32\Drivers\Beep.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legitC:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legitC:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legitC:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legitC:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legitC:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FFC:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legitC:\Windows\system32\drivers\circlass.sys ==> MD5 is legitC:\Windows\System32\CLFS.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legitC:\Windows\system32\drivers\cmdide.sys ==> MD5 is legitC:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legitC:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\CtClsFlt.sys BC3D4F90978CD7C8EABD1BAF3BF7873AC:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legitC:\Windows\System32\drivers\discache.sys ==> MD5 is legitC:\Windows\System32\drivers\disk.sys ==> MD5 is legitC:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legitC:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868C:\Windows\system32\drivers\evbda.sys ==> MD5 is legitC:\Windows\system32\drivers\elxstor.sys ==> MD5 is legitC:\Windows\system32\drivers\errdev.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\EsgScanner.sys 3B32CAA07D672F8A2E0DF5CB3A873F45C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legitC:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legitC:\Windows\system32\drivers\fdc.sys ==> MD5 is legitC:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legitC:\Windows\System32\drivers\filetrace.sys ==> MD5 is legitC:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legitC:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legitC:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\fssfltr.sys B3EB502D2C3F47C47415F85387DFAEF1C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7BC:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092FC:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legitC:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373AC:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AFC:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legitC:\Windows\system32\drivers\hidbth.sys ==> MD5 is legitC:\Windows\system32\drivers\hidir.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legitC:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legitC:\Windows\System32\drivers\HTTP.sys ==> MD5 is legitC:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\iaStor.sys D469B77687E12FE43E344806740B624DC:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366C:\Windows\System32\DRIVERS\igdkmd64.sys 795C99DC4F574C97C03D0BB39CF099EEC:\Windows\system32\drivers\iirsp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9C:\Windows\System32\DRIVERS\IntcDAud.sys FC727061C0F47C8059E88E05D5C8E381C:\Windows\system32\drivers\intelide.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legitC:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legitC:\Windows\System32\drivers\ipnat.sys ==> MD5 is legitC:\Windows\System32\drivers\irenum.sys ==> MD5 is legitC:\Windows\system32\drivers\isapnp.sys ==> MD5 is legitC:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legitC:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DECC:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legitC:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legitC:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legitC:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legitC:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legitC:\Windows\system32\drivers\luafv.sys ==> MD5 is legitC:\windows\system32\drivers\mbamchameleon.sys 269DB9146B448DC7F76826375B89DB07C:\windows\system32\drivers\mbam.sys CA43F8904E24BBE49982E4C0B29E6579C:\windows\system32\drivers\MBAMSwissArmy.sys 26C43960C99EE861A5D0EDC4DCF3B1C3C:\windows\system32\drivers\mwac.sys A646C2DDB8C46E9B20A326FAF566646CC:\Windows\system32\drivers\megasas.sys ==> MD5 is legitC:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legitC:\Windows\System32\drivers\modem.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legitC:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9AC:\Windows\system32\drivers\mpio.sys ==> MD5 is legitC:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legitC:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3AC:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68ACC:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30CC:\Windows\System32\drivers\msahci.sys ==> MD5 is legitC:\Windows\system32\drivers\msdsm.sys ==> MD5 is legitC:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legitC:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legitC:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legitC:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legitC:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legitC:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legitC:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legitC:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legitC:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legitC:\Windows\System32\Drivers\mup.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legitC:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legitC:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legitC:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legitC:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legitC:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legitC:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2C:\Windows\System32\Drivers\Null.sys ==> MD5 is legitC:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66ADC:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4AC:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legitC:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legitC:\Windows\system32\drivers\parport.sys ==> MD5 is legitC:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9CC:\Windows\System32\drivers\pci.sys ==> MD5 is legitC:\Windows\system32\drivers\pciide.sys ==> MD5 is legitC:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legitC:\Windows\System32\drivers\pcw.sys ==> MD5 is legitC:\Windows\System32\drivers\peauth.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legitC:\Windows\system32\drivers\processr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legitC:\Windows\system32\drivers\ql2300.sys ==> MD5 is legitC:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legitC:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legitC:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legitC:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legitC:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legitC:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legitC:\Windows\System32\Drivers\RtsUStor.sys BE29B0A3AC1E8BD02FFAB8CEE86BADFAC:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legitC:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legitC:\Windows\system32\drivers\serenum.sys ==> MD5 is legitC:\Windows\system32\drivers\serial.sys ==> MD5 is legitC:\Windows\system32\drivers\sermouse.sys ==> MD5 is legitC:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legitC:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legitC:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legitC:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legitC:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legitC:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legitC:\Windows\System32\Drivers\spldr.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0BC:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3C:\Windows\System32\DRIVERS\ssmirrdr.sys 1100066057FBF612B573EFD3B21383F1C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\stwrt64.sys EBA98394A7D58F7552C52192BD8FA7E6C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\tapvyprvpn.sys DF56B9F206B99020D79AC560622F8F91C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45EC:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45EC:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABCC:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legitC:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\tmactmon.sys 20903580F4BCFD08E8A59310D747190CC:\Windows\System32\DRIVERS\tmcomm.sys B6ECBBBCEE9F1B88BA101F4C0BB58977C:\Windows\System32\DRIVERS\TMEBC64.sys 4068D01A407C5F3B9AD3DF523E6BCEF6C:\Windows\System32\DRIVERS\tmeevw.sys 3A10F5BDF66013B13AAB032B549E934DC:\Windows\System32\DRIVERS\tmevtmgr.sys 565EEA0DEF37E5AA66D492F4C1EFDCB7C:\Windows\System32\DRIVERS\tmnciesc.sys C91EB6CEC1A7FE02BB54760ABF79FBA6C:\Windows\System32\DRIVERS\tmtdi.sys 48951FBFFFCAE52FADFCDFB76ED19749C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legitC:\Windows\system32\drivers\uagp35.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legitC:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legitC:\Windows\system32\drivers\umpass.sys ==> MD5 is legitC:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240C:\Windows\System32\DRIVERS\usbccgp.sys 91D3C92A44FC682DD791147604E79152C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31C:\Windows\system32\drivers\usbehci.sys F7FFDF2A1D19A76A87759126B244C816C:\Windows\System32\DRIVERS\usbhub.sys 245FE7FC634D6A993E682E0A9EBA4ABBC:\Windows\system32\drivers\usbohci.sys C1A8966E0D09BFB501045105B30D86F2C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legitC:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6C:\Windows\system32\drivers\usbuhci.sys 2E682DCE4319A90E02A327F8A427544AC:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legitC:\Windows\System32\drivers\vga.sys ==> MD5 is legitC:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legitC:\Windows\system32\drivers\viaide.sys ==> MD5 is legitC:\Windows\System32\drivers\volmgr.sys ==> MD5 is legitC:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legitC:\Windows\System32\drivers\volsnap.sys ==> MD5 is legitC:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legitC:\Windows\system32\drivers\wacompen.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legitC:\Windows\system32\drivers\wd.sys ==> MD5 is legitC:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\wimfltr.sys ==> MD5 is legitC:\Windows\System32\drivers\wimmount.sys ==> MD5 is legitC:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legitC:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906DC:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legitC:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legitC:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869FC:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659 ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-11 16:57 - 2015-02-11 16:59 - 00028557 _____ () C:\Users\Liza Phillips\Desktop\Addition.txt2015-02-11 16:53 - 2015-02-11 17:07 - 00039816 _____ () C:\Users\Liza Phillips\Desktop\FRST.txt2015-02-11 16:53 - 2015-02-11 17:07 - 00000000 ____D () C:\FRST2015-02-11 16:50 - 2015-02-11 16:50 - 02134016 _____ (Farbar) C:\Users\Liza Phillips\Desktop\FRST64.exe2015-02-11 16:32 - 2015-02-11 16:38 - 00056236 _____ () C:\Users\Liza Phillips\Downloads\software_removal_tool.log2015-02-11 16:32 - 2015-02-11 16:32 - 04777800 _____ (Google) C:\Users\Liza Phillips\Downloads\software_removal_tool.exe2015-02-11 14:46 - 2015-02-11 14:46 - 00000020 _____ () C:\Users\Liza Phillips\AppData\Roaming\appdataFr3.bin2015-02-10 16:45 - 2015-02-10 16:45 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk2015-02-10 16:45 - 2015-02-10 16:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service2015-02-04 19:02 - 2015-02-04 19:02 - 00000000 ____D () C:\ProgramData\HitmanPro2015-02-04 13:57 - 2015-02-04 13:57 - 00000182 _____ () C:\Users\Liza Phillips\Desktop\jobs info.txt2015-02-03 19:23 - 2015-02-05 16:39 - 00000186 _____ () C:\Users\Liza Phillips\Desktop\newtv.txt2015-02-03 15:45 - 2015-02-03 15:45 - 04756960 _____ (http://www.maxuninstaller.com/ ) C:\Users\Liza Phillips\Downloads\MUninstaller_2014_Setup.exe 2015-01-18 23:03 - 2014-12-11 11:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe2015-01-16 12:11 - 2014-12-18 21:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll2015-01-16 12:11 - 2014-12-18 19:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys2015-01-16 12:11 - 2014-12-05 22:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll2015-01-16 12:11 - 2014-12-05 21:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll2015-01-16 12:11 - 2014-12-05 21:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll2015-01-16 12:10 - 2014-12-11 23:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe2015-01-16 12:10 - 2014-12-11 23:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll2015-01-16 12:10 - 2014-12-11 23:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe2015-01-16 12:10 - 2014-12-11 23:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll2015-01-16 12:10 - 2014-12-11 23:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe2015-01-16 12:10 - 2014-12-11 23:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe2015-01-16 12:10 - 2014-12-11 23:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll2015-01-16 12:08 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2015-01-16 12:08 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-11 16:57 - 2012-02-16 11:14 - 01678301 _____ () C:\windows\WindowsUpdate.log2015-02-11 16:55 - 2012-03-18 20:24 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001UA.job2015-02-11 16:48 - 2014-07-10 12:20 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2015-02-11 16:48 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02015-02-11 16:48 - 2009-07-13 22:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-02-11 16:40 - 2014-12-15 01:42 - 00003166 _____ () C:\windows\System32\Tasks\MyCleanPC PC Optimizer2015-02-11 16:40 - 2014-06-06 12:06 - 01015710 _____ () C:\windows\PFRO.log2015-02-11 16:40 - 2014-03-20 12:59 - 00003016 _____ () C:\windows\System32\Tasks\LAUNCH CDPCO2015-02-11 16:40 - 2012-02-16 12:03 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks2015-02-11 16:40 - 2012-02-16 12:03 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks2015-02-11 16:40 - 2012-02-16 11:54 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup2015-02-11 16:40 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2015-02-11 16:40 - 2009-07-13 22:51 - 00121636 _____ () C:\windows\setupact.log2015-02-11 16:15 - 2012-04-03 13:49 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2015-02-11 16:12 - 2009-07-13 23:32 - 00000000 ____D () C:\windows\addins2015-02-10 16:45 - 2014-02-15 05:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2015-02-05 23:43 - 2014-07-12 12:41 - 00000000 ____D () C:\Users\Liza Phillips\Documents\Newsbin2015-02-05 23:38 - 2014-07-08 21:07 - 00000000 ____D () C:\Users\Liza Phillips\AppData\Local\QuickPar2015-02-05 18:15 - 2014-07-12 12:41 - 00000000 ____D () C:\Users\Liza Phillips\AppData\Local\Newsbin2015-02-05 15:48 - 2009-07-13 23:13 - 00863356 _____ () C:\windows\system32\PerfStringBackup.INI2015-02-05 15:34 - 2013-08-17 01:16 - 00000000 ____D () C:\Users\Liza Phillips\AppData\Roaming\vlc2015-02-04 19:55 - 2012-03-18 20:24 - 00000888 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001Core.job2015-02-04 19:50 - 2012-03-18 20:24 - 00003926 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001UA2015-02-04 19:50 - 2012-03-18 20:24 - 00003530 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001Core2015-02-04 16:15 - 2012-04-03 13:49 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2015-02-04 16:15 - 2012-04-03 13:49 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2015-02-04 16:15 - 2012-02-16 11:25 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2015-02-04 13:59 - 2012-02-16 11:48 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk2015-02-03 22:25 - 2014-07-09 18:34 - 00000000 ____D () C:\Users\Liza Phillips\Documents\music load2015-02-03 21:43 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\NDF2015-02-03 19:35 - 2012-03-18 20:44 - 00000000 ____D () C:\Users\Liza Phillips\AppData\Roaming\Apple Computer2015-02-03 17:03 - 2011-11-16 13:25 - 00855970 _____ () C:\windows\SysWOW64\PerfStringBackup.INI2015-02-03 15:20 - 2013-08-17 00:57 - 00000000 ____D () C:\Users\Liza Phillips\AppData\Local\CRE2015-02-03 13:56 - 2014-08-05 12:20 - 00000000 ____D () C:\ProgramData\CanonIJPLM2015-01-21 10:14 - 2014-08-12 21:42 - 00000000 ____D () C:\Users\Liza Phillips\Documents\scanned2015-01-16 15:25 - 2013-08-14 20:24 - 00000000 ____D () C:\windows\system32\MRT2015-01-16 15:19 - 2012-08-08 05:58 - 113365784 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2013-10-13 20:44 - 2013-10-13 20:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll2015-02-11 14:46 - 2015-02-11 14:46 - 0000020 _____ () C:\Users\Liza Phillips\AppData\Roaming\appdataFr3.bin2014-03-06 18:54 - 2014-03-06 20:42 - 0000578 _____ () C:\Users\Liza Phillips\AppData\Roaming\aps.scan.quick.results2014-03-06 19:04 - 2014-04-03 13:56 - 0000078 _____ () C:\Users\Liza Phillips\AppData\Roaming\WB.CFG2013-04-01 12:30 - 2014-04-03 13:13 - 0007680 _____ () C:\Users\Liza Phillips\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2014-06-05 20:54 - 2014-06-05 20:54 - 0000036 _____ () C:\Users\Liza Phillips\AppData\Local\housecall.guid.cache2014-11-02 17:30 - 2014-11-02 17:30 - 0007621 _____ () C:\Users\Liza Phillips\AppData\Local\Resmon.ResmonCfg2013-02-16 19:07 - 2013-02-16 19:07 - 0516767 _____ () C:\ProgramData\1361062931.bdinstall.bin2013-02-16 19:22 - 2013-02-16 19:22 - 0143869 _____ () C:\ProgramData\1361064025.bdinstall.bin2013-04-22 15:25 - 2013-04-22 15:25 - 0033901 _____ () C:\ProgramData\1366665929.bdinstall.bin2013-04-22 15:28 - 2013-04-22 15:28 - 0227948 _____ () C:\ProgramData\1366665961.bdinstall.bin2013-09-18 11:49 - 2013-09-18 11:49 - 0064187 _____ () C:\ProgramData\1379526521.bdinstall.bin2014-01-31 18:53 - 2014-01-31 18:53 - 0000089 _____ () C:\ProgramData\dldt.log ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-05 10:20 ==================== End Of Log ================================================ Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Titanium Maximum Security (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}AS: Trend Micro Titanium Maximum Security (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Business Card Factory Deluxe 4 (HKLM-x32\...\{BF953F1A-F946-4804-875D-94B6A6C05CE1}) (Version: 4.2.651.2 - Nova Development)Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.)Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)Canon MG5500 series User Registration (HKLM-x32\...\Canon MG5500 series User Registration) (Version: - Canon Inc.)Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)DDiscuoUntLocator (HKLM-x32\...\{194FED75-9C74-BDB7-53F8-8CFFEF1AFEC9}) (Version: - DiscountLocoatOr) <==== ATTENTIONDefine Ext (HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\Define Ext) (Version: 8 - DefineExt.com) <==== ATTENTIONDell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)Dell V305 (HKLM\...\Dell V305) (Version: - Dell, Inc.)DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.100.82.88 - Dell Inc.)Google Chrome (HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ATTENTIONImTOO Video Converter Ultimate (HKU\S-1-5-21-2184019481-1676405275-390902612-1001\...\ImTOO Video Converter Ultimate) (Version: 7.7.3.20131014 - ImTOO)Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) HiddenJava 7 Update 1 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417001FF}) (Version: 7.0.10 - Oracle)Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: - )Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)Newsbin Pro (HKLM\...\Newsbin6) (Version: 6.51 - DJI Interprises, LLC)QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)Rapport (Version: 3.5.1205.20 - Trusteer) HiddenResumeMaker Professional (HKLM-x32\...\{D2E80193-7318-4707-A9DE-49AF663ADA73}) (Version: 17.0.0 - Individual Software Inc.)Trend Micro Titanium (Version: 7.0 - Trend Micro Inc.) HiddenTrend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 7.0 - Trend Micro Inc.)Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VyprVPN (HKLM-x32\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 2.6.5.4459 - Golden Frog, GmbH.)WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2184019481-1676405275-390902612-1001_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.26.7\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-2184019481-1676405275-390902612-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No FileCustomCLSID: HKU\S-1-5-21-2184019481-1676405275-390902612-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2184019481-1676405275-390902612-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Liza Phillips\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 11-02-2015 16:34:08 Software Removal Tool ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2014-11-02 14:53 - 00008956 ____A C:\windows\system32\Drivers\etc\hosts216.239.32.20 google.com 216.239.32.20 google.com www.google.ad216.239.32.20 google.com www.google.ae216.239.32.20 google.com www.google.com.af216.239.32.20 google.com www.google.com.ag216.239.32.20 google.com www.google.com.ai216.239.32.20 google.com www.google.al216.239.32.20 google.com www.google.am216.239.32.20 google.com www.google.co.ao216.239.32.20 google.com www.google.com.ar 216.239.32.20 google.com www.google.as 216.239.32.20 google.com www.google.at 216.239.32.20 google.com www.google.com.au216.239.32.20 google.com www.google.az 216.239.32.20 google.com www.google.ba 216.239.32.20 google.com www.google.com.bd 216.239.32.20 google.com www.google.be 216.239.32.20 google.com www.google.bf 216.239.32.20 google.com www.google.bg 216.239.32.20 google.com www.google.com.bh 216.239.32.20 google.com www.google.bi 216.239.32.20 google.com www.google.bj 216.239.32.20 google.com www.google.com.bn 216.239.32.20 google.com www.google.com.bo 216.239.32.20 google.com www.google.com.br 216.239.32.20 google.com www.google.bs 216.239.32.20 google.com www.google.bt 216.239.32.20 google.com www.google.co.bw 216.239.32.20 google.com www.google.by There are 163 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {024CFFEB-DDEC-4DE2-B2C9-F416EBEE4436} - \SaveSense No Task File <==== ATTENTIONTask: {0D6B40AE-61A0-40E4-ACCC-8ECE4AB64B37} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)Task: {12DF25CF-896E-4F3F-B8E1-DE0E833F4DC4} - System32\Tasks\{C34786A2-9C99-4BF1-8C54-7976767648B3} => pcalua.exe -a "C:\Users\Liza Phillips\Downloads\NetFx64(1).exe" -d "C:\Users\Liza Phillips\Downloads"Task: {2179F6E1-D114-42E0-B8E4-3698001D952C} - System32\Tasks\{AC18D667-EFC2-4FFC-9866-C9414DC1DF79} => pcalua.exe -a D:\Setup.EXE -d D:\Task: {2749BA43-9506-4595-9505-022B54E41072} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {28CF2C91-9F75-4158-B7E5-0C41A498CAB2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)Task: {45CD04EC-8D55-4BB3-BD97-A11509F1348A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001Core => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)Task: {67A62737-B158-4B88-AA25-B0FB14B40334} - System32\Tasks\Google Updater and Installer => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)Task: {93C97678-CD7F-4844-8134-964E4BBED6F0} - System32\Tasks\LAUNCH CDPCO => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe [2012-10-05] (USTechSupport, LLC (www.ustechsupport.com))Task: {99DF7303-B04E-43D2-854A-DB56A28FEF04} - \BrowserSafeguard Update Task No Task File <==== ATTENTIONTask: {9BC402E1-619E-40E4-8801-374C7FB64ABE} - System32\Tasks\{1C3B893E-8713-4F7B-9801-79D3EBAACB0B} => pcalua.exe -a C:\ProgramData\KinGCCoupon\PyY3U.exe -c /s /n /i:"ExecuteCommands;UninstallCommands" ""Task: {ACA55611-71E9-4DF9-9153-E6B02FA3ACFA} - System32\Tasks\Titanium BTC => C:\Program Files\Trend Micro\Titanium\plugin\TMDC\TMDC.exe [2014-08-06] (Trend Micro Inc.)Task: {C0D6A6E2-38BE-4731-AB8F-D1784167F5B1} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)Task: {E6C6DA54-37A5-4D2A-91CC-60EF18F0E71A} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-03-06] (AnyProtect by CMI) <==== ATTENTIONTask: {E87A1B95-8972-4837-AB33-C222BBD7096B} - System32\Tasks\USTSPCO-USTSPCOOneClickCare => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe [2012-10-05] (USTechSupport, LLC (www.ustechsupport.com))Task: {EE4C982D-E913-4B0E-AD49-2321E029500E} - System32\Tasks\MyCleanPC PC Optimizer => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe [2012-10-05] (USTechSupport, LLC (www.ustechsupport.com))Task: {F501E12B-90FC-41B6-9FA4-6696BF3CD0AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001UA => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)Task: {F830192E-3076-412D-9721-CC654354E2E5} - \Advanced System Protector_startup No Task File <==== ATTENTIONTask: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\windows\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTIONTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001Core.job => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2184019481-1676405275-390902612-1001UA.job => C:\Users\Liza Phillips\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\windows\Tasks\USTSPCO-USTSPCOOneClickCare.job => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe ==================== Loaded Modules (whitelisted) ============== 2012-03-18 20:27 - 2009-07-02 11:43 - 00177664 _____ () C:\windows\system32\spool\PRTPROCS\x64\dldtdrpp.dll2014-06-06 13:30 - 2013-01-15 20:19 - 00048128 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll2014-06-06 13:30 - 2013-04-01 22:25 - 00675840 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll2014-06-06 13:30 - 2013-01-15 20:23 - 00058368 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll2014-06-06 13:30 - 2012-12-18 14:06 - 01300480 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll2014-06-06 13:30 - 2013-01-15 20:19 - 00018944 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll2014-06-06 13:26 - 2013-07-23 09:28 - 00247352 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll2014-06-05 19:53 - 2010-03-15 10:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll2014-06-08 16:04 - 2013-12-18 07:33 - 00057584 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll2012-02-16 12:53 - 2011-03-25 19:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2008-02-25 10:38 - 2009-07-09 17:48 - 00033448 _____ () C:\windows\system32\spool\DRIVERS\x64\3\dldtserv.exe2014-08-05 12:33 - 2012-03-27 21:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2012-02-16 11:54 - 2011-08-18 09:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2014-11-20 10:38 - 2014-11-20 10:38 - 00071168 _____ () C:\Program Files (x86)\VyprVPN\GoldenFrogWFP.dll2014-11-02 16:34 - 2014-11-02 16:34 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9b1cac8d98bd69d3e56a26ff2f96f266\IsdiInterop.ni.dll2012-02-16 11:24 - 2011-01-12 17:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\Temp:373E1720AlternateDataStreams: C:\ProgramData\Temp:661DFA1CAlternateDataStreams: C:\ProgramData\Temp:A59C99D4AlternateDataStreams: C:\Users\Liza Phillips\Downloads\iMeshV12.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2184019481-1676405275-390902612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Liza Phillips\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpgDNS Servers: 75.75.76.76 - 75.75.75.75 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartupMSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startupMSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exeMSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exeMSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exeMSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startupMSCONFIG\startupreg: dldtamon => "C:\Program Files (x86)\Dell V305\dldtamon.exe"MSCONFIG\startupreg: dldtmon.exe => "C:\Program Files (x86)\Dell V305\dldtmon.exe"MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exeMSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCEMSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exeMSCONFIG\startupreg: PCKeeper2 => "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorunMSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exeMSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottimeMSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -QuietMSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" ==================== Accounts: ============================= Administrator (S-1-5-21-2184019481-1676405275-390902612-500 - Administrator - Disabled)Guest (S-1-5-21-2184019481-1676405275-390902612-501 - Limited - Disabled)HomeGroupUser$ (S-1-5-21-2184019481-1676405275-390902612-1002 - Limited - Enabled)Liza Phillips (S-1-5-21-2184019481-1676405275-390902612-1001 - Administrator - Enabled) => C:\Users\Liza Phillips ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-InterfaceDescription: Microsoft Teredo Tunneling AdapterClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: MicrosoftService: tunnelProblem: : This device cannot start. (Code10)Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: TAP-VyprVPN Adapter V9Description: TAP-VyprVPN Adapter V9Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: TAP-VyprVPN Provider V9Service: tapvyprvpnProblem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Realtek PCIe FE Family ControllerDescription: Realtek PCIe FE Family ControllerClass Guid: {4d36e972-e325-11ce-bfc1-08002be10318}Manufacturer: RealtekService: RTL8167Problem: : This device is disabled. (Code 22)Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors:==================Error: (02/11/2015 04:49:01 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (02/11/2015 04:41:55 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 04:14:41 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 03:29:15 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 03:09:08 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 02:45:20 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 02:44:43 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2015 04:41:14 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2015 04:41:14 PM) (Source: SideBySide) (EventID: 33) (User: )Description: Activation context generation failed for "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".Dependent Assembly Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" could not be found.Please use sxstrace.exe for detailed diagnosis. Error: (02/10/2015 03:21:15 PM) (Source: WinMgmt) (EventID: 10) (User: )Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors:=============Error: (02/11/2015 04:43:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (02/11/2015 04:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AppDriverRemote.exe service failed to start due to the following error: %%2 Error: (02/11/2015 04:40:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Error: (02/11/2015 04:40:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect. Error: (02/11/2015 04:16:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Error: (02/11/2015 04:13:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The AppDriverRemote.exe service failed to start due to the following error: %%2 Error: (02/11/2015 04:12:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )Description: The Microsoft Antimalware Service service failed to start due to the following error: %%1053 Error: (02/11/2015 04:12:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect. Error: (02/11/2015 03:40:06 PM) (Source: volsnap) (EventID: 36) (User: )Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (02/11/2015 03:30:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s). Microsoft Office Sessions:=========================Error: (01/31/2013 02:49:15 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 207 seconds with 180 seconds of active time. This session ended with a crash. Error: (01/31/2013 02:45:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5132 seconds with 2160 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel® Core i3 CPU M 390 @ 2.67GHzPercentage of memory in use: 41%Total physical RAM: 3894.68 MBAvailable physical RAM: 2285.86 MBTotal Pagefile: 7787.55 MBAvailable Pagefile: 5876.58 MBTotal Virtual: 8192 MBAvailable Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:379.04 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 74AC72A9)Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Any help would be wonderful FRST.txtAddition.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 11, 2015 ID:938888 Share Posted February 11, 2015 Hello, They call me TwinHeadedEagle around here, and I'll try to help your with your issue. Before we start please read and note the following:We're primarily oriented on malware removal here, so you must know that some issues just cannot be solved and you must be prepared for this. Some tools we use here will remove your browser search history, so backup your important links and all the files whose loss is unacceptable.Limit your internet access to posting here, some infections just wait to steal typed-in passwords.Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time. Keep in mind that private life gets in the way too. Note that we may live in totally different time zones, what may cause some delays between answers.Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed. I can't foresee everything, so if anything not covered in my instructions happens, please stop and inform me! There are no silly questions. Never be afraid to ask if in doubt! Rules and policies We won't support any piracy. That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding! Failure to follow these guidelines will result with closing your topic and withdrawning any assistance. Fix with Farbar Recovery Scan Tool This fix was created for this user for use on that particular machine. Running it on another one may cause damage and render the system unstable. Download attached fixlist.txt file and save it to the Desktop: Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!Right-click on icon and select Run as Administrator to start the tool.(XP users click run after receipt of Windows Security Warning - Open File).Press the Fix button just once and wait.If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.When finished FRST will generate a log on the Desktop, called Fixlog.txt.Please post it to your reply. Fix with AdwCleaner Please download AdwCleaner by Xplode and save the file to your Desktop.Right-click on icon and select Run as Administrator to start the tool.Wait until the database is updated.Accept the Terms of use and click Scan.When finished, please click Clean.Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.Please upload report in your reply. Note: Reports will be saved in your system partition, usually at C:\Adwcleanerfixlist.txt Link to post Share on other sites More sharing options...
ogtuner Posted February 12, 2015 Author ID:938905 Share Posted February 12, 2015 Wow I must say That was the fastest response I have ever had before so Thank you. That seemed to take care of my issue. I have used MB almost since it's came out. It has never let me down before even when I had a friend download the trial version which fixed his issue also. Needless to say that he upgraded. Thank you T.H.E. Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 12, 2015 ID:938906 Share Posted February 12, 2015 Please attach two reports I asked. Link to post Share on other sites More sharing options...
ogtuner Posted February 12, 2015 Author ID:938907 Share Posted February 12, 2015 logFixlog.txt Link to post Share on other sites More sharing options...
ogtuner Posted February 12, 2015 Author ID:938918 Share Posted February 12, 2015 Sorry didn't see install for AdwCleaner. I did notice a certain program was installed. It was removed. 2 texts came from adw. ran that just now. Did I do something incorrect?AdwCleanerR0.txtAdwCleanerS0.txt Link to post Share on other sites More sharing options...
TwinHeadedEagle Posted February 12, 2015 ID:939063 Share Posted February 12, 2015 Very good. Is everything now? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted March 17, 2015 Root Admin ID:948077 Share Posted March 17, 2015 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts