A problem with "Hostappservice.exe."

R

Rodge

New Member
So here is the issue, I share a computer with my family. There is chance one of them accidentally deleted it, or maybe something else happened, but the program appears to be gone. I have Windows 8, whenever I try to use the start menu I get an error report "The item 'HostAppService.exe' that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly."

I don't really know anything about this program. I did do a google search but not everything I found matched my problem. For example, one site claimed other programs would stop working, so far everything else works fine. No problems at all beyond the annoyance. Some sites seem to think I could just download a new one, but if the old one is still there I'm a bit concerned something bad could happen, like while running two antiviruses.

So, guys, what it the correct way to handle my problem, and is there anything else you need to know so we can figure this out?
 
johnb35

johnb35

Administrator
Staff member
If I remember correctly, this is malware from pokki. Did you by chance install the start menu program from pokki? There is a few things you can try.

1. System restore back to day before the start menu program was installed.

2. Run the sfc \scannow command at the command prompt.

3. Download and install classic shell which will give you a good start menu program.

I can help you later when I get home to remove any malware you may have.

@voyagerfan99. Would you be so kind to post the instructions since I'm on my phone? Thanks.
 
R

Rodge

New Member
I didn't download it, I don't think anyone in the family did either. I do not know how to do options one or two, where would I find the shell at?
 
voyagerfan99

voyagerfan99

Master of Turning Things Off and Back On Again
Staff member
1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

So in your original thread asking for help, please give us a short description of what the problem is and then post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL
 
R

Rodge

New Member
Ran into a minor problem. Malewarebytes did not leave a report to be posted, but other than that it did delete several PUPs, so everything is running smoothly. In order, here are the reports I do have:

# Database : 2015-11-03.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Tonja - BARNETT_PC
# Running from : C:\Users\Tonja\Downloads\AdwCleaner(1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : RadioRage_4jService
[-] Service Deleted : InternetSpeedTracker_9tService
[!] Service Not Deleted : RadioRage_4jService

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\slimcleaner plus
[-] Folder Deleted : C:\Program Files (x86)\InternetSpeedTracker_9t
[-] Folder Deleted : C:\Program Files (x86)\RadioRage_4j
[-] Folder Deleted : C:\ProgramData\slimware utilities inc
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\slimcleaner plus
[-] Folder Deleted : C:\Users\Tonja\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Tonja\AppData\Local\InternetSpeedTracker_9t
[-] Folder Deleted : C:\Users\Tonja\AppData\Local\RadioRage_4j
[-] Folder Deleted : C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec
[-] Folder Deleted : C:\Users\Tonja\AppData\LocalLow\iac
[-] Folder Deleted : C:\Users\Tonja\AppData\LocalLow\InternetSpeedTracker_9t
[-] Folder Deleted : C:\Users\Tonja\AppData\LocalLow\RadioRage_4j
[#] Folder Deleted : C:\windows\SysNative\Tasks\pokki

***** [ Files ] *****

[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk
[-] File Deleted : C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_homepage-web.com_0.localstorage
[-] File Deleted : C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_homepage-web.com_0.localstorage-journal
[-] File Deleted : C:\Users\Tonja\AppData\Roaming\Mozilla\Firefox\Profiles\ctm73tzd.default\searchplugins\Web Search.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : Pokki

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
[-] Key Deleted : HKCU\Software\Classes\AppID\npPokkiDownloadHelper.dll
[-] Key Deleted : HKCU\Software\Classes\Pokki.PokkiDownloadHelper
[-] Key Deleted : HKCU\Software\Classes\Pokki.PokkiDownloadHelper.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector
[-] Key Deleted : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.FeedManager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLMenu.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.HTMLPanel.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.MultipleButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.PseudoTransparentPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ScriptButton.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.SettingsPlugin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ThirdPartyInstaller.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector
[-] Key Deleted : HKLM\SOFTWARE\Classes\RadioRage_4j.ToolbarProtector.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage EPM Support]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage AppIntegrator 32-bit]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage AppIntegrator 64-bit]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [RadioRage Search Scope Monitor]
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\edmgmpmklgfbohogafcfobonnkogchec
[-] Key Deleted : HKCU\Software\Classes\CLSID\{3c35ad63-af1d-4e21-b484-b6651a8efcf9}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{b287e6b2-868b-4ac1-acce-c69eb5fd29d1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10273591-D084-4328-A7D0-49E051FCDE7B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48909954-14FB-4971-A7B3-47E7AF10B38A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E23760BE-23A3-4CEF-9304-66AF079F53DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00d567a7-288b-452a-86d9-4fa0f9b016c7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07A3B0CA-D7F7-4B0B-923D-CE2443924B9A}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{10273591-d084-4328-a7d0-49e051fcde7b}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11d4b723-18ca-48c6-ba13-965488f19a70}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2d8d602c-3f3a-4e10-8de0-649e53fbd8b3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3bb92c80-a0a8-4fe7-a687-84f0eab37857}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{481dd1d9-2619-4136-bead-8766ae46542d}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4e32a64d-a039-4be1-a529-736c30c4dff2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{53855564-cf81-410c-9c1c-321c7e067816}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{581C7D7D-F809-4E03-A631-74C069D5F04A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5e694d07-1b76-414b-a9bc-e9e587d9ea37}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63e0b5d3-81e0-4fcf-a195-71c7c73e16db}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6562e272-88e1-4dff-8ff8-fe1a05323d36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{936cbb2c-016a-4ed4-ab0d-4959192cfd02}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9638b7d6-11f5-4406-b387-327642a11ffb}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b62fecee-b019-42aa-aefb-9f8d07b22de1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{be096679-462a-4ffc-aa06-744a9f2f9982}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{d740ad89-baf4-47d5-9b5e-343d30f07a7a}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{e23760be-23a3-4cef-9304-66af079f53db}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e6ad866f-ea06-476a-8432-ed943683fab1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e92307ff-fbe1-4fc0-a578-3e24556c68cf}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{eba23a0b-4d36-4a6d-b165-82c666042145}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ecef0d95-32fa-48d3-8a2d-d6453b5b7361}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f296aa45-8bb3-4ad4-a29e-95d1fd51aec2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f69fe1be-09c3-460c-ac89-8ccd9d3df1cc}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f706e19b-6c14-4272-ba98-2f16636a898d}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1448C6E-0452-4550-B852-A1CE666D4907}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A93A372A-0AD5-4939-A228-7F4152124EA6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC73709C-65EF-462E-A665-D893C2655BA3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B47151A4-CF8B-4481-A41A-BCF127431C01}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B693EEE5-7B41-43A0-B579-C246CA7BAA0F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4C6D911-00C3-4B4C-A13B-F1DC381CB8E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE54BA06-C150-4BF3-B3F3-D156767FBA12}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F13A0006-F3A9-4778-B8F1-6BD167475531}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F2B8FCF4-73EA-4D12-AAFE-72909AFBA0A4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B5E21-57B6-4527-8863-6221854EDAA6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2FDB59A0-4024-4CED-94CF-B01E217DE4E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{30AE6757-B1D4-4CD5-8FEC-A9B6A545EF64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{367DFE4B-7078-41FE-B1DD-6A6318C7DFF9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37B204F8-CD97-409B-BDBF-41C0EC0DFF24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{38C1B7DA-9876-4DEA-B740-19C4F57CE8E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3C8E293A-99C8-45E1-93A3-77DAB6BB7928}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4BC4F393-2C30-43DE-A988-7DE5068012A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{516434A0-985D-4312-843C-C92B3E19FC2D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{65267FD2-5B4E-48F7-A918-8E2697AEBB39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6D32BB6F-7969-48BF-836A-C14CDFC72D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E1CC883-54EB-47D3-96BC-B586CB8C2BD9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AFA5495-6C01-4BB8-AE21-C3BD6AB2F17C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7F4213DE-5338-46E9-A61B-D9A63A8513E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E505161-C877-49F5-82CA-D2FF0B72862C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A126B97A-C84F-40EE-B9D0-1276892A879E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0978C5FA-83C0-4118-A54F-99DACCEECB8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0B6C9E5C-4E2D-4874-BC84-4A6178E8E179}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDAD7F1-B87C-4E79-9150-DE235FF80B3A}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{395C94B1-59E6-4C65-8AF2-0F6763BC70A6}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A50E810-71EB-43A8-A665-19ED8CCD1630}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4DD9EB5D-8657-4856-A804-535841B09D73}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{569A9014-22E3-4F11-A243-CA4E3D95ADED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{597494DA-C59F-4EDF-B2D1-CE137E2DB9E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5E5E0B49-1A81-4ACC-BD6B-FF5F4EFEF01A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{66691CF9-BE04-4664-9958-774EA58A8039}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6EF3ED22-5CE4-40EB-97A3-B8A60CED84E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7268E224-5711-4D24-9373-C54C5E39F833}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7854DF3B-5246-40EB-B52E-3EE3BFD1149E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{88595127-B268-427C-B7A3-E67801771A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A3614301-8936-4D32-ABAE-CA34B3FA4B50}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A96EB167-03B0-4EA8-A67F-D6A86458F47A}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B872D222-3F52-4CD9-A4BE-9D69EE4F293D}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D0E90465-CF35-480D-B520-E1E3BDE802F5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DD9E9D8C-8FDE-47A9-88A5-142AF39C6256}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E573258A-2343-4054-A145-7BF0358F8B09}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48909954-14FB-4971-A7B3-47E7AF10B38A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5848763c-2668-44ca-adbe-2999a6ee2858}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48909954-14FB-4971-A7B3-47E7AF10B38A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e32a64d-a039-4be1-a529-736c30c4dff2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5848763c-2668-44ca-adbe-2999a6ee2858}
[!] Key Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78ba36c9-6036-482b-b48d-ecca6f964b84}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9638b7d6-11f5-4406-b387-327642a11ffb}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48909954-14FB-4971-A7B3-47E7AF10B38A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5848763c-2668-44ca-adbe-2999a6ee2858}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78ba36c9-6036-482b-b48d-ecca6f964b84}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60B34F47-3FDD-46F8-AB6C-AAABEA55C3D6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07A3B0CA-D7F7-4B0B-923D-CE2443924B9A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4e32a64d-a039-4be1-a529-736c30c4dff2}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{581C7D7D-F809-4E03-A631-74C069D5F04A}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60b34f47-3fdd-46f8-ab6c-aaabea55c3d6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63e0b5d3-81e0-4fcf-a195-71c7c73e16db}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{68122f44-3a4a-4edb-b28f-0c0e07f89bd0}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9638b7d6-11f5-4406-b387-327642a11ffb}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{be096679-462a-4ffc-aa06-744a9f2f9982}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e92307ff-fbe1-4fc0-a578-3e24556c68cf}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f706e19b-6c14-4272-ba98-2f16636a898d}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5731AB1-8566-4441-AEFB-9AFB2EEA63D9}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75685C45-50A6-4939-90E6-80B9BA5869E3}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{481dd1d9-2619-4136-bead-8766ae46542d}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53855564-cf81-410c-9c1c-321c7e067816}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{78ba36c9-6036-482b-b48d-ecca6f964b84}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{78ba36c9-6036-482b-b48d-ecca6f964b84}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{3c35ad63-af1d-4e21-b484-b6651a8efcf9}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{b287e6b2-868b-4ac1-acce-c69eb5fd29d1}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{48909954-14FB-4971-A7B3-47E7AF10B38A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5848763c-2668-44ca-adbe-2999a6ee2858}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{665cb5b7-4c3b-4995-8cec-1f4d5860edc9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{78ba36c9-6036-482b-b48d-ecca6f964b84}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{cc28794a-99d4-4b1b-bccf-b065ce5f9feb}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A25AA6E2-1CDE-4D0F-A5D4-4898D7FB3C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A1448C6E-0452-4550-B852-A1CE666D4907}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5C9CB1C-1C0A-45A2-81CC-1DD342D0A478}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A93A372A-0AD5-4939-A228-7F4152124EA6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC73709C-65EF-462E-A665-D893C2655BA3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B47151A4-CF8B-4481-A41A-BCF127431C01}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B693EEE5-7B41-43A0-B579-C246CA7BAA0F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4C6D911-00C3-4B4C-A13B-F1DC381CB8E9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE54BA06-C150-4BF3-B3F3-D156767FBA12}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F13A0006-F3A9-4778-B8F1-6BD167475531}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F2B8FCF4-73EA-4D12-AAFE-72909AFBA0A4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FA7B5E21-57B6-4527-8863-6221854EDAA6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2FDB59A0-4024-4CED-94CF-B01E217DE4E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{30AE6757-B1D4-4CD5-8FEC-A9B6A545EF64}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{367DFE4B-7078-41FE-B1DD-6A6318C7DFF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{37B204F8-CD97-409B-BDBF-41C0EC0DFF24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{38C1B7DA-9876-4DEA-B740-19C4F57CE8E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3C8E293A-99C8-45E1-93A3-77DAB6BB7928}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4BC4F393-2C30-43DE-A988-7DE5068012A6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{516434A0-985D-4312-843C-C92B3E19FC2D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5442736B-E379-4668-AC30-7F39B3581875}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{65267FD2-5B4E-48F7-A918-8E2697AEBB39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{667C8B81-0B61-48F6-B7B9-60AA8242E6DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6D32BB6F-7969-48BF-836A-C14CDFC72D72}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6E1CC883-54EB-47D3-96BC-B586CB8C2BD9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AFA5495-6C01-4BB8-AE21-C3BD6AB2F17C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7F4213DE-5338-46E9-A61B-D9A63A8513E3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E505161-C877-49F5-82CA-D2FF0B72862C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A126B97A-C84F-40EE-B9D0-1276892A879E}
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\InternetSpeedTracker_9t
[-] Key Deleted : HKCU\Software\RadioRage_4j
[-] Key Deleted : HKCU\Software\AppDataLow\Software\InternetSpeedTracker_9t
[-] Key Deleted : HKCU\Software\AppDataLow\Software\RadioRage_4j
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\InternetSpeedTracker_9t
[-] Key Deleted : HKLM\SOFTWARE\RadioRage_4j
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InternetSpeedTracker_9tbar Uninstall Internet Explorer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RadioRage_4jbar Uninstall Internet Explorer
[-] Key Deleted : [x64] HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6D4E0E90-C6A3-11E4-833D-40A8F056C4FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{110a9ea2-8810-4c04-b916-cfd4e9427fec}

***** [ Web browsers ] *****

[-] [C:\Users\Tonja\AppData\Roaming\Mozilla\Firefox\Profiles\ctm73tzd.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultenginename", "Web Search");
[-] [C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : homepage-web.com
[-] [C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : edmgmpmklgfbohogafcfobonnkogchec
[-] [C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://homepage-web.com/?s=online&m=home

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23956 bytes] ##########




~~ Services

Successfully deleted: [Service] slimservice [Reboot required]



~~~ Tasks

Successfully deleted: [Task] C:\windows\system32\tasks\
SlimCleaner Plus (Scheduled Scan - Tonja)
Successfully deleted: [Task] C:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Tonja).job



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\slimcleaner plus



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9e28b297-11d4-4293-aa6f-558658ee66ae}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0F2F4310-9D66-484D-9A39-039AC7EADBFB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7F1EB4F3-FED7-4E5D-A36C-FA69FE870CBB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7F1EB4F3-FED7-4E5D-A36C-FA69FE870CBB}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9e28b297-11d4-4293-aa6f-558658ee66ae}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9e28b297-11d4-4293-aa6f-558658ee66ae}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Tonja\Appdata\Local\downloaded installers
Successfully deleted: [Folder] C:\Users\Tonja\Appdata\LocalLow\internetspeedtracker_9tei
Successfully deleted: [Folder] C:\Users\Tonja\Appdata\LocalLow\radiorage_4jei



~~~ FireFox

Successfully deleted the following from C:\Users\Tonja\AppData\Roaming\mozilla\firefox\profiles\ctm73tzd.default\prefs.js

user_pref(browser.search.defaultenginename.US, Secure Search);
user_pref(browser.search.order.1, Secure Search);
user_pref(browser.search.selectedEngine, Secure Search);
Emptied folder: C:\Users\Tonja\AppData\Roaming\mozilla\firefox\profiles\ctm73tzd.default\minidumps [57 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Tonja\Appdata\Local\Google\Chrome\User Data\Default\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\lmmhpfbhngkongobaoibpmnijjokabmj

[C:\Users\Tonja\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Tonja\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Tonja\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Tonja\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
lmmhpfbhngkongobaoibpmnijjokabmj
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/05/2015 at 13:29:45.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


OTL logfile created on: 11/5/2015 2:14:18 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tonja\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18053)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.45 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 59.25% Memory free
4.32 Gb Paging File | 2.65 Gb Available in Paging File | 61.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.69 Gb Total Space | 398.88 Gb Free Space | 88.70% Space Free | Partition Type: NTFS
Drive D: | 14.59 Gb Total Space | 1.81 Gb Free Space | 12.39% Space Free | Partition Type: NTFS

Computer Name: BARNETT_PC | User Name: Tonja | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Tonja\Downloads\OTL.
exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
PRC - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
PRC - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windstream Support Center\9.0.1.51\ma\bin\node.exe (Joyent, Inc)
PRC - C:\Program Files (x86)\Windstream Support Center\9.0.1.51\ma\bin\MAHostService.exe (Alcatel-Lucent)
PRC - C:\Program Files (x86)\Common Files\Motive\pcContextHookShim.exe (Alcatel-Lucent)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
PRC - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
PRC - c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
PRC - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
PRC - C:\Program Files (x86)\Windstream\Service Agent\Windstream Service AgentComHandler.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe (Windstream)
PRC - C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe (Windstream)
PRC - C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe (Windstream)


========== Modules (No Company Name) ==========

MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.XDocument\8f752a7e3dc09c21a423d42717d612ab\System.Xml.XDocument.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtdf6812ee#\bb0a8c91afc6d67593743d89db1f92d0\System.Runtime.Serialization.Primitives.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\d6180cfaac57962ca62186c1151b5f7f\System.ServiceModel.Internals.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\fbb07ef2f687508f75bfeacd97f2453b\SMDiagnostics.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Linq\a5f95a789e5daaba6fc249c8294111a6\System.Linq.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Collections\198f99ac9d6a623cf8e98092be902e4d\System.Collections.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime\6dd333c4d9129ba8ae919e55de4b63e5\System.Runtime.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\ca77cfc1da7241e2dd280b446dc7b92b\System.Xml.Linq.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9a349fb029581f4752d2c6cfcfeab816\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d626184834dde3f4906aff139d4e5bbf\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\dc3c8622631a590b1fa1d93375414761\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\f9eb8fdbc1b3cd25a5b187ea30e77d6c\System.ServiceModel.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\7d61ab80c44108150bad37e8d916e220\System.Runtime.Serialization.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c98b70fea45b348a5283fad4dfa4b220\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Data\e3abc4d3f7fef760d13bf957613960cb\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\d9961946cc4b6fb67e19cd2f8ce90a76\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\e09d73263866a3b0472fd3a4d9aaccae\PresentationFramework.Aero2.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\1683f0fd402eb83acb756d3d2c1ab331\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\d747b6eed1a44bfd51d76ed6af359316\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\579202ba970d73dae32cc3a5c68af8e2\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\257fa713928375c0ac9b9f24904e988f\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\1a6b5095c4416a37f9ca4cf4436d1311\System.ni.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d03a3ddcd6a395878751c5e90fa16915\mscorlib.ni.dll ()
MOD - c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ()
MOD - c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe (Intel(R) Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (pcCMService64) -- C:\Program Files\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (omniserv) -- C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Inc.)
SRV:64bit: - (Cachedrv server) -- C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe ()
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes)
SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel Corporation)
SRV - (Garmin Device Interaction Service) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
SRV - (Windstream MAHostService) -- C:\Program Files (x86)\Windstream Support Center\9.0.1.51\ma\bin\MAHostService.exe (Alcatel-Lucent)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe ()
SRV - (PrintNotify) -- C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (pcCMService) -- C:\Program Files (x86)\Common Files\Motive\pcCMService.exe (Alcatel-Lucent)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (ServicepointService) -- C:\Program Files (x86)\Windstream\Service Agent\ServicepointService.exe (Radialpoint SafeCare Inc.)
SRV - (HsdService) -- C:\Program Files (x86)\Windstream\Diagnostic Tools\HsdService.exe (Windstream)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (NetTap630) -- C:\Windows\SysNative\drivers\nettap630.sys (Intel Corporation)
DRV:64bit: - (ndisrd) -- C:\Windows\SysNative\drivers\ndisrfl.sys (Intel Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (ssmirrdr) -- C:\Windows\SysNative\drivers\ssmirrdr.sys (support.com, Inc)
DRV:64bit: - (MREMP50a64) -- C:\Program Files\Common Files\Motive\MREMP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV:64bit: - (MRESP50a64) -- C:\Program Files\Common Files\Motive\MRESP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE:64bit: - HKLM\..\SearchScopes\{7F1EB4F3-FED7-4E5D-A36C-FA69FE870CBB}: "URL" = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK14/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windstream.net/
IE - HKCU\..\SearchScopes,DefaultScope = {0F2F4310-9D66-484D-9A39-039AC7EADBFB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
IE - HKCU\..\SearchScopes\{9D32E94C-6283-4EE6-9131-66491DE6288E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename.US: "Secure Search"
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:42.0
FF - prefs.js..keyword.URL: "https://search.yahoo.com/search?fr=mcafee&type=B111US400D20140820&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Windstream Support Center\9.0.0.209\ma\bin\npMotive.dll File not found
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.1: C:\Program Files (x86)\Windstream Support Center\9.0.1.51\ma\bin\npMotive.dll (Windstream Communications)
FF - HKLM\Software\MozillaPlugins\@Motive.com/npMotiveRequest,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll (Windstream)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files (x86)\Windstream\Service Agent\nprpspa.dll (Windstream)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 42.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/09/24 13:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tonja\AppData\Roaming\Mozilla\Extensions
[2015/09/18 17:54:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tonja\AppData\Roaming\Mozilla\Firefox\Profiles\ctm73tzd.default\extensions
[2015/10/25 08:55:00 | 000,001,999 | ---- | M] () -- C:\Users\Tonja\AppData\Roaming\Mozilla\Firefox\Profiles\ctm73tzd.default\searchplugins\McSiteAdvisor.xml
[2015/11/04 14:08:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015/11/04 14:09:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\4.0.0.0_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Tonja\AppData\Local\Google\Chrome\User Data\Default\Extensions\plbchhheadikfkckdpjghciknmlfkfcj\1.5.1_1\

O1 HOSTS File: ([2013/08/22 08:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [OPBHOBroker] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [OPBHOBrokerDesktop] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SimplePass] C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [Windstream_McciTrayApp] C:\Program Files\Windstream Support Center\9.0.1.51\ma\bin\pcTrayApp.exe (Alcatel-Lucent)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [DiagnosticTools.exe] C:\Program Files (x86)\Windstream\Diagnostic Tools\DiagnosticTools.exe (Windstream)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windstream Service Agent.exe] C:\Program Files (x86)\Windstream\Service Agent\Windstream Service Agent.exe (Windstream)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
O4 - Startup: C:\Users\Tonja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9525DB0-02C8-4FC4-9671-344AF7C7F246}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/11/05 13:41:03 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/05 13:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/11/05 13:40:11 | 000,109,272 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2015/11/05 13:40:11 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2015/11/05 13:40:10 | 000,025,816 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2015/11/05 13:40:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/11/05 13:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/11/05 12:49:38 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/11/04 14:08:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2015/11/05 14:13:22 | 000,891,984 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2015/11/05 14:13:22 | 000,739,230 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2015/11/05 14:13:22 | 000,153,804 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2015/11/05 14:13:16 | 000,000,928 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/11/05 14:13:00 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1cff1eb711fef6.job
[2015/11/05 14:10:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2015/11/05 14:09:33 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/11/05 14:09:27 | 000,000,924 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/11/05 14:08:15 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/11/05 14:08:11 | 2963,357,696 | -HS- | M] () -- C:\hiberfil.sys
[2015/11/05 13:40:28 | 000,001,081 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/05 13:35:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2015/11/05 12:57:11 | 000,000,354 | ---- | M] () -- C:\windows\tasks\HPCeeScheduleForTonja.job
[2015/11/05 12:18:26 | 000,065,536 | ---- | M] () -- C:\windows\SysNative\spu_storage.bin
[2015/10/23 18:49:46 | 000,000,285 | ---- | M] () -- C:\Users\Tonja\Desktop\email.rtf
[2015/10/22 18:15:21 | 000,002,170 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/10/13 20:01:29 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk

========== Files Created - No Company Name ==========

[2015/11/05 13:40:28 | 000,001,081 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/11/01 08:44:44 | 000,000,354 | ---- | C] () -- C:\windows\tasks\HPCeeScheduleForTonja.job
[2015/10/23 18:49:45 | 000,000,285 | ---- | C] () -- C:\Users\Tonja\Desktop\email.rtf
[2015/09/15 12:21:44 | 000,000,525 | ---- | C] () -- C:\windows\photoprn.ini
[2015/09/15 12:21:44 | 000,000,435 | ---- | C] () -- C:\windows\fantasy2.ini
[2015/09/15 12:21:44 | 000,000,130 | ---- | C] () -- C:\windows\pstudio.ini
[2015/09/15 12:21:03 | 000,000,021 | ---- | C] () -- C:\windows\ccam_suite.ini
[2015/03/08 10:24:16 | 000,107,008 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2015/03/08 10:22:42 | 000,046,080 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2015/03/06 15:24:11 | 000,001,025 | ---- | C] () -- C:\windows\SysWow64\sysprs7.dll
[2015/03/06 15:24:11 | 000,000,205 | ---- | C] () -- C:\windows\SysWow64\lsprst7.dll
[2014/09/12 11:35:08 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/08/29 10:23:33 | 000,009,216 | ---- | C] () -- C:\windows\SysWow64\amdhdl32.dll
[2014/08/22 10:52:59 | 000,002,255 | ---- | C] () -- C:\windows\SysWow64\WimBootCompress.ini
[2014/08/20 17:19:14 | 000,032,922 | ---- | C] () -- C:\ProgramData\xportnchk.ini
[2014/07/17 00:56:27 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

========== ZeroAccess Check ==========

[2014/07/17 01:10:51 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/26 21:43:09 | 022,372,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/26 21:42:51 | 019,795,904 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/28 20:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/28 19:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/28 20:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/08/05 12:09:48 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\Garmin
[2014/08/20 18:42:42 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\OpswatLogs
[2015/11/04 18:37:41 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\Radialpoint
[2015/03/06 15:38:30 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\SPSSInc
[2014/08/20 17:18:58 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\supportdotcom
[2014/08/29 10:23:46 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\WinBatch
[2014/11/19 17:55:10 | 000,000,000 | ---D | M] -- C:\Users\Tonja\AppData\Roaming\Windstream

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Tonja\SkyDrive:ms-properties

< End of report >
 
Last edited by a moderator:
voyagerfan99

voyagerfan99

Master of Turning Things Off and Back On Again
Staff member
You can open MalwareBytes and open the log file, then copy and paste it here. Go to History>Application Logs and double click the scan log to open it.
 
johnb35

johnb35

Administrator
Staff member
You did have Pokki on the system. Are you still getting the error? I would like to see a list of programs you have installed. Please download and run Ccleaner.

https://www.piriform.com/ccleaner/download/standard

Download and install the program. Open it up and click on the tools section on the left, click on uninstall, click on save to text file, name it and save it and then open it up and copy and paste it in your next reply. uninstall list.jpg
 
R

Rodge

New Member
voyagerfan99 said:
You can open MalwareBytes and open the log file, then copy and paste it here. Go to History>Application Logs and double click the scan log to open it.
Click to expand...

Here's what I found:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11/5/2015
Scan Time: 1:42 PM
Logfile:
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.11.05.05
Rootkit Database: v2015.11.04.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Tonja

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 332920
Time Elapsed: 23 min, 1 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 9
PUP.Optional.MindSpark, HKLM\SOFTWARE\CLASSES\CLSID\{9e28b297-11d4-4293-aa6f-558658ee66ae}, Quarantined, [3336c0bab5d6cb6b5ffba982c33f06fa],
PUP.Optional.MindSpark, HKU\S-1-5-21-528203409-1594402490-2626285302-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9E28B297-11D4-4293-AA6F-558658EE66AE}, Quarantined, [3336c0bab5d6cb6b5ffba982c33f06fa],
PUP.Optional.MindSpark, HKU\S-1-5-21-528203409-1594402490-2626285302-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9E28B297-11D4-4293-AA6F-558658EE66AE}, Quarantined, [3336c0bab5d6cb6b5ffba982c33f06fa],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{01907012-88BD-4A1E-9E60-9F4D3E5FFC28}, Quarantined, [6306007a6a217eb869ee99df25de44bc],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44DB423D-A0DB-4664-9477-CCDCEB7CD666}, Quarantined, [d693bdbd622964d2bc9b65134eb53ac6],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{499A1BF0-AFF3-48E8-9333-C4A4567AB59D}, Quarantined, [7aef4f2bfe8d47ef4a0d0d6b17ec48b8],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63AD0951-229A-4F3B-9E96-B4891811A156}, Quarantined, [4920adcdabe089ada4b35721c53e1ae6],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81FDA3B2-1023-4131-8055-29CE1560C12A}, Quarantined, [e68393e7167575c1aea980f87093dc24],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{968E8731-8549-4289-AD46-B9A9EAC1D302}, Quarantined, [92d7c5b5b1da60d660f703754db638c8],

Registry Values: 10
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{01907012-88bd-4a1e-9e60-9f4d3e5ffc28}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, Quarantined, [6306007a6a217eb869ee99df25de44bc]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44db423d-a0db-4664-9477-ccdceb7cd666}|AppPath, C:\Program Files (x86)\RadioRage_4j\bar\1.bin, Quarantined, [d693bdbd622964d2bc9b65134eb53ac6]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{499a1bf0-aff3-48e8-9333-c4a4567ab59d}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, Quarantined, [7aef4f2bfe8d47ef4a0d0d6b17ec48b8]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63ad0951-229a-4f3b-9e96-b4891811a156}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, Quarantined, [4920adcdabe089ada4b35721c53e1ae6]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81fda3b2-1023-4131-8055-29ce1560c12a}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, Quarantined, [e68393e7167575c1aea980f87093dc24]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{968e8731-8549-4289-ad46-b9a9eac1d302}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, Quarantined, [92d7c5b5b1da60d660f703754db638c8]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Internet Speed Tracker EPM Support, "C:\PROGRA~2\INTERN~3\bar\1.bin\9tmedint.exe" T8EPMSUP.DLL,S, Quarantined, [56136812ff8c5ed8fb549cb6917215eb]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Internet Speed Tracker AppIntegrator 32-bit, C:\PROGRA~2\INTERN~3\bar\1.bin\AppIntegrator.exe, Quarantined, [c5a4bfbba1eaa78f8ac71d356c979d63]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Internet Speed Tracker AppIntegrator 64-bit, C:\PROGRA~2\INTERN~3\bar\1.bin\AppIntegrator64.exe, Quarantined, [84e5ceacec9ff640cc85d37f50b32ed2]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Internet Speed Tracker Search Scope Monitor, "C:\PROGRA~2\INTERN~3\bar\1.bin\9tsrchmn.exe" /m=2 /w /h, Quarantined, [95d4b9c176153ff7bd98c58d7f844bb5]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


Is that what you are asking for?

@johnb35 I'll do what you suggested in moment. I just got home but I'm on it next.
 
Last edited by a moderator:
R

Rodge

New Member
johnb35 said:
You did have Pokki on the system. Are you still getting the error? I would like to see a list of programs you have installed. Please download and run Ccleaner.

https://www.piriform.com/ccleaner/download/standard

Download and install the program. Open it up and click on the tools section on the left, click on uninstall, click on save to text file, name it and save it and then open it up and copy and paste it in your next reply. View attachment 6578
Click to expand...

Yes, I am still getting the error, sadly, but I do appreciate all the help you have given me so far. Here is what I found.


- Games App - WildTangent Games 6/27/2015 1.0.3.28
7-Zip 9.20 (x64 edition) Igor Pavlov 7/16/2014 4.53 MB 9.20.00.0
Adobe Flash Player 19 NPAPI Adobe Systems Incorporated 10/17/2015 3.81 MB 19.0.0.226
Alcor Micro USB Card Reader Driver Alcor Micro Corp. 7/16/2014 20.21.3317.03861
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 8/29/2014 26.1 MB 8.0.915.0
Bonjour Apple Inc. 7/16/2014 2.00 MB 3.0.0.10
Box Box, Inc. 7/9/2015 2.1.4.3
CCleaner Piriform 11/5/2015 5.11
CyberLink LabelPrint CyberLink Corp. 7/16/2014 274 MB 2.5.5.6805
CyberLink Media Suite 10 CyberLink Corp. 7/16/2014 58.0 MB 10.0.5.3103
CyberLink Power2Go 8 CyberLink Corp. 7/16/2014 405 MB 8.0.5.3215
CyberLink PowerDVD 12 CyberLink Corp. 7/16/2014 309 MB 12.0.2.3212
DSC350 Digital Camera 8/24/2013
DSC350 Digital Camera 9/15/2015
eBay eBay, Inc 11/5/2014 1.6.0.34
Energy Star Hewlett-Packard Company 7/16/2014 5.56 MB 1.0.9
Games Microsoft Corporation 8/23/2014 2.0.139.0
Garmin Express Garmin Ltd or its subsidiaries 9/15/2015 148 MB 4.1.8.0
Getting Started with Windows 8 Hewlett-Packard Company 3/3/2015 1.6.0.0
Google Chrome Google Inc. 10/27/2014 46.0.2490.80
Google Toolbar for Internet Explorer Google Inc. 9/19/2015 7.5.6904.2028
HP AiO Printer Remote Hewlett-Packard Company 6/10/2015 55.1.43.0
HP Connected Drive Hewlett-Packard Company 10/27/2015 4.3.31.167
HP Deskjet 2540 series Basic Device Software Hewlett-Packard Co. 9/12/2014 154 MB 32.2.188.47710
HP Deskjet 2540 series Help Hewlett Packard 9/12/2014 6.69 MB 30.0.0
HP Documentation Hewlett-Packard 7/16/2014 150 MB 1.1.0.0
HP Photo Creations HP 9/12/2014 14.6 MB 1.0.0.7702
HP Registration Hewlett-Packard Company 11/28/2014 1.2.1.166
HP Registration Service Hewlett-Packard 7/16/2014 30.1 MB 1.2.7127.4628
HP SimplePass Softex Inc. 7/16/2014 34.0 MB 8.00.51
HP SimplePass Hewlett-Packard 7/16/2014 8.00.51
HP Support Assistant Hewlett-Packard Company 7/16/2014 83.8 MB 7.3.35.12
HP Support Information Hewlett-Packard 7/17/2014 1.69 MB 13.00.0000
HP Update Hewlett-Packard 9/12/2014 4.04 MB 5.005.002.002
IBM SPSS Statistics 22 IBM Corp 3/6/2015 854 MB 22.0.0.0
Intel(R) Technology Access Intel Corporation 10/26/2015 1.30 MB 1.5.0.1021
Intel(R) Update Manager Intel Corporation 10/12/2015 22.3 MB 3.1.1228
Kindle AMZN Mobile LLC 6/22/2015 2.1.0.2
Mail, Calendar, and People 7/3/2015
Malwarebytes Anti-Malware version 2.2.0.1024 Malwarebytes 11/5/2015 66.1 MB 2.2.0.1024
Maps Microsoft Corporation 9/12/2014 2.1.3230.2048
McAfee® Central for HP .-McAfee Inc-. 8/7/2015 4.5.153.1
Microsoft Mahjong Microsoft Studios 9/29/2015 2.5.1508.1801
Microsoft Office Home and Student 2013 - en-us Microsoft Corporation 10/28/2015 15.0.4763.1003
Microsoft SkyDrive Microsoft Corporation 8/22/2014 25.1 MB 16.4.6013.0910
Microsoft Solitaire Collection Microsoft Studios 9/17/2015 2.7.1508.1402
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 7/16/2014 1.92 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 7/16/2014 4.84 MB 8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 8/24/2013 7.00 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 8/24/2013 13.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 9/2/2014 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 8/24/2013 10.2 MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 7/16/2014 10.1 MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 9/2/2014 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 13.8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 2/12/2015 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Corporation 2/11/2015 20.5 MB 11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Corporation 2/11/2015 17.3 MB 11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Corporation 3/16/2015 20.5 MB 12.0.21005.1
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Corporation 2/12/2015 10.0.50903
Mozilla Firefox 42.0 (x86 en-US) Mozilla 11/4/2015 87.1 MB 42.0
Mozilla Maintenance Service Mozilla 11/4/2015 220 KB 42.0.0.5780
MSN Food & Drink Microsoft Corporation 7/14/2015 3.0.4.336
MSN Health & Fitness Microsoft Corporation 7/14/2015 3.0.4.336
MSN Money Microsoft Corporation 7/14/2015 3.0.4.336
MSN News Microsoft Corporation 7/14/2015 3.0.4.336
MSN Sports Microsoft Corporation 7/14/2015 3.0.4.336
MSN Travel Microsoft Corporation 7/14/2015 3.0.4.336
MSN Weather Microsoft Corporation 10/23/2015 3.0.4.337
Music Microsoft Corporation 3/14/2015 2.6.672.0
Netflix Netflix, Inc. 9/23/2015 2.15.0.14
Pinger Pinger Inc. 7/17/2014 1.1.1.2
Product Improvement Study for HP Deskjet 2540 series Hewlett-Packard Co. 9/12/2014 9.67 MB 32.2.188.47710
Radialpoint Servicepoint Dashboard Extensions version 15.2.16.27844 2/26/2015 1.78 MB 15.2.16.27844
Reader Microsoft Corporation 7/29/2015 6.4.9926.17994
Realtek Card Reader Realtek Semiconductor Corp. 7/16/2014 6.2.9200.30164
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 8/29/2014 6.0.1.7090
Savings Center Featured Offers Hewlett-Packard Company 8/20/2014 1.5.0.9
Skype Skype 6/22/2015 3.1.0.1016
SlimCleaner Plus SlimWare Utilities, Inc. 11/22/2014 44.4 MB 1.0.22723
Snapfish Hewlett-Packard Company 10/6/2015 5.4.1.0
Video Microsoft Corporation 6/4/2015 2.6.441.0
Windows Alarms Microsoft Corporation 8/23/2014 6.3.9654.20335
Windows Calculator Microsoft Corporation 8/23/2014 6.3.9600.20278
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) Dynastream Innovations, Inc. 8/5/2015 04/11/2012 1.2.40.201
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) Silicon Labs Software 8/5/2015 02/06/2007 3.1
Windows Help+Tips Microsoft Corporation 8/23/2014 6.3.9654.20559
Windows Live Essentials Microsoft Corporation 7/17/2014 16.4.3508.0205
Windows Reading List Microsoft Corporation 8/12/2015 6.3.9654.20947
Windows Scan Microsoft Corporation 11/6/2014 6.3.9654.17133
Windows Sound Recorder Microsoft Corporation 8/23/2014 6.3.9600.20280
Windstream Service Agent 4.1.15 Windstream 11/19/2014 37.8 MB 4.1.15
Windstream Support Center Windstream Communications 7/1/2015 17.5 MB 9.0.1.51
 
Last edited by a moderator:
johnb35

johnb35

Administrator
Staff member
Why are you using spoiler tags? Please refrain from using them, just copy and paste the log inside your reply. What are the following programs?

Windstream
Radialpoint

I would uninstall the slimcleaner program.

Try downloading and installing the classic shell program to see if the start menu opens.

http://www.mediafire.com/download/wl5nbjaki7zbssn/ClassicShellSetup_4_2_4.exe

If not, then do a system restore back to a day when your system was working fine. Then you would have to rerun all the malware programs as you were infected.
 
R

Rodge

New Member
johnb35 said:
Why are you using spoiler tags? Please refrain from using them, just copy and paste the log inside your reply. What are the following programs?

Windstream
Radialpoint

I would uninstall the slimcleaner program.

Try downloading and installing the classic shell program to see if the start menu opens.

http://www.mediafire.com/download/wl5nbjaki7zbssn/ClassicShellSetup_4_2_4.exe

If not, then do a system restore back to a day when your system was working fine. Then you would have to rerun all the malware programs as you were infected.
Click to expand...

Sorry if those got annoying, I was on another forum for a long time where that was normal if you copy and pasted a large chunk of text. Did not intend to get on your nerves.

Windstream is an internet provider. I do not know what radialpoint is, exactly. When I went to uninstall it, the computer claimed it was already uninstalled. Google search said it was some sort of antiviral software manufacturer, but I'm not sure.

I have uninstalled the slimcleaner program.

Okay, I did install the classic shell. I did not get the same startup menu I had before but I did get a new one. I think this will work. Thank you guys for the help, I really appreciate it.
 
You must log in or register to reply here.
Top