Solved Anne Kofod

A

Anne Kofod

Posts: 43   +0
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Annie Lee (administrator) on ANNIELEE-HP (23-10-2016 22:10:07)
Running from C:\Users\Annie Lee\Downloads
Loaded Profiles: Annie Lee (Available Profiles: Annie Lee)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Cisco) C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe



==================== End of FRST.txt ============================
 
==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\Run: [VideoGuardMonitor] => C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2016-06-29] (Cisco)
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {daf85b93-c0e5-11e3-a56f-e02a8207562a} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e5e705d4-59fc-11e3-adc5-e02a8207562a} - G:\ToolLauncher-Bootstrap.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e9b6173a-56de-11e3-b275-e02a8207562a} - G:\TL_Bootstrap.exe
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-17] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\System Mechanic.lnk [2016-08-05]
ShortcutTarget: System Mechanic.lnk -> C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe (iolo technologies, LLC)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{2330AF55-1D6D-4902-A5B2-EBEAC223EC3E}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{92CA435D-5C36-475A-BAF7-283E4B648D18}: [DhcpNameServer] 192.168.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-03] (Sun Microsystems, Inc.)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289
FF DefaultSearchEngine.US: Bing
FF Homepage: hxxp://www.msn.com/en-us/?pc=U227&ocid=U227DHP&DT=111514
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @addlive.com/AddLive(v3),version=3.0.16.5 -> C:\Users\Annie Lee\AppData\LocalLow\AddLive_v3\3.0.16.5\npAddLive.dll [2016-06-22] (LiveFoundry Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @hulu.com/Hulu Desktop -> C:\Users\Annie Lee\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Extension: Ebates Cash Back - C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2016-05-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-10-20]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2016-04-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-15]
CHR Extension: (Google Drive) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-15]
CHR Extension: (YouTube) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-15]
CHR Extension: (Google Search) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-15]
CHR Extension: (Google Calendar) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15]
CHR Extension: (Gmail) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-07-26] (EldoS Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-07-24] (EldoS Corporation)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [47600 2010-04-15] (Belcarra Technologies)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2016-04-06] ()
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2013-05-06] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2013-10-14] (LG Electronics Inc.)
U2 TMAgent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:10 - 2016-10-23 22:11 - 00022912 _____ C:\Users\Annie Lee\Downloads\FRST.txt
2016-10-23 22:09 - 2016-10-23 22:10 - 00000000 ____D C:\FRST
2016-10-23 22:08 - 2016-10-23 22:09 - 02193920 _____ (Farbar) C:\Users\Annie Lee\Downloads\FRST64.exe
2016-10-23 19:54 - 2016-10-23 19:54 - 00000168 _____ C:\Windows\setupact.log
2016-10-23 19:54 - 2016-10-23 19:54 - 00000000 _____ C:\Windows\setuperr.log
2016-10-20 20:49 - 2016-10-23 10:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 18:59 - 2016-10-20 18:59 - 00000000 ____D C:\Users\Annie Lee\Documents\Avatar
2016-10-20 18:01 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-20 18:01 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\LocalLow\Cisco
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\Local\Cisco
2016-10-16 15:14 - 2016-10-16 15:15 - 48275464 _____ (Cisco Systems, Inc) C:\Users\Annie Lee\Downloads\CiscoVideoGuard.6.7.exe
2016-10-16 12:07 - 2016-10-23 18:49 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForAnnie Lee.job
2016-10-16 12:07 - 2016-10-23 11:19 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAnnie Lee
2016-09-28 09:20 - 2016-09-28 09:20 - 00013031 _____ C:\Users\Annie Lee\Downloads\Astro Chart.htm
2016-09-28 09:20 - 2016-09-28 09:20 - 00000000 ____D C:\Users\Annie Lee\Downloads\Astro Chart_files
2016-09-27 23:01 - 2016-10-03 08:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-27 23:01 - 2016-09-27 23:01 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-27 23:01 - 2016-09-27 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-27 22:31 - 2016-09-27 22:32 - 22851472 _____ (Malwarebytes ) C:\Users\Annie Lee\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-09-26 19:20 - 2016-09-26 19:20 - 01060087 _____ C:\Users\Annie Lee\Documents\kimretire.hmk
 
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:03 - 2013-12-11 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:21 - 2013-11-15 18:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 20:39 - 2016-04-06 20:38 - 00000374 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job
2016-10-23 20:39 - 2013-09-16 01:02 - 01268459 _____ C:\Windows\WindowsUpdate.log
2016-10-23 19:54 - 2013-11-15 18:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 19:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 18:56 - 2016-08-05 13:25 - 00003118 _____ C:\Windows\System32\Tasks\iolo Process Governor
2016-10-23 12:45 - 2013-09-17 19:53 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\HpUpdate
2016-10-23 10:38 - 2014-01-17 18:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-20 22:28 - 2013-09-16 20:20 - 00000000 ____D C:\Windows\system32\MRT
2016-10-20 22:21 - 2013-09-16 20:20 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-20 22:20 - 2013-09-19 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-20 22:17 - 2013-09-19 20:56 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\SoftGrid Client
2016-10-16 13:03 - 2013-12-11 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-16 13:03 - 2013-09-16 22:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-16 13:03 - 2013-09-16 22:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-16 13:03 - 2013-09-16 22:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-16 13:03 - 2010-09-03 00:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-04 13:49 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 17:23 - 2013-11-15 18:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 17:23 - 2013-11-15 18:26 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-09-28 11:07 - 2013-11-08 23:25 - 00001945 _____ C:\Windows\epplauncher.mif
2016-09-28 11:06 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2014-07-10 17:57 - 2014-07-10 17:57 - 0003584 _____ () C:\Users\Annie Lee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-22 07:26 - 2016-08-22 07:26 - 0000036 _____ () C:\Users\Annie Lee\AppData\Local\housecall.guid.cache
2013-09-17 19:49 - 2013-09-17 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-05-03 10:47 - 2016-05-03 10:53 - 0000304 _____ () C:\ProgramData\hpzinstall.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-09-03 02:23 - 2010-09-03 02:23 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-09-03 02:18 - 2010-09-03 02:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-09-16 01:29 - 2013-09-16 01:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-09-03 02:17 - 2010-09-03 02:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-09-03 02:19 - 2010-09-03 02:23 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-09-16 01:30 - 2013-09-16 01:31 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 10:52

==================== End of FRST.txt ============================
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by Annie Lee (administrator) on ANNIELEE-HP (23-10-2016 22:10:07)
Running from C:\Users\Annie Lee\Downloads
Loaded Profiles: Annie Lee (Available Profiles: Annie Lee)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Cisco) C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\Run: [VideoGuardMonitor] => C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2016-06-29] (Cisco)
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {daf85b93-c0e5-11e3-a56f-e02a8207562a} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e5e705d4-59fc-11e3-adc5-e02a8207562a} - G:\ToolLauncher-Bootstrap.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e9b6173a-56de-11e3-b275-e02a8207562a} - G:\TL_Bootstrap.exe
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-17] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\System Mechanic.lnk [2016-08-05]
ShortcutTarget: System Mechanic.lnk -> C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe (iolo technologies, LLC)
BootExecute: autocheck autochk *
 
==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{2330AF55-1D6D-4902-A5B2-EBEAC223EC3E}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{92CA435D-5C36-475A-BAF7-283E4B648D18}: [DhcpNameServer] 192.168.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-03] (Sun Microsystems, Inc.)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289
FF DefaultSearchEngine.US: Bing
FF Homepage: hxxp://www.msn.com/en-us/?pc=U227&ocid=U227DHP&DT=111514
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @addlive.com/AddLive(v3),version=3.0.16.5 -> C:\Users\Annie Lee\AppData\LocalLow\AddLive_v3\3.0.16.5\npAddLive.dll [2016-06-22] (LiveFoundry Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @hulu.com/Hulu Desktop -> C:\Users\Annie Lee\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Extension: Ebates Cash Back - C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2016-05-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-10-20]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2016-04-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-15]
CHR Extension: (Google Drive) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-15]
CHR Extension: (YouTube) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-15]
CHR Extension: (Google Search) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-15]
CHR Extension: (Google Calendar) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15]
CHR Extension: (Gmail) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-15]
 
==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-07-26] (EldoS Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-07-24] (EldoS Corporation)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [47600 2010-04-15] (Belcarra Technologies)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2016-04-06] ()
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2013-05-06] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2013-10-14] (LG Electronics Inc.)
U2 TMAgent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:10 - 2016-10-23 22:11 - 00022912 _____ C:\Users\Annie Lee\Downloads\FRST.txt
2016-10-23 22:09 - 2016-10-23 22:10 - 00000000 ____D C:\FRST
2016-10-23 22:08 - 2016-10-23 22:09 - 02193920 _____ (Farbar) C:\Users\Annie Lee\Downloads\FRST64.exe
2016-10-23 19:54 - 2016-10-23 19:54 - 00000168 _____ C:\Windows\setupact.log
2016-10-23 19:54 - 2016-10-23 19:54 - 00000000 _____ C:\Windows\setuperr.log
2016-10-20 20:49 - 2016-10-23 10:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 18:59 - 2016-10-20 18:59 - 00000000 ____D C:\Users\Annie Lee\Documents\Avatar
2016-10-20 18:01 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-20 18:01 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\LocalLow\Cisco
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\Local\Cisco
2016-10-16 15:14 - 2016-10-16 15:15 - 48275464 _____ (Cisco Systems, Inc) C:\Users\Annie Lee\Downloads\CiscoVideoGuard.6.7.exe
2016-10-16 12:07 - 2016-10-23 18:49 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForAnnie Lee.job
2016-10-16 12:07 - 2016-10-23 11:19 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAnnie Lee
2016-09-28 09:20 - 2016-09-28 09:20 - 00013031 _____ C:\Users\Annie Lee\Downloads\Astro Chart.htm
2016-09-28 09:20 - 2016-09-28 09:20 - 00000000 ____D C:\Users\Annie Lee\Downloads\Astro Chart_files
2016-09-27 23:01 - 2016-10-03 08:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-27 23:01 - 2016-09-27 23:01 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-27 23:01 - 2016-09-27 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-27 22:31 - 2016-09-27 22:32 - 22851472 _____ (Malwarebytes ) C:\Users\Annie Lee\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-09-26 19:20 - 2016-09-26 19:20 - 01060087 _____ C:\Users\Annie Lee\Documents\kimretire.hmk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:03 - 2013-12-11 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:21 - 2013-11-15 18:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 20:39 - 2016-04-06 20:38 - 00000374 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job
2016-10-23 20:39 - 2013-09-16 01:02 - 01268459 _____ C:\Windows\WindowsUpdate.log
2016-10-23 19:54 - 2013-11-15 18:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 19:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 18:56 - 2016-08-05 13:25 - 00003118 _____ C:\Windows\System32\Tasks\iolo Process Governor
2016-10-23 12:45 - 2013-09-17 19:53 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\HpUpdate
2016-10-23 10:38 - 2014-01-17 18:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-20 22:28 - 2013-09-16 20:20 - 00000000 ____D C:\Windows\system32\MRT
2016-10-20 22:21 - 2013-09-16 20:20 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-20 22:20 - 2013-09-19 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-20 22:17 - 2013-09-19 20:56 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\SoftGrid Client
2016-10-16 13:03 - 2013-12-11 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-16 13:03 - 2013-09-16 22:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-16 13:03 - 2013-09-16 22:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-16 13:03 - 2013-09-16 22:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-16 13:03 - 2010-09-03 00:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-04 13:49 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 17:23 - 2013-11-15 18:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 17:23 - 2013-11-15 18:26 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-09-28 11:07 - 2013-11-08 23:25 - 00001945 _____ C:\Windows\epplauncher.mif
2016-09-28 11:06 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2014-07-10 17:57 - 2014-07-10 17:57 - 0003584 _____ () C:\Users\Annie Lee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-22 07:26 - 2016-08-22 07:26 - 0000036 _____ () C:\Users\Annie Lee\AppData\Local\housecall.guid.cache
2013-09-17 19:49 - 2013-09-17 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-05-03 10:47 - 2016-05-03 10:53 - 0000304 _____ () C:\ProgramData\hpzinstall.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-09-03 02:23 - 2010-09-03 02:23 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-09-03 02:18 - 2010-09-03 02:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-09-16 01:29 - 2013-09-16 01:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-09-03 02:17 - 2010-09-03 02:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-09-03 02:19 - 2010-09-03 02:23 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-09-16 01:30 - 2013-09-16 01:31 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 10:52

==================== End of FRST.txt ============================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

====================================

Please do NOT create multiple topics.
This time I merged all your topics.

You posted FRST.txt log twice.
I still need Addition.txt log.

You're not saying what's wrong with your computer.
 
Hello, I'm sorry I'm kind of new at this. My CPU usage is running very high even when supposedly idle. If I play a game on Face book it's pegged to 100%. 6 months ago I had a new motherboard installed and I'm not sure if I updated all the drivers properly. For the most part the computer seem a bit slow. I run all my scans and do their fixes. It never finds any virus or malware is it does It is quarantined. Can I copy and paste my Addition.txt here?. Thanks in advance. Anne
 
I'm pretty sure I copied and pasted the Addition.txt file last night. It would have been the last 2 or 3 topics. But I can do it again...let me know. Thanks, Anne.
 
Okay here is Addition-Notepad I'm sorry I thought I aready cut and pasted. Hopefully this is it!
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Cisco) C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-22] (IDT, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1354712 2016-08-30] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [587320 2011-06-14] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\Run: [VideoGuardMonitor] => C:\Users\Annie Lee\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe [4155656 2016-06-29] (Cisco)
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {daf85b93-c0e5-11e3-a56f-e02a8207562a} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e5e705d4-59fc-11e3-adc5-e02a8207562a} - G:\ToolLauncher-Bootstrap.exe
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\MountPoints2: {e9b6173a-56de-11e3-b275-e02a8207562a} - G:\TL_Bootstrap.exe
HKU\S-1-5-18\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-17] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (InSync)] -> {5F4A6070-DB92-4C56-A487-F3850430608F} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Pending)] -> {EE73A341-C788-4A6B-B1EF-DDBFC0F190B6} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [ SncrOverlays (Syncing)] -> {28CDCD88-B179-49D6-8B21-1A9AF9C0AE13} => C:\Program Files\Verizon\Verizon Cloud\x64\Sncr.Overlays.dll [2015-11-24] (Synchronoss Technologies Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\System Mechanic.lnk [2016-08-05]
ShortcutTarget: System Mechanic.lnk -> C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe (iolo technologies, LLC)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{2330AF55-1D6D-4902-A5B2-EBEAC223EC3E}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{92CA435D-5C36-475A-BAF7-283E4B648D18}: [DhcpNameServer] 192.168.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
SearchScopes: HKLM -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> DefaultScope {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {062BA6EE-078E-402D-9ED7-E8017B33E3D5} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {35E12DC9-65B9-4F4E-9146-B9B7A159A684} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {A2C5ED8C-ABC4-414E-9FBE-0965D72F9886} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001 -> {D7296C09-54BF-4E20-A2CA-A98F7422DB95} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-03] (Sun Microsystems, Inc.)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289
FF DefaultSearchEngine.US: Bing
FF Homepage: hxxp://www.msn.com/en-us/?pc=U227&ocid=U227DHP&DT=111514
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-16] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-05] (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @addlive.com/AddLive(v3),version=3.0.16.5 -> C:\Users\Annie Lee\AppData\LocalLow\AddLive_v3\3.0.16.5\npAddLive.dll [2016-06-22] (LiveFoundry Inc.)
FF Plugin HKU\S-1-5-21-2899254803-3239824921-2955042760-1001: @hulu.com/Hulu Desktop -> C:\Users\Annie Lee\AppData\Local\HuluDesktop\instances\0.9.14.1\nphdplg.dll [2010-08-12] (Hulu LLC)
FF Extension: Ebates Cash Back - C:\Users\Annie Lee\AppData\Roaming\Mozilla\Firefox\Profiles\esyq1ljt.default-1460334229289\Extensions\{35d6291e-1d4b-f9b4-c52f-77e6410d1326}.xpi [2016-05-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-10-20]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2016-04-06]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-15]
CHR Extension: (Google Drive) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-15]
CHR Extension: (YouTube) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-15]
CHR Extension: (Google Search) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-15]
CHR Extension: (Google Calendar) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2016-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-15]
CHR Extension: (Gmail) - C:\Users\Annie Lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-15]
==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-09] (Broadcom Corporation.)
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [120888 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-08-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2014-09-17] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [157776 2014-09-17] (Seagate Technology LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170712 2013-08-09] (Broadcom Corporation.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2012-07-26] (EldoS Corporation)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (http://libusb-win32.sourceforge.net)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [32568 2015-07-24] (EldoS Corporation)
S3 SkyhawkeUSBLan; C:\Windows\System32\DRIVERS\btblan.sys [47600 2010-04-15] (Belcarra Technologies)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13920 2016-04-06] ()
S3 vzandnetdiag; C:\Windows\System32\DRIVERS\lgvzandnetdiag64.sys [29696 2013-05-06] (LG Electronics Inc.)
S3 vzandnetmodem; C:\Windows\System32\DRIVERS\lgvzandnetmdm64.sys [36864 2013-05-06] (LG Electronics Inc.)
S3 vzandnetndis; C:\Windows\System32\DRIVERS\lgvzandnetndis64.sys [94208 2013-10-14] (LG Electronics Inc.)
U2 TMAgent; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:10 - 2016-10-23 22:11 - 00022912 _____ C:\Users\Annie Lee\Downloads\FRST.txt
2016-10-23 22:09 - 2016-10-23 22:10 - 00000000 ____D C:\FRST
2016-10-23 22:08 - 2016-10-23 22:09 - 02193920 _____ (Farbar) C:\Users\Annie Lee\Downloads\FRST64.exe
2016-10-23 19:54 - 2016-10-23 19:54 - 00000168 _____ C:\Windows\setupact.log
2016-10-23 19:54 - 2016-10-23 19:54 - 00000000 _____ C:\Windows\setuperr.log
2016-10-20 20:49 - 2016-10-23 10:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-20 18:59 - 2016-10-20 18:59 - 00000000 ____D C:\Users\Annie Lee\Documents\Avatar
2016-10-20 18:01 - 2016-07-22 10:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-20 18:01 - 2016-07-22 10:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\LocalLow\Cisco
2016-10-16 15:16 - 2016-10-16 15:16 - 00000000 ____D C:\Users\Annie Lee\AppData\Local\Cisco
2016-10-16 15:14 - 2016-10-16 15:15 - 48275464 _____ (Cisco Systems, Inc) C:\Users\Annie Lee\Downloads\CiscoVideoGuard.6.7.exe
2016-10-16 12:07 - 2016-10-23 18:49 - 00000348 _____ C:\Windows\Tasks\HPCeeScheduleForAnnie Lee.job
2016-10-16 12:07 - 2016-10-23 11:19 - 00003210 _____ C:\Windows\System32\Tasks\HPCeeScheduleForAnnie Lee
2016-09-28 09:20 - 2016-09-28 09:20 - 00013031 _____ C:\Users\Annie Lee\Downloads\Astro Chart.htm
2016-09-28 09:20 - 2016-09-28 09:20 - 00000000 ____D C:\Users\Annie Lee\Downloads\Astro Chart_files
2016-09-27 23:01 - 2016-10-03 08:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-27 23:01 - 2016-09-27 23:01 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-27 23:01 - 2016-09-27 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-27 23:00 - 2016-09-27 23:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-27 23:00 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-27 23:00 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-09-27 22:31 - 2016-09-27 22:32 - 22851472 _____ (Malwarebytes ) C:\Users\Annie Lee\Downloads\mbam-setup-cnet.35891-2.2.1.1043.exe
2016-09-26 19:20 - 2016-09-26 19:20 - 01060087 _____ C:\Users\Annie Lee\Documents\kimretire.hmk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-23 22:03 - 2013-12-11 17:40 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:27 - 2009-07-14 00:45 - 00023248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:21 - 2013-11-15 18:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 20:39 - 2016-04-06 20:38 - 00000374 _____ C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job
2016-10-23 20:39 - 2013-09-16 01:02 - 01268459 _____ C:\Windows\WindowsUpdate.log
2016-10-23 19:54 - 2013-11-15 18:25 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 19:54 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 18:56 - 2016-08-05 13:25 - 00003118 _____ C:\Windows\System32\Tasks\iolo Process Governor
2016-10-23 12:45 - 2013-09-17 19:53 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\HpUpdate
2016-10-23 10:38 - 2014-01-17 18:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-21 06:40 - 2013-09-19 22:51 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-20 22:28 - 2013-09-16 20:20 - 00000000 ____D C:\Windows\system32\MRT
2016-10-20 22:21 - 2013-09-16 20:20 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-20 22:20 - 2013-09-19 22:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-20 22:17 - 2013-09-19 20:56 - 00000000 ____D C:\Users\Annie Lee\AppData\Roaming\SoftGrid Client
2016-10-16 13:03 - 2013-12-11 17:40 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-16 13:03 - 2013-09-16 22:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-16 13:03 - 2013-09-16 22:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-16 13:03 - 2013-09-16 22:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-16 13:03 - 2010-09-03 00:39 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-04 13:49 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-03 17:23 - 2013-11-15 18:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 17:23 - 2013-11-15 18:26 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-09-28 11:07 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-09-28 11:07 - 2013-11-08 23:25 - 00001945 _____ C:\Windows\epplauncher.mif
2016-09-28 11:06 - 2016-08-22 07:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client

==================== Files in the root of some directories =======

2014-07-10 17:57 - 2014-07-10 17:57 - 0003584 _____ () C:\Users\Annie Lee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-22 07:26 - 2016-08-22 07:26 - 0000036 _____ () C:\Users\Annie Lee\AppData\Local\housecall.guid.cache
2013-09-17 19:49 - 2013-09-17 19:49 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-05-03 10:47 - 2016-05-03 10:53 - 0000304 _____ () C:\ProgramData\hpzinstall.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
2010-09-03 02:23 - 2010-09-03 02:23 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
2010-09-03 02:18 - 2010-09-03 02:19 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-09-16 01:29 - 2013-09-16 01:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
2013-09-16 01:30 - 2013-09-16 01:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
2010-09-03 02:17 - 2010-09-03 02:18 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-09-03 02:19 - 2010-09-03 02:23 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2013-09-16 01:30 - 2013-09-16 01:31 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-15 10:52
 
This is not the right log.
Re-run FRST again.
It'll produce two logs: FRST.txt and Addition.txt.
I need the latter one.
 
Hopefully this what your looking for?

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Annie Lee (2016-10-24 21:49:11)
Running from C:\Users\Annie Lee\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-09-16 03:23:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2899254803-3239824921-2955042760-500 - Administrator - Disabled)
Annie Lee (S-1-5-21-2899254803-3239824921-2955042760-1001 - Administrator - Enabled) => C:\Users\Annie Lee
Guest (S-1-5-21-2899254803-3239824921-2955042760-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2899254803-3239824921-2955042760-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
AddLive(v3) Browser Plugin (HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\AddLive(v3)) (Version: 3.0.16.5 - LiveFoundry Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
American Greetings CreataCard Select 6 (HKLM-x32\...\{9770A25C-45A7-478E-AF50-4FDE53EED270}) (Version: - )
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CaddieSync Express 1.5.14 (HKLM-x32\...\CaddieSync Express) (Version: 1.5.14 - SkyHawke Technologies)
ccc-core-static (x32 Version: 2010.0416.541.8279 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Cisco VideoGuard Player (HKLM-x32\...\{28145961-299d-4f61-88d6-ff9ea46bd919}) (Version: 6.7 - Cisco Systems, Inc)
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{5b45c228-dcb1-4a0b-a9de-3b4b683ef15d}) (Version: 4.1.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hallmark Card Studio 2012 Deluxe (HKLM-x32\...\{8777089A-4CF4-44BA-910B-9A4580669DED}) (Version: 13.0.4.3 - Creative Home)
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{299625B9-6C69-462C-9CEA-8E06D878B1C5}) (Version: 4.0.5.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{7D4318AC-9560-46F0-910F-0B38D6CDC009}) (Version: 1.1.2.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{78F1A88C-5322-4DF7-BDCF-9AB8F5F4041C}) (Version: 1.0.9.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{BB1C717E-376C-4AA1-8940-81BFC38D9778}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{5BF97E02-2F6A-412A-BB4D-B6E2DC65FCA7}) (Version: 5.20.233 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{6C302296-6129-4125-9FD6-2188ECD8814E}) (Version: 4.1.6.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
Hulu Desktop (HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\...\HuluDesktop) (Version: 0.9.14 - Hulu LLC)
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6292.0 - IDT)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LG VZW United Drivers (HKLM-x32\...\{E86DE69E-A94E-41B6-8661-7372FCA1A83C}) (Version: 2.13.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 49.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 en-US)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PaintShop Photo Pro X3 Registration Incentive (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
Seagate Dashboard (HKLM-x32\...\{F1D8690F-06B3-4100-9949-398EA253AC61}) (Version: 3.2.1802.2 - Seagate)
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Mechanic (HKLM-x32\...\InstallShield_{49DCB5CB-235B-4A14-BD8E-1E9FC1B0311C}) (Version: 16.1.0.42 - iolo technologies, LLC)
System Mechanic (x32 Version: 16.1.0.42 - iolo technologies, LLC) Hidden
Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.061 - The New York Times Company)
Times Reader (x32 Version: 2.061 - The New York Times Company) Hidden
UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
Verizon Cloud (HKLM\...\Verizon Cloud) (Version: 15.3.7.8 - Verizon)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{EE296443-E401-43D2-9864-1C63AD8D376E}) (Version: 2.14.0410 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2899254803-3239824921-2955042760-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-09-2016 16:14:54 Windows Update
19-09-2016 14:59:38 Windows Update
20-09-2016 14:24:44 Configured System Mechanic
20-09-2016 14:40:11 Configured System Mechanic
20-09-2016 23:22:36 Windows Update
25-09-2016 12:11:40 Windows Update
28-09-2016 11:05:23 Windows Update
03-10-2016 20:52:05 Windows Update
07-10-2016 09:12:28 Windows Update
20-10-2016 22:18:13 Windows Update
21-10-2016 06:45:34 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-08-19 08:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B649DC-7B88-49EC-872A-0413CF289B86} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {045A0317-4BB2-4A7F-87E1-C9B027E7CD30} - System32\Tasks\ioloSmartUpdater => C:\Program Files (x86)\iolo\System Mechanic\ioloSmartUpdater.exe [2016-09-16] (iolo technologies, LLC)
Task: {0CA0BFBC-5C97-4D16-A7BA-20EFAB618546} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {1A88C284-4C4C-41D4-A590-D08F5E41A940} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-08-31] ()
Task: {1C9F8177-E031-40FB-9880-24AF33874C14} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {1E8D5CDA-A73B-4199-92EF-85FDD8DE9638} - System32\Tasks\{EFE2E0DF-B8C1-4DB2-A853-0F63F1F15731} => pcalua.exe -a G:\InstallSeagateManager.exe -d G:\
Task: {2576F414-AAEE-4F93-AE94-9F988D810973} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {25C0417A-4F1A-461C-9425-ACE98ADF33B4} - System32\Tasks\HP AR Program Upload - a6e1f55f372343868e5b3e46b6bfe10cabb36aa454cc4005a5745b6869086c38 => C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {31386B15-D0D9-4DBA-884C-B8C472891040} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {36A84976-0E16-416E-A5DD-C9D967E03BE2} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2013-02-20] ()
Task: {44051B2C-931B-4FD8-80C7-62FA73792788} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {4432F518-1E58-4B5F-A7A6-07F735F1EE19} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {475A4A2E-9852-4BF1-AD1D-B918258EC01F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {477D0335-6312-4FE4-9899-47D6465517B5} - System32\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
Task: {4C9B2CD6-D87B-43A7-8ADD-5E5C3DB62E84} - System32\Tasks\Annie Lee DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2014-09-17] (Seagate Technology LLC)
Task: {55C38A09-D05B-4C43-B1E1-B23C1D655612} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2014-09-17] (Seagate Technology LLC)
Task: {57FC4C23-B03C-454B-9A27-A9961AC89A70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {585AEB12-A6CA-45E1-8488-9A818538C4C8} - System32\Tasks\Annie Lee1 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-09-17] (Seagate Technology LLC)
Task: {6DBC8E47-C5F7-430E-97B6-A574D8649600} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {83EDC170-6349-463A-B74A-92082EA68C81} - System32\Tasks\HPCeeScheduleForAnnie Lee => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {8A2A321C-FD0A-4353-B451-E8EBEF8CE19F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {91D6C1EC-4915-4196-8E7A-75D42EA06D50} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2016-09-16] (iolo technologies, LLC)
Task: {925A2AA8-6966-4575-BCAA-62CFA681941C} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-03-25] (Microsoft Corporation)
Task: {93AF3862-BE7D-44FD-BEBF-4597D181E8BA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {95BF789A-E1C8-4179-8F5D-0478CB2FB3E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {9CE4D57D-87CE-4ED5-8AC3-F536AB876683} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe [2016-09-16] (iolo technologies, LLC)
Task: {AC7A3036-2950-49FA-B0E0-4ACD311AA6CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-03-20] (Microsoft Corporation)
Task: {B11B9267-A275-4FC5-9A3B-ACF871D87EFB} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-25] (CyberLink)
Task: {B51C98DF-DCFA-41B9-B83A-57352DC7AFBE} - System32\Tasks\{D21898AE-FD32-4D29-9083-EB0F20E18FAA} => pcalua.exe -a "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe" -d C:\Windows\system32
Task: {B63F8206-279F-4A10-A252-E90CF30D4722} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {B6CF989A-78CF-4037-8754-2B59334C2BE8} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B71C92F0-534A-4637-96D7-D41176AB48FE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {C640475A-4E68-4B64-8771-28491728D962} - System32\Tasks\ioloToaster => C:\Program Files (x86)\iolo\System Mechanic\ioloToaster.exe [2016-09-16] (iolo technologies, LLC)
Task: {E82AE93B-37FB-4A59-BB98-92E157757A77} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-08-30] (Microsoft Corporation)
Task: {E873A0FA-D091-4459-BD30-65A9D12EE6F9} - System32\Tasks\Annie Lee1 Merge => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2014-09-17] (Seagate Technology LLC)
Task: {F68519EB-5CD6-44B9-B9D2-8512F0A8747C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-03-20] (Microsoft Corporation)
Task: {FF74CAD9-4864-49AC-A486-CB2E11B8813E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-16] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAnnie Lee.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe

==================== Loaded Modules (Whitelisted) ==============

2010-01-20 19:20 - 2010-01-20 19:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2016-10-16 13:03 - 2016-10-16 13:03 - 19635392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Annie Lee\Documents\Annie Walker.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 1.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 10.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 11.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 12.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 13.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 14.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 15.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 2.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 3.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 4.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 5.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 6.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 7.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 8.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card 9.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\E-card.avi:TOC.WMV
AlternateDataStreams: C:\Users\Annie Lee\Documents\Tanya Thanks.avi:TOC.WMV

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Annie Lee\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Forget Me Not.lnk => C:\Windows\pss\Forget Me Not.lnk.CommonStartup
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: VerizonCloud => C:\Program Files\Verizon\Verizon Cloud\VerizonCloud.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C70A8F1B-6255-436F-A34D-386D68C70B1E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{956D37A3-C816-4092-B512-5EAC6787657C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C492717A-5C9A-4D2C-A4A3-BA8684AB2CB1}] => (Allow) svchost.exe
FirewallRules: [{BA868B56-6F8B-4C06-8C7A-D364E688304A}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{E9406A49-894F-4548-B161-BD58D5CD3EF6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{D10D95B4-2608-4E26-955D-943E9567994D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{DBCE8E7A-EFF1-4707-AB76-7F46BFA79EB5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{ABBE0784-97D8-4930-AD37-BCA1EB277FDE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{9A1FBB7D-F554-49ED-8BDF-9F2B89B3E79B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{24AA8D61-A521-4A30-B884-656D0005B405}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{38D35CBB-A72E-4079-A69C-819F16E6B648}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{01F902E4-13C6-48B8-AD25-13B48771CC1A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{05C36025-79B5-42D3-8136-BE3A8F71463F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{1A115508-7489-4EA2-894C-D89778F66BB0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{43FB7325-4D71-4181-BEA7-24717D3F6E83}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{1339D4B3-C814-4A90-99A5-07DF8D307067}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
FirewallRules: [{BF11FB17-9348-4196-BABB-EC579A1249F2}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{FBDB488B-EA21-45EC-AEB8-E11B7142B351}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{0FFA21BB-8412-4766-8D10-C27196C02B98}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{94C21FB3-57B2-4BCB-B5CA-14EFBD5CF639}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{52EC9F2E-E9AA-4101-8FB5-C042EE591AC6}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{7C03FDDB-1CD4-40AB-AB72-998B12A668AC}C:\program files\verizon cloud\verizon.exe] => (Allow) C:\program files\verizon cloud\verizon.exe
FirewallRules: [UDP Query User{F2BD0414-BEDB-4FE8-9095-1885FE1F90A1}C:\program files\verizon cloud\verizon.exe] => (Allow) C:\program files\verizon cloud\verizon.exe
FirewallRules: [TCP Query User{8C94E785-12A3-431E-A82C-0E60258627A8}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{53925B2E-9653-426D-9E81-CA34267140BB}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [TCP Query User{2FD0B2F3-E57C-4D1E-816D-5EF2B10FF829}C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe] => (Allow) C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe
FirewallRules: [UDP Query User{81E482E9-E9E5-4F92-BB5F-60285D746896}C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe] => (Allow) C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe
FirewallRules: [{6F495731-76EB-4A16-AF2E-270BF15A953B}] => (Block) C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe
FirewallRules: [{535130A4-FF02-4BB3-81F3-639C41D2A721}] => (Block) C:\program files (x86)\skygolf\caddiesync express\caddiesyncexpress.exe
FirewallRules: [TCP Query User{B5251C47-691A-4951-A5CF-84BA442B50B4}C:\program files\verizon cloud\verizon cloud service.exe] => (Block) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [UDP Query User{5FFEEA7D-BB59-4418-AD35-4572E467304C}C:\program files\verizon cloud\verizon cloud service.exe] => (Block) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{2262AB93-8669-4416-947C-B49BC8DA0DF0}] => (Allow) C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{184B76AD-8C71-42DA-829C-ED1A2D68EB1D}] => (Allow) C:\Users\Annie Lee\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{2972F64F-0605-4D62-A6C0-D34C7AD43F35}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{8447185E-7CA5-49D2-B9EC-C9FFD5BC7052}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{1D2B96DF-87B4-46F1-B4CA-3197DA003193}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{E8CBC82B-A8D7-4874-B94A-14F4ADD19CD1}] => (Allow) LPort=8888
FirewallRules: [{823CA12A-2DD1-4F14-A2B9-4850C379B351}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3E334AC9-BBF5-4A70-97B6-19FF04020C29}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{59AB761F-0607-4463-B3FF-85BDE9F50236}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{726B7157-5B85-4E4F-AB6B-2E32CB56708E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1F539854-2028-443A-A292-C3304FC9CD97}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AEE54630-9ED9-4321-AD62-874140D7E3BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{31EA8F9F-1507-4345-B4F3-FC1D976E7782}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A5A848D3-7C00-43F6-8DA5-AD981B225FDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{45ECA376-40E2-44A5-9409-F8E1A21CA14D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{613A5B42-EC8C-4075-B753-CA954125B237}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FC0790DF-AA19-4AA9-82B9-0A4C427DDD38}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DC231899-3E4F-4DD3-9ADF-464A737B8DE2}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [UDP Query User{8AA91B7F-E990-4D50-9B52-78DF9F0245C9}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [{95B2CECD-3153-4011-A22D-AEDB05F9320E}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe
FirewallRules: [{00D39A77-90D3-4934-878C-6DB591A9CBC6}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe
FirewallRules: [{32703C21-3E2C-4C1F-9FEF-26898E5B0443}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe
FirewallRules: [{7AB78B71-F016-4F83-984C-6FE55B6A3297}] => (Allow) C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe
FirewallRules: [{29B71756-DE34-4564-BBFB-B4C817BB4209}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2016 01:05:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2231

Error: (10/24/2016 01:05:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2231

Error: (10/24/2016 01:05:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2016 01:05:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1186

Error: (10/24/2016 01:05:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1186

Error: (10/24/2016 01:05:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2016 12:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2449

Error: (10/24/2016 12:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2449

Error: (10/24/2016 12:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2016 12:52:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1185


System errors:
=============
Error: (10/23/2016 07:55:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.

Error: (10/23/2016 10:44:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (10/23/2016 10:44:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.

Error: (10/23/2016 10:39:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.

Error: (10/21/2016 06:49:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (10/20/2016 09:13:34 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DiagTrack service.

Error: (10/19/2016 03:43:04 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.229.1843.0

Update Source: %NT AUTHORITY59

Update Stage: 4.10.205.00

Source Path: 4.10.205.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608

Error: (10/19/2016 02:59:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Seagate MobileBackup Service service to connect.

Error: (10/19/2016 02:58:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.

Error: (10/19/2016 02:56:56 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.229.1843.0

Update Source: %NT AUTHORITY59

Update Stage: 4.10.205.00

Source Path: 4.10.205.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


==================== Memory info ===========================

Processor: AMD Phenom(tm) II N640 Dual-Core Processor
Percentage of memory in use: 61%
Total physical RAM: 5882.9 MB
Available physical RAM: 2276.4 MB
Total Virtual: 11763.99 MB
Available Virtual: 7946.12 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:677.05 GB) (Free:573.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:21.29 GB) (Free:3.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2FA17596)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=677 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End of Addition.txt ============================
 
This is correct :)

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

Already installed:
2.0 Threat Scan
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs:
(Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • To open a Cleaning log, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Okay can I leave this window open or should I print everything so I can close it? Should I also close all the notepad windows too?
 
Haha figured out that I couldn't close this window! This is taking a while so I'll probably only get through the RogueKiller tonight. Thanks for your patience with me and your help so far!
 
RogueKiller V12.7.4.0 (x64) [Oct 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Annie Lee [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 10/24/2016 22:35:45 (Duration : 01:13:35)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\driverscanner -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities, Inc. -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Uniblue -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[PUP] %WINDIR%\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe ( /doScheduledScan) -> Not selected
[PUP] \SlimCleaner Plus (Scheduled Scan - Annie Lee) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (/doScheduledScan) -> Not selected

¤¤¤ Files : 5 ¤¤¤
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\DriverCure -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Roaming\DriverCure\LogFile.txt -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\ignores.dat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images\acer.png -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-29 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-41 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 20-37-18 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 22-26-37 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 23-36-04 0.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\rupdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\settings.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\supdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.cat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.inf -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.sys -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044741290199732.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044743037389665.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage-journal -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\cookiefilter.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\settings -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\License_Time.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\RB.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\tfn.xml -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue\DriverScanner -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HN-M750MBB ATA Device +++++
--- User ---
[MBR] d9884192f1c37244b004b70e180bae14
[BSP] a72c9303ff0b2f607b85b1ac3eed0372 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 693299 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1420285952 | Size: 21802 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Photosmart 5520 USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

RogueKiller V12.7.4.0 (x64) [Oct 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Annie Lee [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 10/24/2016 22:35:45 (Duration : 01:13:35)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\driverscanner -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities, Inc. -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Uniblue -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[PUP] %WINDIR%\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe ( /doScheduledScan) -> Not selected
[PUP] \SlimCleaner Plus (Scheduled Scan - Annie Lee) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (/doScheduledScan) -> Not selected

¤¤¤ Files : 5 ¤¤¤
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\DriverCure -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Roaming\DriverCure\LogFile.txt -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\ignores.dat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images\acer.png -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-29 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-41 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 20-37-18 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 22-26-37 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 23-36-04 0.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\rupdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\settings.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\supdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.cat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.inf -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.sys -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044741290199732.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044743037389665.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage-journal -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\cookiefilter.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\settings -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\License_Time.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\RB.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\tfn.xml -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue\DriverScanner -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HN-M750MBB ATA Device +++++
--- User ---
[MBR] d9884192f1c37244b004b70e180bae14
[BSP] a72c9303ff0b2f607b85b1ac3eed0372 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 693299 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1420285952 | Size: 21802 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Photosmart 5520 USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

RogueKiller V12.7.4.0 (x64) [Oct 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Annie Lee [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 10/24/2016 22:35:45 (Duration : 01:13:35)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\driverscanner -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities, Inc. -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Uniblue -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[PUP] %WINDIR%\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe ( /doScheduledScan) -> Not selected
[PUP] \SlimCleaner Plus (Scheduled Scan - Annie Lee) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (/doScheduledScan) -> Not selected

¤¤¤ Files : 5 ¤¤¤
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\DriverCure -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Roaming\DriverCure\LogFile.txt -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\ignores.dat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images\acer.png -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-29 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-41 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 20-37-18 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 22-26-37 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 23-36-04 0.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\rupdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\settings.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\supdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.cat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.inf -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.sys -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044741290199732.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044743037389665.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage-journal -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\cookiefilter.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\settings -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\License_Time.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\RB.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\tfn.xml -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue\DriverScanner -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HN-M750MBB ATA Device +++++
--- User ---
[MBR] d9884192f1c37244b004b70e180bae14
[BSP] a72c9303ff0b2f607b85b1ac3eed0372 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 693299 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1420285952 | Size: 21802 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Photosmart 5520 USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
RogueKiller V12.7.4.0 (x64) [Oct 24 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Annie Lee [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 10/24/2016 22:35:45 (Duration : 01:13:35)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 12 ¤¤¤
[PUP] (X64) HKEY_CLASSES_ROOT\driverscanner -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\SlimWare Utilities, Inc. -> Not selected
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Uniblue -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X64) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\SlimWare Utilities Inc -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\USyndication -> Not selected
[PUP] (X86) HKEY_USERS\S-1-5-21-2899254803-3239824921-2955042760-1001\Software\usyndication.com -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\SWDUMon (system32\DRIVERS\SWDUMon.sys) -> Not selected

¤¤¤ Tasks : 2 ¤¤¤
[PUP] %WINDIR%\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe ( /doScheduledScan) -> Not selected
[PUP] \SlimCleaner Plus (Scheduled Scan - Annie Lee) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (/doScheduledScan) -> Not selected

¤¤¤ Files : 5 ¤¤¤
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\DriverCure -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Roaming\DriverCure\LogFile.txt -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Roaming\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\ignores.dat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images\acer.png -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Images -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-29 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 14-19-41 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 20-37-18 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 22-26-37 0.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs\2016-04-06 23-36-04 0.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\Logs -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\rupdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\settings.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\supdates.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.cat -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.inf -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate\SWDUMon.sys -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\DriverUpdate -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044741290199732.log -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers\US-131044743037389665.log -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\Installers -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage\ui_main_0.localstorage-journal -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache\Local Storage -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\Cache -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\cookiefilter.db -> Deleted
[PUP][File] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus\settings -> Deleted
[PUP][Folder] C:\Users\Annie Lee\AppData\Local\SlimWare Utilities Inc\SlimCleaner Plus -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\License_Time.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\RB.rdat -> Deleted
[PUP][File] C:\ProgramData\ParetoLogic\RegCure Pro\tfn.xml -> Deleted
[PUP][Folder] C:\ProgramData\ParetoLogic\RegCure Pro -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue -> Deleted
[PUP][Folder] C:\ProgramData\Uniblue\DriverScanner -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HN-M750MBB ATA Device +++++
--- User ---
[MBR] d9884192f1c37244b004b70e180bae14
[BSP] a72c9303ff0b2f607b85b1ac3eed0372 : HP|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 199 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 409600 | Size: 693299 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1420285952 | Size: 21802 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: HP Photosmart 5520 USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

I think I got them all. I'll do more scans tomorrow! Thanks again!
 
Ugh, I'm not sure now that I got them all. Every time I click on the header the notepad file changes. I saved everything so if I didn't include something let me know. Thanks for working with a beginner like me!
 
I think this is the report you want from Malwarebytes Anti-Malware
<?xml version="1.0" encoding="UTF-16"?>
-<mbam-log> -<header> <date>2016/10/25 09:00:12 -0400</date> <logfile>mbam-log-2016-10-25 (09-00-08).xml</logfile> <isadmin>yes</isadmin> </header> -<engine> <version>2.2.1.1043</version> <malware-database>v2016.10.25.08</malware-database> <rootkit-database>v2016.09.26.02</rootkit-database> <license>trial</license> <file-protection>enabled</file-protection> <web-protection>enabled</web-protection> <self-protection>disabled</self-protection> </engine> -<system> <hostname>ANNIELEE-HP</hostname> <ip>192.168.254.27</ip> <osversion>Windows 7 Service Pack 1</osversion> <arch>x64</arch> <username>Annie Lee</username> <filesys>NTFS</filesys> </system> -<summary> <type>threat</type> <result>completed</result> <objects>354942</objects> <time>1666</time> <processes>0</processes> <modules>0</modules> <keys>4</keys> <values>1</values> <datas>0</datas> <folders>0</folders> <files>2</files> <sectors>0</sectors> </summary> -<options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>disabled</rootkits> <deeprootkit>disabled</deeprootkit> <heuristics>enabled</heuristics> <pup>enabled</pup> <pum>enabled</pum> </options> -<items> -<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{477D0335-6312-4FE4-9899-47D6465517B5}</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>delete-on-reboot</action><hash>54189c01e5b5da5cf2515fb127deb947</hash></key> -<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SlimCleaner Plus (Scheduled Scan - Annie Lee)</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>delete-on-reboot</action><hash>5715801da1f923134ffb1cf44cb9d32d</hash></key> -<key><path>HKLM\SOFTWARE\WOW6432NODE\SlimWare Utilities, Inc.</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>success</action><hash>c8a42d70c4d637ff5884ea21e2233bc5</hash></key> -<key><path>HKU\S-1-5-21-2899254803-3239824921-2955042760-1001\SOFTWARE\SlimWare Utilities Inc</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>success</action><hash>620a128be5b55ed829b244c7bf46867a</hash></key> -<value><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{477D0335-6312-4FE4-9899-47D6465517B5}</path><valuename>Path</valuename><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>delete-on-reboot</action><valuedata>\SlimCleaner Plus (Scheduled Scan - Annie Lee)</valuedata><hash>54189c01e5b5da5cf2515fb127deb947</hash></value> -<file><path>C:\Windows\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee).job</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>success</action><hash>f5771e7f7f1b0630f00a9a6c976eb24e</hash></file> -<file><path>C:\Windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan - Annie Lee)</path><vendor>PUP.Optional.SlimCleanerPlus</vendor><action>success</action><hash>b9b3693433671c1a0f3062ae4fb6f010</hash></file> </items> </mbam-log>
 
Ugh, I'm getting confused, hopefully this is what you need.

<?xml version="1.0" encoding="UTF-8"?>
-<logs> <record subtype="Malware Protection" result="Starting" last_modified_tag="2bcdfd81-a4af-4957-8a4d-2b810493905d" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:08.343745-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malware Protection" result="Started" last_modified_tag="839da2e2-8f4c-4f63-b6f3-f930dcf1ff47" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:08.385747-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="df99cab2-7b58-42f4-a707-dd6ef02d5e64" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:08.533756-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="14b8bf1d-8625-4ac8-85d0-b578f1645d70" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:10.954894-04:00" LoggingEventType="2" severity="debug"/> <record last_modified_tag="de7c116f-3323-4609-aa21-9ecf1a142fc1" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Manual" datetime="2016-10-25T08:59:44.649821-04:00" LoggingEventType="1" severity="debug" toVersion="2016.9.21.1" name="Remediation Database" fromVersion="2016.2.12.1"/> <record last_modified_tag="add20d32-b714-46a1-a73e-71fd17ffc03b" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Manual" datetime="2016-10-25T08:59:45.404865-04:00" LoggingEventType="1" severity="debug" toVersion="2016.9.26.2" name="Rootkit Database" fromVersion="2016.2.8.1"/> <record last_modified_tag="d8005be9-4651-45b0-b4ab-4afc8779f56a" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Manual" datetime="2016-10-25T08:59:46.079903-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.1" name="IP Database" fromVersion="2016.2.8.1"/> <record last_modified_tag="f4aa1a61-5a12-42aa-a74f-b2a5763670da" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Manual" datetime="2016-10-25T08:59:47.229969-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.24.5" name="Domain Database" fromVersion="2016.2.16.8"/> <record last_modified_tag="17b5e174-7e0b-4ea3-8cbf-7f5b6e46f527" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Manual" datetime="2016-10-25T08:59:53.063303-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.8" name="Malware Database" fromVersion="2016.2.16.6"/> <record subtype="Refresh" result="Starting" last_modified_tag="69743d07-83f2-44b3-9256-293e57b51356" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:53.150308-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="ed26e5fc-1353-42bb-b7a6-6625c9bfbce8" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:53.177309-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="92e8310c-128b-443f-8741-49781622e799" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T08:59:53.619334-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Refresh" result="Success" last_modified_tag="dc384ca8-04e3-4ddb-922c-eb3059183c29" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:00:00.422724-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="310efcc6-54b2-492d-89b8-c7b2a85ffffd" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:00:00.486727-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="418bc442-77ac-494f-b830-41429b27b044" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:00:02.839862-04:00" LoggingEventType="2" severity="debug"/> <record last_modified_tag="783636a3-d2eb-4acc-bf6d-ed1f57b39336" systemname="ANNIELEE-HP" username="SYSTEM" type="Scan" source="Manual" datetime="2016-10-25T09:30:04.286234-04:00" LoggingEventType="6" severity="debug" scanresult="completed" nonmalwaredetections="14" malwaredetections="0" duration="1666" starttime="2016-10-25T09:00:12-04:00" scantype="threat"/> <record subtype="Malware Protection" result="Starting" last_modified_tag="47d1de2e-df8f-45fd-b68f-fdf5a15377fc" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:35:54.798721-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malware Protection" result="Started" last_modified_tag="16a73de9-4847-4790-bcec-74c43563ecb2" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:35:54.861121-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="83691356-15ae-4a9d-9eaa-03df9c4ef83c" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:35:54.954721-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="9075f336-061d-47aa-a101-af18ef01ca1a" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T09:36:40.943601-04:00" LoggingEventType="2" severity="debug"/> <record last_modified_tag="4ba95d79-d416-40eb-a414-5ce941f4af60" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T10:06:05.622919-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.9" name="Malware Database" fromVersion="2016.10.25.8"/> <record subtype="Refresh" result="Starting" last_modified_tag="bf6f8f29-bc09-43dc-a95d-6d95be98bc73" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:05.654119-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="561ba7a3-5570-4aff-b176-858f4599f5cc" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:05.669719-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="24867b51-1965-4062-8d2d-c5316bfb5aab" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:06.184520-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Refresh" result="Success" last_modified_tag="ea4b3c27-1a26-420b-9903-036d29f6b80c" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:37.790175-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="feb0f640-9b5d-4303-b9a9-53bffc7219ed" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:37.821376-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="add329cf-9ba6-4843-ad97-2a69b50dc89a" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T10:06:40.223780-04:00" LoggingEventType="2" severity="debug"/> <record last_modified_tag="cefc64f6-7c2d-4d21-85f8-8267c9dd49fc" systemname="ANNIELEE-HP" username="SYSTEM" type="Scan" source="Manual" datetime="2016-10-25T10:36:46.186966-04:00" LoggingEventType="6" severity="debug" scanresult="completed" nonmalwaredetections="0" malwaredetections="0" duration="2893" starttime="2016-10-25T09:48:32-04:00" scantype="threat"/> <record last_modified_tag="f4697ed5-6396-412c-acf7-bb5b41b17c16" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T11:02:52.104052-04:00" LoggingEventType="1" severity="debug" message="Failed" code="No Internet connection detected"/> <record last_modified_tag="56b47881-bd05-402f-b0a4-948368223de0" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T11:06:02.080586-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.10" name="Malware Database" fromVersion="2016.10.25.9"/> <record subtype="Refresh" result="Starting" last_modified_tag="55a34895-7032-4029-b7ef-7196818fe2cf" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:02.204593-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="df22fbe1-11fb-4445-a0ac-3461a7a94728" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:02.234595-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="8c2da0fe-777f-421a-b121-b91df6826b45" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:02.866631-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Refresh" result="Success" last_modified_tag="e625d6a9-34ff-463a-9c2a-c0c7d53c0121" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:21.636704-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="06459547-d1b5-4d32-895b-49c0731f9096" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:21.695708-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="aae4b419-ce3d-443c-a93a-5c64e726cac7" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T11:06:25.384919-04:00" LoggingEventType="2" severity="debug"/> <record last_modified_tag="feae9c7d-f417-400f-b014-2bcff9acc546" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T13:23:15.563003-04:00" LoggingEventType="1" severity="debug" message="Failed" code="No Internet connection detected"/> <record last_modified_tag="32e111db-3b81-4209-9a37-2c1aa57f70e1" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T13:26:21.021528-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.2" name="IP Database" fromVersion="2016.10.25.1"/> <record last_modified_tag="70f92c50-e665-49a6-8259-c5368a86e304" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T13:26:22.091589-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.1" name="Domain Database" fromVersion="2016.10.24.5"/> <record last_modified_tag="71707f25-e3c1-46b9-afb2-ad58a8207203" systemname="ANNIELEE-HP" username="SYSTEM" type="Update" source="Scheduler" datetime="2016-10-25T13:26:26.564845-04:00" LoggingEventType="1" severity="debug" toVersion="2016.10.25.11" name="Malware Database" fromVersion="2016.10.25.10"/> <record subtype="Refresh" result="Starting" last_modified_tag="593757e8-e013-40b3-b1ec-dd0b3fad73ab" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:26.650850-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopping" last_modified_tag="e58c28f8-bd74-4595-b1a6-dbecf498fa4d" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:26.671851-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Stopped" last_modified_tag="5f4999f0-61d8-45ae-bb95-fee9e215eac0" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:27.160879-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Refresh" result="Success" last_modified_tag="32a3fb82-a554-4c48-841c-54981bb62c76" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:33.951267-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Starting" last_modified_tag="d78be42b-3e23-462a-9d8b-084ff82185f0" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:33.976269-04:00" LoggingEventType="2" severity="debug"/> <record subtype="Malicious Website Protection" result="Started" last_modified_tag="72882f17-fa03-4f39-8c1b-f72ae5c3a98d" systemname="ANNIELEE-HP" username="SYSTEM" type="Protection" source="Protection" datetime="2016-10-25T13:26:36.447410-04:00" LoggingEventType="2" severity="debug"/> </logs>
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
796
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back