GoPhillies
2016-11-10, 16:36
I'm suddenly having trouble connecting to web sites with my desktop. The problem started about a week ago and affected my desktop, as well as my wife’s two laptops, and my Kindle, all of which access the Internet through a cable modem from Spectrum (aka TWC) and a Cisco ValetPlus WiFi router. At first it was just poor and intermittent Internet connection. I could access AOL and Facebook, as well as a few other random web sites, but most attempts to open other web pages resulted in a “This page can’t be displayed” message, and clicking on any link within AOL or Facebook gave the same message. Initially we worked around the problem by using a Verizon mobile hot spot. We had a Spectrum (TWC) technician come to the house, and although he found the modem and router to be working, he said we have a weak signal, and replaced the modem and the cables. That seemed to fix the problem for the two laptops and the Kindle, but it has not cured my desktop. I am using a Dell XPS 8500 with Windows 7. I have tried both IE 11.0.36 and Firefox 49.0.1 as my browser. I ran a scan with Malwarebytes, and it found a few PUPs, which I quarantined per instructions, but no malware. I have a McAfee firewall on, and am running McAfee real-time scanning.
At present, I can open AOL, Facebook (when I open Facebook I get a message “Revocation information for the security certificate for this site is not available”), Google, among other random web sites, including the Spybot home page. However, I am unable to open any links within those web sites, including the Spybot Forum. Google is my home page for IE, and I can do Google searches, but I can't open the sites from within Google. I had to use a laptop to download Registry Backup, FRST, and aswMBR onto a thumb drive, then load them onto my desktop, run the scans, copy the logs onto the thumb drive, and post the logs on the forum using the laptop.
Logs to follow. Admin Edit, merged two posts.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by John (administrator) on JOHNDESKTOP (05-11-2016 16:50:39)
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Amazon Digital Services, LLC.) C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozy, Inc.) C:\Program Files\Mozy Sync\mozysync.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sun Microsystems, Inc.) C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\LocalServiceJre\bin\AmazonCloudDriveW.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulAlert.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6457960 2011-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2012-06-04] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [UTM.exe] => cmd /c "start "" "C:\Program Files (x86)\EUT\C811\SUA\UTM.exe""
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286984 2015-10-07] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [530560 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [239744 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [Dropbox Update] => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {35de0db4-6ab6-11e5-8fce-689423274ca4} - J:\TL-BootStrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c4afcc77-4666-11e2-b1f6-689423274ca4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\TL-Bootstrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c531fead-292a-11e3-892f-689423274ca4} - K:\TL-BootStrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c76dbdac-2513-11e2-99ab-689423274ca4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\TL-Bootstrap.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [{91140000-0011-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-00A1-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-006E-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
ShellIconOverlayIdentifiers: [ mozysyncNotUploaded] -> {34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncPendingChanges] -> {6673BC77-4A7B-4299-A130-14312E6B203A} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncUpToDate] -> {04547006-32F5-4635-844B-B8D7FCE47692} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-02-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2015-11-28]
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-10-07]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk [2016-10-29]
ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (Amazon Digital Services, LLC.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozy Sync.lnk [2013-11-23]
ShortcutTarget: Mozy Sync.lnk -> C:\Program Files\Mozy Sync\mozysync.exe (Mozy, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{0F8D86FA-E84F-4232-BE1F-0CE7F0B5B425}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{B1521873-611C-4141-AAB1-CC30AFC23073}: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62
Internet Explorer:
==================
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {CE522274-F06E-4D52-9CA3-63B6C654F169} URL = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKLM -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> DefaultScope {4795153C-A663-466B-A28C-ECFD99709FFA} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {4795153C-A663-466B-A28C-ECFD99709FFA} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {CE522274-F06E-4D52-9CA3-63B6C654F169} URL =
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default [2016-11-05]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF Homepage: Mozilla\Firefox\Profiles\aeoam766.default -> hxxps://www.google.com/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\aeoam766.default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C111US105D20140130&p=
FF Extension: (Firefox Hotfix) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-13]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-10-16]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\searchplugins\McSiteAdvisor.xml [2015-06-06]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-08-25] [not signed]
FF HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-10-07] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US105D20140130&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2016-11-05]
CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-04]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173568 2012-10-09] (Dell Products, LP.) [File not signed]
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Users\John\AppData\Local\Temp\7zS15A2\hpslpsvc64.dll [1039360 2012-11-14] (Hewlett-Packard Co.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-07-11] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-09-18] (Mozy, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-07] (RealNetworks, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [76960 2011-12-26] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 C771BUS; C:\Windows\System32\DRIVERS\C771BUS.sys [71752 2010-08-26] (DEVGURU Co., LTD.)
S3 C771VSP; C:\Windows\System32\DRIVERS\C771VSP.sys [186056 2010-08-26] (DEVGURU Co., LTD.(www.devguru.co.kr (http://www.devguru.co.kr)))
S3 c811bus; C:\Windows\System32\DRIVERS\c811bus.sys [169800 2012-12-07] (MCCI Corporation)
S3 c811serd; C:\Windows\System32\DRIVERS\c811serd.sys [159048 2012-12-07] (MCCI Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
S3 Logi_Headset_DFU; C:\Windows\System32\Drivers\lhusbdfuamd64.sys [44136 2015-10-08] (CSR plc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [79192 2016-04-20] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-21] (Mozy, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-05 16:50 - 2016-11-05 16:52 - 00042448 _____ C:\Users\John\Desktop\FRST.txt
2016-11-05 16:49 - 2016-11-05 16:50 - 00000000 ____D C:\FRST
2016-11-05 16:41 - 2016-11-05 16:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-JOHNDESKTOP-Windows-7-Home-Premium-(64-bit).dat
2016-11-05 16:41 - 2016-11-05 16:41 - 00000000 ____D C:\RegBackup
2016-11-05 16:40 - 2016-11-05 16:40 - 00002237 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-11-05 16:40 - 2016-11-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-11-05 16:40 - 2016-11-05 16:40 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-11-05 16:37 - 2016-11-05 16:41 - 00019558 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2016-11-05 16:36 - 2016-11-05 14:51 - 05658651 _____ (Swearware) C:\Users\John\Desktop\ComboFix.exe
2016-11-05 16:36 - 2016-11-05 14:49 - 05198336 _____ (AVAST Software) C:\Users\John\Desktop\aswMBR.exe
2016-11-05 16:35 - 2016-11-05 14:42 - 02409984 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2016-11-05 16:34 - 2016-11-05 14:39 - 05596528 _____ (Tweaking.com) C:\Users\John\Desktop\tweaking.com_registry_backup_setup.exe
2016-11-04 01:22 - 2016-11-04 01:22 - 00002146 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-04 01:22 - 2016-11-04 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-01 10:12 - 2016-11-01 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-10-29 08:25 - 2016-10-29 08:25 - 00000000 ___RD C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-10-28 07:54 - 2016-10-28 07:56 - 00000000 ____D C:\Users\John\Desktop\Elodie
2016-10-27 00:55 - 2016-06-25 20:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-10-27 00:55 - 2016-06-25 15:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-10-27 00:55 - 2016-06-25 15:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-10-27 00:55 - 2016-06-25 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-10-27 00:55 - 2016-06-25 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-10-27 00:55 - 2016-06-25 15:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-10-26 15:19 - 2016-10-26 15:20 - 00000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-18 21:29 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-18 21:29 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-18 21:29 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-18 21:29 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-18 21:29 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-18 21:29 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-18 21:29 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-18 21:29 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-18 21:29 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-18 21:29 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-18 21:29 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-18 21:29 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-18 21:29 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-18 21:29 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-18 21:29 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-18 21:29 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-18 21:29 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-18 21:29 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-18 21:29 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-18 21:29 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-18 21:29 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-18 21:29 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-18 21:29 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-18 21:29 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-18 21:29 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-18 21:29 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-18 21:29 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-18 21:29 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-18 21:29 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-18 21:29 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-18 21:29 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-18 21:29 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-18 21:29 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-18 21:29 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-18 21:29 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-18 21:29 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-18 21:29 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-18 21:29 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-18 21:29 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-18 21:29 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-18 21:29 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-18 21:29 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-18 21:29 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-18 21:29 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-18 21:29 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-18 21:29 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-18 21:29 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-18 21:29 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-18 21:29 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-18 21:29 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-18 21:29 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-18 21:29 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-18 21:29 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-18 21:29 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-18 21:29 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-18 21:29 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-18 21:29 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-18 21:29 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-18 21:28 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-18 21:28 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-18 21:28 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-18 21:28 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-18 21:28 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-18 21:28 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-18 21:28 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-18 21:28 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-18 21:28 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-18 21:28 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-18 21:28 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-18 21:28 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-18 21:28 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-18 21:28 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-18 21:28 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-18 21:28 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-18 21:28 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-18 21:28 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-18 21:28 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-18 21:28 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-18 21:28 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-18 21:28 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-18 21:28 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-18 21:28 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-18 21:28 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-18 21:28 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-18 21:28 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-18 21:28 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-18 21:28 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-18 21:28 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-18 21:28 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-18 21:28 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-18 21:28 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-18 21:28 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-18 21:28 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-18 21:28 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-18 21:28 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-18 21:28 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-18 21:28 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-18 21:28 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-18 21:28 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-18 21:28 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-18 21:28 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-18 21:28 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-18 21:28 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-18 21:28 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-18 21:28 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-18 21:28 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-18 21:28 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-18 21:28 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-18 21:28 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-18 21:28 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-18 21:28 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-18 21:28 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-18 21:25 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-18 21:25 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-18 21:25 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-18 21:25 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-18 21:25 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-13 09:16 - 2016-10-13 09:16 - 00000211 _____ C:\Users\John\Desktop\12 Green Plastic Hanging Pot w-Wire Hanger 25 count.url
2016-10-12 20:02 - 2016-10-12 20:02 - 00000275 _____ C:\Users\John\Desktop\Charlotte Chapter Golden State Warriors at Charlotte Hornets - Alumni Community - Davidson College.url
2016-10-12 19:09 - 2016-10-12 19:09 - 00000276 _____ C:\Users\John\Desktop\Grandma's Gift - The Washington Post.url
2016-10-11 13:31 - 2016-10-11 13:31 - 00004608 _____ C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-10 23:40 - 2016-10-10 23:40 - 00000426 _____ C:\Users\John\Desktop\Give Thanks for Wildlife Tickets, Sat, Nov 19, 2016 at 630 PM Eventbrite.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-05 16:36 - 2015-06-28 22:21 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA.job
2016-11-05 16:36 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-05 16:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-11-05 16:35 - 2012-11-13 00:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-05 16:13 - 2012-10-27 15:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-05 16:01 - 2012-09-18 14:51 - 00003498 _____ C:\Windows\mozy.flt
2016-11-05 16:01 - 2012-09-18 14:51 - 00003036 _____ C:\Windows\mozy.blk
2016-11-05 15:57 - 2013-11-22 00:15 - 00000000 ____D C:\Users\John\AppData\Local\mozysync
2016-11-05 13:06 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-05 13:06 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-05 01:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-04 23:37 - 2014-01-30 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-11-04 23:36 - 2015-06-28 22:21 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core.job
2016-11-04 23:31 - 2015-06-28 22:21 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA
2016-11-04 23:31 - 2015-06-28 22:21 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core
2016-11-04 23:30 - 2012-10-27 15:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-04 01:22 - 2012-10-27 15:47 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-03 02:44 - 2012-10-27 15:49 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 02:44 - 2012-10-27 15:49 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-01 10:12 - 2015-11-16 23:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-11-01 10:12 - 2014-04-19 13:16 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-11-01 10:11 - 2012-11-05 01:05 - 00000000 ___RD C:\Users\John\Dropbox
2016-10-30 09:00 - 2012-11-12 23:55 - 00000000 ____D C:\Users\John\AppData\Local\ElevatedDiagnostics
2016-10-29 08:27 - 2012-10-16 21:02 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-10-29 08:25 - 2014-01-30 13:03 - 00000000 __RSD C:\Users\John\Documents\McAfee Vaults
2016-10-29 08:24 - 2012-10-16 21:14 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2016-10-29 08:24 - 2012-10-16 21:14 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2016-10-29 08:23 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-28 19:49 - 2009-07-14 01:08 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-27 02:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-10-26 18:33 - 2009-07-14 00:45 - 00543192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-26 18:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-26 18:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-26 18:30 - 2014-12-10 06:43 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-26 18:30 - 2014-04-23 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-26 18:28 - 2013-03-13 01:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 18:28 - 2013-03-13 01:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 16:15 - 2013-08-14 03:34 - 00000000 ____D C:\Windows\system32\MRT
2016-10-26 16:11 - 2012-12-01 01:30 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-26 16:08 - 2013-03-13 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-26 15:20 - 2012-11-05 00:56 - 00000000 ____D C:\Users\John\AppData\Roaming\Dropbox
2016-10-26 07:57 - 2014-05-19 13:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 01:38 - 2014-01-30 13:03 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-10-23 22:29 - 2015-06-29 00:10 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-10-19 07:50 - 2012-10-27 15:42 - 00000000 ____D C:\ProgramData\TEMP
2016-10-13 09:35 - 2012-11-13 00:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-13 09:35 - 2012-11-13 00:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-13 09:35 - 2012-11-13 00:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-13 09:35 - 2012-10-16 20:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-13 09:35 - 2012-10-16 20:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 11:38 - 2014-07-13 14:24 - 00000000 ____D C:\Users\John\Desktop\Cooking and Dining
2016-10-10 18:49 - 2012-10-27 00:25 - 00000000 ____D C:\Users\John
2016-10-08 16:55 - 2012-11-06 22:16 - 00000000 ____D C:\Users\John\AppData\Local\CrashDumps
2016-10-07 23:26 - 2012-12-22 17:33 - 00000000 ____D C:\Users\John\AppData\Local\Citrix
==================== Files in the root of some directories =======
2013-08-03 18:39 - 2013-08-03 18:39 - 0000000 _____ () C:\Users\John\AppData\Roaming\SharedSettings.ccs
2016-10-11 13:31 - 2016-10-11 13:31 - 0004608 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-17 21:54 - 2013-03-26 22:43 - 0002217 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Public\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\Users\Public\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe
C:\Users\Public\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe
C:\Users\Public\Tempmozy-autoupdate-c0261ff8012aad585d55140a9b6ddcb9.exe
C:\Users\Public\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\Users\Public\Tempmozy-manualupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe
C:\Users\Public\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe
C:\Users\Public\Tempmozy-manualupdate-5ab4a737bec6be5a44cdd634ea82d76b.exe
C:\Users\Public\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe
C:\Users\Public\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\Users\Public\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
Some files in TEMP:
====================
C:\Users\John\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpljkj9h.dll
C:\Users\John\AppData\Local\Temp\HPInstaller.exe
C:\Users\John\AppData\Local\Temp\lowproc.exe
C:\Users\John\AppData\Local\Temp\mozy-sync-1_3_0_4057-62459.exe
C:\Users\John\AppData\Local\Temp\mozy-sync-1_3_1_4068-63621.exe
C:\Users\John\AppData\Local\Temp\mozy-sync_1.2.0.4028.exe
C:\Users\John\AppData\Local\Temp\mozy-sync_1.2.1.4039.exe
C:\Users\John\AppData\Local\Temp\ose00000.exe
C:\Users\John\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\John\AppData\Local\Temp\stubhelper.dll
C:\Users\John\AppData\Local\Temp\_isDE83.exe
C:\Users\John\AppData\Local\Temp\_isEAB4.exe
C:\Users\John\AppData\Local\Temp\{FED90B67-82A4-4ADC-B34B-EEE0F6290AD4}-54.0.2840.71_chrome_installer.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-04 00:40
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by John (05-11-2016 16:52:43)
Running from C:\Users\John\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-27 04:25:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-211488708-3525939622-1550682978-500 - Administrator - Disabled)
Guest (S-1-5-21-211488708-3525939622-1550682978-501 - Limited - Disabled)
John (S-1-5-21-211488708-3525939622-1550682978-1000 - Administrator - Enabled) => C:\Users\John
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Amazon Cloud Drive (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\23ab716f18849b6f) (Version: 2.1.2013.1340 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{0E262CBA-A8C6-3BE1-A812-D7490B4F2B09}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.27 - ArcSoft)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C771 USB Driver V1.0.11.0 (HKLM-x32\...\{FC8BC9C6-7A6F-475E-848B-3FC3CA0BFE19}) (Version: 1.0.11.0 - CASIO)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.332 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.3.0.3 - Corel Corporation) Hidden
Coupon Companion Plugin (HKLM-x32\...\Coupon Companion Plugin) (Version: 1.26.152.152 - 215 Apps) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D7500 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{F91BF1B5-4213-440C-8539-C6EB2F1D1734}) (Version: 2.2.4000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DesignPro 5 (HKLM-x32\...\InstallShield_{C8F04EF6-C4DB-4D86-8D86-32E7DBDA8595}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation)
Dropbox (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elevated Installer (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation)
EPSON Perfection V370 Photo Scanner Driver Update version 3.0.2.0 (HKLM-x32\...\ScannerDriverUpdateEPSON Perfection V370 Photo_is1) (Version: 3.0.2.0 - Epson America Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Garmin Express (HKLM-x32\...\{5b45c228-dcb1-4a0b-a9de-3b4b683ef15d}) (Version: 4.1.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
G'zOne Commando 4G LTE USB Driver (HKLM-x32\...\{99E1CC2D-EB4F-498B-B6ED-492654677E7E}) (Version: 5.30.17.1 - NEC CASIO Mobile Communications, Ltd.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart D7500 Printer Driver Software 13.0 Rel. 4 (HKLM\...\{2F478590-A2A6-43E3-A567-A89A5F38AAC4}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.279 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozy Sync (HKLM\...\{95DB05B2-371B-3957-A65A-7CD9433701AD}) (Version: 1.3.1.4068 - Mozy, Inc.)
MozyHome (HKLM\...\{81D29D4E-9658-BB63-D879-E6A625C01364}) (Version: 2.28.2.432 - Mozy, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Online Plug-in (x32 Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
PS_SF_04_D7500_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PSPPContent (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.332 - Corel Corporation) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.2 - Tweaking.com)
UE BOOM Update Assistant (HKLM-x32\...\{8D9BD07C-C098-4BC9-A83B-2CE454A2776C}) (Version: 1.4.57 - Logitech, Inc.)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
VZ_UpgradeMonitorTool (HKLM-x32\...\{C601F8DA-88F1-4380-A431-43072E095C95}) (Version: 1.3.1 - NEC CASIO Mobile Communications, Ltd.)
VZ_UpgradeTool (HKLM-x32\...\{F7086669-0FA1-4834-9C9C-978AC16848CD}) (Version: 1.3.0 - NEC CASIO Mobile Communications, Ltd.)
VZ-TL-PC (HKLM-x32\...\{9A25A804-4303-4787-B2DE-99AD745B1CBB}) (Version: 1.1.6 - NEC CASIO Mobile Communications, Ltd.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BF8E4F5-24AF-46F8-9803-2FAA75D443B6} - System32\Tasks\{D3CAD5B2-3C2E-4601-AFBA-27A4FA2DBA63} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {0CFD4DF7-3D36-435B-B493-E61B008F4DA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {18BEDE3E-626D-4EC6-8684-D0049D33D35C} - \Updater21804.exe -> No File <==== ATTENTION
Task: {1A3D6C0B-040D-4325-B8BB-C4DD1D38138E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-211488708-3525939622-1550682978-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {23D1C0E2-D8A3-4395-907B-691843D48BE1} - System32\Tasks\{BC70EC75-4F38-426E-B29C-4B78B6EB45E6} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {2A6255E7-CC76-44E7-AE33-67C2762BEA00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3BFFD789-7E52-4102-A6CF-89C7F908F028} - System32\Tasks\{42C676A7-24C2-47F4-9998-A2561BB3FAFF} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {41B83F1B-D962-43B2-BD73-1D2DBE53C19C} - System32\Tasks\{2A71FE5B-8DD6-4733-9F75-CDF232BD94F8} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {513292AA-5EC0-45E7-BEA3-806C5CB80121} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {61C4D42A-0443-453F-894E-A108D113A68F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {6DF9F0B8-96E6-49F3-902B-1A19506EA2BA} - System32\Tasks\{07078906-EB68-4CAF-B686-8FFAA663B339} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {71FEBFD9-949C-4C98-A3A3-66C0F07923D3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {72E3959C-BA3A-415D-8EAA-2187D486FAD9} - System32\Tasks\{8D36E390-8650-43D5-8484-24A2828DD1E8} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {74E33F28-CB85-4963-83C5-9EA841390F7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {783E748D-EBFF-4B99-A658-2B73E07A379E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-211488708-3525939622-1550682978-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {8F91EC81-83A6-4096-ABAE-DA654E6E086F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-13] (Adobe Systems Incorporated)
Task: {94DC0845-A429-4D4B-9047-13F0291DFA90} - System32\Tasks\{0D99EF29-30A3-4B60-92DB-71861F3A547F} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {A0F87E21-2AFC-4B08-BA55-FF1C2D92C164} - System32\Tasks\{16D9B9CA-1EA9-4EDD-8EEB-C49E08245E4B} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {AD9A4BBF-37CD-4B72-A365-35CE89B28681} - System32\Tasks\{CC702A7F-3063-4FCA-8D27-EEF64F0BBD0D} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {BBDA9583-85D4-476C-9417-AA9EBAFC3D6F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {C903FEF8-ED51-4AB7-BC0A-4B6B2315FB13} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-08-31] ()
Task: {CF659115-61AF-4C80-9640-1E7773DDB6EE} - System32\Tasks\{02D41DFB-91B8-4C8C-9F09-D160384283E7} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {E11E8FF9-D6D1-4582-B885-DA0C0ABF0591} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {EEC79726-FA54-4217-9B35-F33E65B9B435} - System32\Tasks\{90795D08-63CA-4F39-BFCD-B272D7E0D964} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {EF74137D-101C-4D2A-9906-1DF1C3E88EDD} - System32\Tasks\{C318582C-DAE8-4B64-91DB-223DF4607BEE} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {FF02B167-9254-45A8-AE74-BAF872FD0EFB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {FF073C0C-3A3D-4DA4-8443-B7C398FAACD2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {FF1B5303-3C73-44FA-BCD8-95B7F3C3FF8E} - System32\Tasks\{5B81B277-6E64-4FF8-9D6A-8B44ABE77B80} => C:\Program Files (x86)\iTunes\iTunes.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core.job => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA.job => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-13 06:45 - 2015-10-13 06:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-10-16 21:02 - 2012-01-26 22:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-10-25 22:29 - 2011-10-25 22:29 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-09-16 18:26 - 2015-09-16 18:26 - 00037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00022312 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 01520936 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 04274984 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00322856 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-09-20 07:49 - 2016-10-10 14:19 - 00035792 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00145864 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00019408 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00116688 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-09-20 07:49 - 2016-10-10 14:19 - 00100296 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00018888 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\select.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00019760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00694224 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020816 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-09-20 07:49 - 2016-10-10 14:20 - 00123856 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 01682760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00105928 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00021312 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00052024 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00038696 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00392144 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-10-26 15:19 - 2016-10-10 14:21 - 00020936 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024528 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00116176 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00381752 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00124880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00025424 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024016 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00175560 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00030160 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00043472 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00048592 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00057808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024016 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00246592 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00026456 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-20 07:49 - 2016-10-10 14:20 - 00241104 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020280 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00028616 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00023376 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020800 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00019776 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020800 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00350152 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00022352 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00024392 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-10-26 15:19 - 2016-10-10 14:17 - 00036296 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\librsync.dll
2016-10-26 15:19 - 2016-10-24 09:15 - 00084280 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-10-26 15:19 - 2016-10-24 09:15 - 01826096 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00083912 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\sip.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00531248 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 03928880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 01972528 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00133424 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00224056 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00207672 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020288 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-10-26 15:19 - 2016-10-10 14:24 - 00017864 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-10-26 15:19 - 2016-10-10 14:24 - 01631184 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-09-20 07:49 - 2016-10-10 14:21 - 00060880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00024904 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00546096 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00357680 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00042808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00168760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-09-20 07:49 - 2016-10-10 14:25 - 00697304 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2016-05-12 03:44 - 2016-05-12 03:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll
2012-10-16 20:54 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-16 20:57 - 2012-01-21 07:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-24 14:54 - 2016-11-01 10:11 - 00046080 _____ () C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\NativeOperations.dll
2013-10-24 14:54 - 2013-10-24 14:54 - 00541696 _____ () C:\Users\John\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2016-07-05 18:13 - 2016-07-05 18:13 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00653096 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\secunia.com -> hxxps://psi.secunia.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\008k.com -> www.008k.com (http://www.008k.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\00hq.com -> www.00hq.com (http://www.00hq.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0scan.com -> www.0scan.com (http://www.0scan.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-2005-search.com -> www.1-2005-search.com (http://www.1-2005-search.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com (http://www.1-domains-registrations.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-se.com -> 1-se.com
There are 9663 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-11-01 10:12 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{614A4948-7F4F-40A2-A5CB-D6F8B7FAAFB0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A81972E9-ACD7-4C4F-B975-3E5929D34FD9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64E77E20-06DD-4342-B983-97FFF39DF9F7}] => (Allow) LPort=2869
FirewallRules: [{8E1A772C-2115-4FF0-AA40-6FF7D3CA02FC}] => (Allow) LPort=1900
FirewallRules: [{A9EB3F93-217B-49FE-9415-FADE3857C0D9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4ED5AC8A-0612-4D48-85F3-1B1C5B0A23B1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{94FAFA68-4C57-4226-9739-456E62C89113}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B258A0B6-3EED-4802-A305-31228FAA848C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{51923CED-B27A-4F2C-8444-5E44823D563B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4370F326-176B-4F8C-B473-91F52E63AAD8}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A3F78B16-ED70-482B-B513-E9FA8F3ACE78}] => (Allow) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FDD084D5-8CC3-452F-981A-90FA94DEBB9D}] => (Allow) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5BC71E6D-01BD-41FB-B905-CA207F528F1C}] => (Allow) C:\Users\John\AppData\Local\Temp\7zS15A2\hppiw.exe
FirewallRules: [{8A6564D4-F5EE-45DB-9158-809B2AC306B9}] => (Allow) C:\Users\John\AppData\Local\Temp\7zS15A2\hppiw.exe
FirewallRules: [{8B10DB30-FD51-4864-A6B4-E1F286BC6A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15E84B8C-379D-4467-BD13-D5F4917DB619}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9D7FECF8-BCD7-402B-8E00-518AC276FAA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{9063100D-C9F1-4DC7-8DB8-F019AD2DBE76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{16E92756-033F-431C-B4CC-92A3A638C206}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{90F40FFC-09EC-44E9-AA37-04FC3E8AF51B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{A9E8467F-4B9C-4F76-876C-65CE94BFC75B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D7FC69CE-6EB2-4427-9444-E9210CF20AAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F8398C6B-3C98-494F-A557-4AAB8E3154F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5284D75B-82CD-4968-AB4E-F8A6AF36CDC8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{94CFE77A-8AC9-4BA0-9550-69FE6D16354D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{35643D50-8527-407E-A0FE-0CDC33164482}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{1197912B-488B-47CE-A38D-9235CED6C8FA}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [TCP Query User{A1444DE9-CACF-4FF9-B780-DD5AE36F6B78}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6A20397B-D6DC-4A84-9E89-352DDCA2B857}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{05E35BA6-21F4-47D7-ADC4-E6B328F52305}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{AFCF4817-FC31-43B2-9C75-ADD8B65D937E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4298B2DD-F988-476D-84F7-1432C952C752}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{33A129A1-9063-4FF8-B20E-30506CDCF7AB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{FAF48A1D-E5F2-4D70-80B8-665AFC9F232D}C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{96488E3D-D0FB-4470-BB3D-CDC9D004C726}C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4BB9EB68-FD41-4D27-9623-879872AE74FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9386172-77B4-4054-8A86-FFAB2CA4675A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{93982737-F9EE-472B-8CA5-6D13DA0220CF}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{81523421-D1CD-419D-AC9C-9289E9820096}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3F63C04-C213-4362-A6C4-5C5CB3A50B05}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC7BC0D5-37A8-4FB0-96D3-3441716FFC3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{29F3146E-CBDA-4A87-8A37-D5B1FBE84AFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6E2D2774-5D6D-458A-8D6C-DB625FAAE7A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BE57FCBD-FE25-4252-A5AB-1E8AE68900A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
28-10-2016 19:47:09 Windows Update
05-11-2016 01:31:44 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Officejet 7610 series
Description: Officejet 7610 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/30/2016 02:07:58 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
Error: (10/30/2016 02:07:58 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details.
hr=0x80072EE7
Error: (10/29/2016 08:25:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/29/2016 08:24:13 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/29/2016 08:24:13 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/28/2016 07:49:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: wuaueng.dll, version: 7.6.7601.23453, time stamp: 0x57364d3a
Exception code: 0xc0000005
Fault offset: 0x00000000001583f7
Faulting process id: 0x478
Faulting application start time: 0x01d22fd907d5e800
Faulting application path: C:\Windows\system32\svchost.exe
Faulting module path: c:\windows\system32\wuaueng.dll
Report Id: 39874f3c-9d69-11e6-91bb-689423274ca4
Error: (10/28/2016 07:49:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 228: ERROR: read_msg errno 0 (The operation completed successfully.)
Error: (10/28/2016 07:49:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (10/28/2016 07:48:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 504: ERROR: read_msg errno 0 (The operation completed successfully.)
Error: (10/28/2016 07:48:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
System errors:
=============
Error: (10/29/2016 08:28:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (10/29/2016 08:25:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2016 08:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Device Interaction Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/29/2016 08:24:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 12248.95 MB
Available physical RAM: 9539.44 MB
Total Virtual: 24496.07 MB
Available Virtual: 20215.74 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:668.82 GB) NTFS
Drive j: () (Removable) (Total:7.45 GB) (Free:3.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: EF0E2696)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.2 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-11-05 17:21:19
-----------------------------
17:21:19.469 OS Version: Windows x64 6.1.7601 Service Pack 1
17:21:19.469 Number of processors: 8 586 0x3A09
17:21:19.469 ComputerName: JOHNDESKTOP UserName: John
17:21:28.377 Initialize success
17:21:28.470 VM: initialized successfully
17:21:28.470 VM: Intel CPU supported
17:21:35.011 VM: supported disk I/O iaStor.sys
17:21:58.001 AVAST engine download error: 0
17:21:58.001 AVAST engine defs: 13080400
17:22:06.456 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:22:06.456 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
17:22:06.737 VM: Disk 0 MBR read successfully
17:22:06.737 Disk 0 MBR scan
17:22:06.753 Disk 0 Windows VISTA default MBR code
17:22:06.753 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:22:06.768 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12544 MB offset 81920
17:22:06.768 Disk 0 Boot: NTFS code=1
17:22:06.800 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 941284 MB offset 25772032
17:22:07.252 Disk 0 scanning C:\Windows\system32\drivers
17:22:20.777 Service scanning
17:22:33.959 Modules scanning
17:22:33.959 Disk 0 trace - called modules:
17:22:33.975 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:22:33.991 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800cca4060]
17:22:33.991 3 CLASSPNP.SYS[fffff88001d9543f] -> nt!IofCallDriver -> [0xfffffa800a47a590]
17:22:33.991 5 ACPI.sys[fffff88000f927a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a6a0050]
17:22:37.235 AVAST engine scan C:\Windows
17:22:40.792 AVAST engine scan C:\Windows\system32
17:24:52.332 AVAST engine scan C:\Windows\system32\drivers
17:25:02.628 AVAST engine scan C:\Users\John
19:11:24.070 AVAST engine scan C:\ProgramData
19:17:51.762 Disk 0 statistics 6489071/0/22 @ 0.63 MB/s
19:17:51.777 Scan finished successfully
19:46:17.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:46:17.125 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
19:46:20.277 Disk 0 statistics 6490256/0/23 @ 0.63 MB/s
19:46:20.277 Scan stopped
19:46:56.127 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
19:46:56.142 The log file has been saved successfully to "J:\aswMBR.txt"
At present, I can open AOL, Facebook (when I open Facebook I get a message “Revocation information for the security certificate for this site is not available”), Google, among other random web sites, including the Spybot home page. However, I am unable to open any links within those web sites, including the Spybot Forum. Google is my home page for IE, and I can do Google searches, but I can't open the sites from within Google. I had to use a laptop to download Registry Backup, FRST, and aswMBR onto a thumb drive, then load them onto my desktop, run the scans, copy the logs onto the thumb drive, and post the logs on the forum using the laptop.
Logs to follow. Admin Edit, merged two posts.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-11-2016
Ran by John (administrator) on JOHNDESKTOP (05-11-2016 16:50:39)
Running from C:\Users\John\Desktop
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozystat.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Amazon Digital Services, LLC.) C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozy, Inc.) C:\Program Files\Mozy Sync\mozysync.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(McAfee, Inc.) C:\Program Files\mcafee\MAT\McPvTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Mozy, Inc.) C:\Program Files\MozyHome\mozybackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sun Microsystems, Inc.) C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\LocalServiceJre\bin\AmazonCloudDriveW.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\mcafee\VUL\McVulAlert.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\McClientAnalytics.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6457960 2011-12-23] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [1014432 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [800416 2011-12-29] (Atheros Commnucations)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-17] (Intel Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-03-10] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057408 2012-06-04] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [UTM.exe] => cmd /c "start "" "C:\Program Files (x86)\EUT\C811\SUA\UTM.exe""
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [286984 2015-10-07] (RealNetworks, Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [530560 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [239744 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [Dropbox Update] => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {35de0db4-6ab6-11e5-8fce-689423274ca4} - J:\TL-BootStrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c4afcc77-4666-11e2-b1f6-689423274ca4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL J:\TL-Bootstrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c531fead-292a-11e3-892f-689423274ca4} - K:\TL-BootStrap.exe
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\MountPoints2: {c76dbdac-2513-11e2-99ab-689423274ca4} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\TL-Bootstrap.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [{91140000-0011-0000-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-00A1-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-18\...\RunOnce: [{90140000-006E-0409-0000-0000000FF1CE}] => C:\Windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
ShellIconOverlayIdentifiers: [ mozysyncNotUploaded] -> {34DF8AC2-A6BB-4855-B45A-CC1B4D9183E3} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncPendingChanges] -> {6673BC77-4A7B-4299-A130-14312E6B203A} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [ mozysyncUpToDate] -> {04547006-32F5-4635-844B-B8D7FCE47692} => C:\Program Files\Mozy Sync\mozysyncshell.dll [2014-10-31] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [mozy] -> {b32a6748-f273-4546-b60a-3c5adc239de5} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy2] -> {747E722C-CB46-4a9d-BDFE-192AAD5099B1} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers: [mozy3] -> {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} => C:\Program Files\MozyHome\mozyshell.dll [2015-02-02] (Mozy, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt.1.0.dll [2016-10-24] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-02-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-11-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.427\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk [2015-11-28]
ShortcutTarget: MozyHome Status.lnk -> C:\Program Files\MozyHome\mozystat.exe (Mozy, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2015-10-07]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Amazon Cloud Drive.lnk [2016-10-29]
ShortcutTarget: Amazon Cloud Drive.lnk -> C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\AmazonCloudDrive.exe (Amazon Digital Services, LLC.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-26]
ShortcutTarget: Dropbox.lnk -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozy Sync.lnk [2013-11-23]
ShortcutTarget: Mozy Sync.lnk -> C:\Program Files\Mozy Sync\mozysync.exe (Mozy, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{0F8D86FA-E84F-4232-BE1F-0CE7F0B5B425}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{B1521873-611C-4141-AAB1-CC30AFC23073}: [DhcpNameServer] 192.168.1.1 209.18.47.61 209.18.47.62
Internet Explorer:
==================
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM -> {CE522274-F06E-4D52-9CA3-63B6C654F169} URL = hxxp://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a
SearchScopes: HKLM -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> DefaultScope {4795153C-A663-466B-A28C-ECFD99709FFA} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {4795153C-A663-466B-A28C-ECFD99709FFA} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {CE522274-F06E-4D52-9CA3-63B6C654F169} URL =
SearchScopes: HKU\S-1-5-21-211488708-3525939622-1550682978-1000 -> {FA3295EA-6375-4900-8C94-B2A9C0C67D6E} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2015-09-16] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2015-09-16] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-12-29] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-10-03] (McAfee, Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default [2016-11-05]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF DefaultSearchEngine.US: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\aeoam766.default -> Secure Search
FF Homepage: Mozilla\Firefox\Profiles\aeoam766.default -> hxxps://www.google.com/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\aeoam766.default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C111US105D20140130&p=
FF Extension: (Firefox Hotfix) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Video DownloadHelper) - C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-13]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-10-16]
FF SearchPlugin: C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\aeoam766.default\searchplugins\McSiteAdvisor.xml [2015-06-06]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-17] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2016-08-25] [not signed]
FF HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-06-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-10-07] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.0.1236 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-10-07] (RealTimes)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee&type=C211US105D20140130&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.87\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll => No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll => No File
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default [2016-11-05]
CHR Extension: (SiteAdvisor) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-08-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-04]
CHR Extension: (Chrome Media Router) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-27]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2011-12-29] (Atheros Commnucations) [File not signed]
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173568 2012-10-09] (Dell Products, LP.) [File not signed]
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Users\John\AppData\Local\Temp\7zS15A2\hpslpsvc64.dll [1039360 2012-11-14] (Hewlett-Packard Co.) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [166152 2016-10-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.427\McCHSvc.exe [329480 2016-10-13] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-07-11] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
R2 mozybackup; C:\Program Files\MozyHome\mozybackup.exe [54672 2012-09-18] (Mozy, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-09-16] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1103656 2015-10-07] (RealNetworks, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-12-29] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [76960 2011-12-26] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 C771BUS; C:\Windows\System32\DRIVERS\C771BUS.sys [71752 2010-08-26] (DEVGURU Co., LTD.)
S3 C771VSP; C:\Windows\System32\DRIVERS\C771VSP.sys [186056 2010-08-26] (DEVGURU Co., LTD.(www.devguru.co.kr (http://www.devguru.co.kr)))
S3 c811bus; C:\Windows\System32\DRIVERS\c811bus.sys [169800 2012-12-07] (MCCI Corporation)
S3 c811serd; C:\Windows\System32\DRIVERS\c811serd.sys [159048 2012-12-07] (MCCI Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
S3 Logi_Headset_DFU; C:\Windows\System32\Drivers\lhusbdfuamd64.sys [44136 2015-10-08] (CSR plc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [79192 2016-04-20] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R1 mozyFilter; C:\Windows\System32\DRIVERS\mozy.sys [67808 2013-05-21] (Mozy, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-05 16:50 - 2016-11-05 16:52 - 00042448 _____ C:\Users\John\Desktop\FRST.txt
2016-11-05 16:49 - 2016-11-05 16:50 - 00000000 ____D C:\FRST
2016-11-05 16:41 - 2016-11-05 16:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-JOHNDESKTOP-Windows-7-Home-Premium-(64-bit).dat
2016-11-05 16:41 - 2016-11-05 16:41 - 00000000 ____D C:\RegBackup
2016-11-05 16:40 - 2016-11-05 16:40 - 00002237 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-11-05 16:40 - 2016-11-05 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-11-05 16:40 - 2016-11-05 16:40 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-11-05 16:37 - 2016-11-05 16:41 - 00019558 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2016-11-05 16:36 - 2016-11-05 14:51 - 05658651 _____ (Swearware) C:\Users\John\Desktop\ComboFix.exe
2016-11-05 16:36 - 2016-11-05 14:49 - 05198336 _____ (AVAST Software) C:\Users\John\Desktop\aswMBR.exe
2016-11-05 16:35 - 2016-11-05 14:42 - 02409984 _____ (Farbar) C:\Users\John\Desktop\FRST64.exe
2016-11-05 16:34 - 2016-11-05 14:39 - 05596528 _____ (Tweaking.com) C:\Users\John\Desktop\tweaking.com_registry_backup_setup.exe
2016-11-04 01:22 - 2016-11-04 01:22 - 00002146 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-04 01:22 - 2016-11-04 01:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-01 10:12 - 2016-11-01 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-10-29 08:25 - 2016-10-29 08:25 - 00000000 ___RD C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-10-28 07:54 - 2016-10-28 07:56 - 00000000 ____D C:\Users\John\Desktop\Elodie
2016-10-27 00:55 - 2016-06-25 20:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-10-27 00:55 - 2016-06-25 20:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-10-27 00:55 - 2016-06-25 15:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-10-27 00:55 - 2016-06-25 15:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-10-27 00:55 - 2016-06-25 15:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-10-27 00:55 - 2016-06-25 15:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-10-27 00:55 - 2016-06-25 15:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-10-26 15:19 - 2016-10-26 15:20 - 00000000 ____D C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-18 21:29 - 2016-09-30 16:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-18 21:29 - 2016-09-30 15:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-18 21:29 - 2016-09-30 11:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-18 21:29 - 2016-09-30 03:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-18 21:29 - 2016-09-30 02:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-18 21:29 - 2016-09-30 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-18 21:29 - 2016-09-30 02:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-18 21:29 - 2016-09-30 02:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-18 21:29 - 2016-09-30 02:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-18 21:29 - 2016-09-30 02:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-18 21:29 - 2016-09-30 02:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-18 21:29 - 2016-09-30 02:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-18 21:29 - 2016-09-30 02:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-18 21:29 - 2016-09-30 02:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-18 21:29 - 2016-09-30 02:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-18 21:29 - 2016-09-30 02:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-18 21:29 - 2016-09-30 02:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-18 21:29 - 2016-09-30 02:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-18 21:29 - 2016-09-30 02:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-18 21:29 - 2016-09-30 01:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-18 21:29 - 2016-09-30 01:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-18 21:29 - 2016-09-30 01:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-18 21:29 - 2016-09-30 01:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-18 21:29 - 2016-09-30 01:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-18 21:29 - 2016-09-30 01:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-18 21:29 - 2016-09-30 01:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-18 21:29 - 2016-09-30 01:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-18 21:29 - 2016-09-30 01:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-18 21:29 - 2016-09-30 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-18 21:29 - 2016-09-30 01:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-18 21:29 - 2016-09-30 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-18 21:29 - 2016-09-30 01:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-18 21:29 - 2016-09-30 01:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-18 21:29 - 2016-09-30 01:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-18 21:29 - 2016-09-30 01:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-18 21:29 - 2016-09-30 01:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-18 21:29 - 2016-09-30 01:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-18 21:29 - 2016-09-30 01:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-18 21:29 - 2016-09-30 01:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-18 21:29 - 2016-09-30 01:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-18 21:29 - 2016-09-30 01:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-18 21:29 - 2016-09-30 01:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-18 21:29 - 2016-09-30 01:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-18 21:29 - 2016-09-30 01:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-18 21:29 - 2016-09-30 01:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-18 21:29 - 2016-09-30 01:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-18 21:29 - 2016-09-30 01:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-18 21:29 - 2016-09-30 01:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-18 21:29 - 2016-09-30 01:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-18 21:29 - 2016-09-30 01:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-18 21:29 - 2016-09-30 01:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-18 21:29 - 2016-09-30 01:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-18 21:29 - 2016-09-30 01:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-18 21:29 - 2016-09-30 01:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-18 21:29 - 2016-09-30 00:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-18 21:29 - 2016-09-30 00:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-18 21:29 - 2016-09-30 00:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-18 21:29 - 2016-09-30 00:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-18 21:29 - 2016-08-12 13:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-18 21:29 - 2016-08-12 12:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-18 21:29 - 2016-06-14 13:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-18 21:28 - 2016-09-30 11:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-18 21:28 - 2016-09-30 11:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-18 21:28 - 2016-09-30 01:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-18 21:28 - 2016-09-15 11:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-18 21:28 - 2016-09-15 11:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-18 21:28 - 2016-09-15 11:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-18 21:28 - 2016-09-15 11:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-18 21:28 - 2016-09-12 17:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-18 21:28 - 2016-09-12 17:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-18 21:28 - 2016-09-12 17:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-18 21:28 - 2016-09-12 17:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-18 21:28 - 2016-09-12 16:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-18 21:28 - 2016-09-12 16:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-18 21:28 - 2016-09-12 16:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-18 21:28 - 2016-09-12 16:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-18 21:28 - 2016-09-12 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-18 21:28 - 2016-09-12 16:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-18 21:28 - 2016-09-12 16:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-18 21:28 - 2016-09-12 15:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-18 21:28 - 2016-09-12 14:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-18 21:28 - 2016-09-12 14:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-18 21:28 - 2016-09-10 12:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-18 21:28 - 2016-09-10 11:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-18 21:28 - 2016-09-09 14:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-18 21:28 - 2016-09-09 14:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-18 21:28 - 2016-09-09 14:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 14:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-18 21:28 - 2016-09-09 14:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-18 21:28 - 2016-09-09 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-18 21:28 - 2016-09-09 13:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-18 21:28 - 2016-09-09 13:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-18 21:28 - 2016-09-09 13:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-18 21:28 - 2016-09-09 13:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-18 21:28 - 2016-09-09 13:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-18 21:28 - 2016-09-09 13:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-18 21:28 - 2016-09-09 13:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-18 21:28 - 2016-09-09 13:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-18 21:28 - 2016-09-08 16:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-18 21:28 - 2016-09-08 10:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-18 21:28 - 2016-09-08 10:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-18 21:28 - 2016-08-12 13:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-18 21:28 - 2016-08-12 13:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-18 21:28 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-18 21:28 - 2016-08-12 13:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-18 21:28 - 2016-08-12 12:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-18 21:28 - 2016-08-12 12:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-18 21:28 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-18 21:28 - 2016-08-12 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-18 21:28 - 2016-08-12 12:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-18 21:28 - 2016-08-06 11:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-18 21:28 - 2016-08-06 11:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-18 21:28 - 2016-08-06 11:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-18 21:28 - 2016-08-06 11:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-18 21:28 - 2016-08-06 10:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-18 21:28 - 2016-06-14 13:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-18 21:28 - 2016-06-14 13:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-18 21:28 - 2016-06-14 13:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-18 21:28 - 2016-06-14 13:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-18 21:28 - 2016-06-14 11:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-18 21:28 - 2016-06-14 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-18 21:28 - 2016-06-14 11:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-18 21:28 - 2016-06-14 11:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-18 21:28 - 2016-06-14 11:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-18 21:28 - 2016-06-14 11:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-18 21:28 - 2016-06-14 11:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-18 21:28 - 2016-06-14 11:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-18 21:28 - 2016-06-14 11:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-18 21:25 - 2016-09-12 17:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-18 21:25 - 2016-09-12 17:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-18 21:25 - 2016-09-09 11:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-18 21:25 - 2016-08-29 11:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-18 21:25 - 2016-08-29 11:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-18 21:25 - 2016-08-29 11:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-18 21:25 - 2016-08-29 10:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-18 21:25 - 2016-08-16 16:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-18 21:25 - 2016-08-16 16:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-13 09:16 - 2016-10-13 09:16 - 00000211 _____ C:\Users\John\Desktop\12 Green Plastic Hanging Pot w-Wire Hanger 25 count.url
2016-10-12 20:02 - 2016-10-12 20:02 - 00000275 _____ C:\Users\John\Desktop\Charlotte Chapter Golden State Warriors at Charlotte Hornets - Alumni Community - Davidson College.url
2016-10-12 19:09 - 2016-10-12 19:09 - 00000276 _____ C:\Users\John\Desktop\Grandma's Gift - The Washington Post.url
2016-10-11 13:31 - 2016-10-11 13:31 - 00004608 _____ C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-10-10 23:40 - 2016-10-10 23:40 - 00000426 _____ C:\Users\John\Desktop\Give Thanks for Wildlife Tickets, Sat, Nov 19, 2016 at 630 PM Eventbrite.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-05 16:36 - 2015-06-28 22:21 - 00000914 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA.job
2016-11-05 16:36 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-05 16:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-11-05 16:35 - 2012-11-13 00:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-05 16:13 - 2012-10-27 15:47 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-05 16:01 - 2012-09-18 14:51 - 00003498 _____ C:\Windows\mozy.flt
2016-11-05 16:01 - 2012-09-18 14:51 - 00003036 _____ C:\Windows\mozy.blk
2016-11-05 15:57 - 2013-11-22 00:15 - 00000000 ____D C:\Users\John\AppData\Local\mozysync
2016-11-05 13:06 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-05 13:06 - 2009-07-14 00:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-05 01:01 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-04 23:37 - 2014-01-30 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-11-04 23:36 - 2015-06-28 22:21 - 00000862 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core.job
2016-11-04 23:31 - 2015-06-28 22:21 - 00003882 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA
2016-11-04 23:31 - 2015-06-28 22:21 - 00003486 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core
2016-11-04 23:30 - 2012-10-27 15:47 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-04 01:22 - 2012-10-27 15:47 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-03 02:44 - 2012-10-27 15:49 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-03 02:44 - 2012-10-27 15:49 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-01 10:12 - 2015-11-16 23:18 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-11-01 10:12 - 2014-04-19 13:16 - 00001966 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-11-01 10:11 - 2012-11-05 01:05 - 00000000 ___RD C:\Users\John\Dropbox
2016-10-30 09:00 - 2012-11-12 23:55 - 00000000 ____D C:\Users\John\AppData\Local\ElevatedDiagnostics
2016-10-29 08:27 - 2012-10-16 21:02 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2016-10-29 08:25 - 2014-01-30 13:03 - 00000000 __RSD C:\Users\John\Documents\McAfee Vaults
2016-10-29 08:24 - 2012-10-16 21:14 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2016-10-29 08:24 - 2012-10-16 21:14 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2016-10-29 08:23 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-28 19:49 - 2009-07-14 01:08 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-27 02:41 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-10-26 18:33 - 2009-07-14 00:45 - 00543192 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-26 18:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-26 18:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-26 18:30 - 2014-12-10 06:43 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-26 18:30 - 2014-04-23 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-26 18:28 - 2013-03-13 01:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-26 18:28 - 2013-03-13 01:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-26 16:15 - 2013-08-14 03:34 - 00000000 ____D C:\Windows\system32\MRT
2016-10-26 16:11 - 2012-12-01 01:30 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-26 16:08 - 2013-03-13 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-26 15:20 - 2012-11-05 00:56 - 00000000 ____D C:\Users\John\AppData\Roaming\Dropbox
2016-10-26 07:57 - 2014-05-19 13:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-25 01:38 - 2014-01-30 13:03 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-10-23 22:29 - 2015-06-29 00:10 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-10-19 07:50 - 2012-10-27 15:42 - 00000000 ____D C:\ProgramData\TEMP
2016-10-13 09:35 - 2012-11-13 00:28 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-13 09:35 - 2012-11-13 00:28 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-13 09:35 - 2012-11-13 00:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-13 09:35 - 2012-10-16 20:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-13 09:35 - 2012-10-16 20:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 11:38 - 2014-07-13 14:24 - 00000000 ____D C:\Users\John\Desktop\Cooking and Dining
2016-10-10 18:49 - 2012-10-27 00:25 - 00000000 ____D C:\Users\John
2016-10-08 16:55 - 2012-11-06 22:16 - 00000000 ____D C:\Users\John\AppData\Local\CrashDumps
2016-10-07 23:26 - 2012-12-22 17:33 - 00000000 ____D C:\Users\John\AppData\Local\Citrix
==================== Files in the root of some directories =======
2013-08-03 18:39 - 2013-08-03 18:39 - 0000000 _____ () C:\Users\John\AppData\Roaming\SharedSettings.ccs
2016-10-11 13:31 - 2016-10-11 13:31 - 0004608 _____ () C:\Users\John\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-17 21:54 - 2013-03-26 22:43 - 0002217 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Public\Tempmozy-autoupdate-8262dfa079e3ea66519693899238bbfb.exe
C:\Users\Public\Tempmozy-autoupdate-82af9a609219353256cb533e636b9416.exe
C:\Users\Public\Tempmozy-autoupdate-864934ef6e2b54a6f5dcfa6e472922e2.exe
C:\Users\Public\Tempmozy-autoupdate-c0261ff8012aad585d55140a9b6ddcb9.exe
C:\Users\Public\Tempmozy-autoupdate-fd378831154aecd3ff93f99a8cbdcdea.exe
C:\Users\Public\Tempmozy-manualupdate-4a89cedd164c5f5e19189bfd5deb26c7.exe
C:\Users\Public\Tempmozy-manualupdate-4ff83994dfb32374e99fb2987f4e5700.exe
C:\Users\Public\Tempmozy-manualupdate-5ab4a737bec6be5a44cdd634ea82d76b.exe
C:\Users\Public\Tempmozy-manualupdate-b2dc44eb185732ade88416784fadbd67.exe
C:\Users\Public\Tempmozy-update-1f7fe3012a1778a4fc7c5075f2f61812.exe
C:\Users\Public\Tempmozy-update-a31217e595a1463492ad999467f8f0a1.exe
Some files in TEMP:
====================
C:\Users\John\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpljkj9h.dll
C:\Users\John\AppData\Local\Temp\HPInstaller.exe
C:\Users\John\AppData\Local\Temp\lowproc.exe
C:\Users\John\AppData\Local\Temp\mozy-sync-1_3_0_4057-62459.exe
C:\Users\John\AppData\Local\Temp\mozy-sync-1_3_1_4068-63621.exe
C:\Users\John\AppData\Local\Temp\mozy-sync_1.2.0.4028.exe
C:\Users\John\AppData\Local\Temp\mozy-sync_1.2.1.4039.exe
C:\Users\John\AppData\Local\Temp\ose00000.exe
C:\Users\John\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\John\AppData\Local\Temp\stubhelper.dll
C:\Users\John\AppData\Local\Temp\_isDE83.exe
C:\Users\John\AppData\Local\Temp\_isEAB4.exe
C:\Users\John\AppData\Local\Temp\{FED90B67-82A4-4ADC-B34B-EEE0F6290AD4}-54.0.2840.71_chrome_installer.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-04 00:40
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016
Ran by John (05-11-2016 16:52:43)
Running from C:\Users\John\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-10-27 04:25:08)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-211488708-3525939622-1550682978-500 - Administrator - Disabled)
Guest (S-1-5-21-211488708-3525939622-1550682978-501 - Limited - Disabled)
John (S-1-5-21-211488708-3525939622-1550682978-1000 - Administrator - Enabled) => C:\Users\John
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe Connect 9 Add-in (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Adobe Connect 9 Add-in) (Version: 11,9,972,8 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Amazon Cloud Drive (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\23ab716f18849b6f) (Version: 2.1.2013.1340 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{0E262CBA-A8C6-3BE1-A812-D7490B4F2B09}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.27 - ArcSoft)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.115 - Atheros)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C771 USB Driver V1.0.11.0 (HKLM-x32\...\{FC8BC9C6-7A6F-475E-848B-3FC3CA0BFE19}) (Version: 1.0.11.0 - CASIO)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
Corel PaintShop Pro X4 (HKLM-x32\...\_{00580795-581C-4587-B9F2-37320D7AB37F}) (Version: 14.0.0.332 - Corel Corporation)
Corel PaintShop Pro X4 (x32 Version: 14.3.0.3 - Corel Corporation) Hidden
Coupon Companion Plugin (HKLM-x32\...\Coupon Companion Plugin) (Version: 1.26.152.152 - 215 Apps) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
D7500 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Digital Delivery (HKLM-x32\...\{F91BF1B5-4213-440C-8539-C6EB2F1D1734}) (Version: 2.2.4000.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DesignPro 5 (HKLM-x32\...\InstallShield_{C8F04EF6-C4DB-4D86-8D86-32E7DBDA8595}) (Version: 5.5.708 - Avery Dennison)
DesignPro 5 (x32 Version: 5.5.708 - Avery Dennison) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation)
Dropbox (HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\Dropbox) (Version: 13.4.21 - Dropbox, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
Elevated Installer (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation)
EPSON Perfection V370 Photo Scanner Driver Update version 3.0.2.0 (HKLM-x32\...\ScannerDriverUpdateEPSON Perfection V370 Photo_is1) (Version: 3.0.2.0 - Epson America Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Garmin Express (HKLM-x32\...\{5b45c228-dcb1-4a0b-a9de-3b4b683ef15d}) (Version: 4.1.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
G'zOne Commando 4G LTE USB Driver (HKLM-x32\...\{99E1CC2D-EB4F-498B-B6ED-492654677E7E}) (Version: 5.30.17.1 - NEC CASIO Mobile Communications, Ltd.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart D7500 Printer Driver Software 13.0 Rel. 4 (HKLM\...\{2F478590-A2A6-43E3-A567-A89A5F38AAC4}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PaperLabel (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
ICA (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
IPM_PSP_COM (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 7 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217011FF}) (Version: 7.0.110 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.279 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozy Sync (HKLM\...\{95DB05B2-371B-3957-A65A-7CD9433701AD}) (Version: 1.3.1.4068 - Mozy, Inc.)
MozyHome (HKLM\...\{81D29D4E-9658-BB63-D879-E6A625C01364}) (Version: 2.28.2.432 - Mozy, Inc.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}) (Version: 1.7.915.93 - Fitipower)
Multimedia Card Reader (x32 Version: 1.7.915.93 - Fitipower) Hidden
Online Plug-in (x32 Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
PS_SF_04_D7500_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
PSPPContent (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
PSPPro64 (Version: 14.0.0.332 - Corel Corporation) Hidden
QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)
RealDownloader (x32 Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6537 - Realtek Semiconductor Corp.)
RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Self-service Plug-in (x32 Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (x32 Version: 14.0.0.332 - Corel Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.2 - Tweaking.com)
UE BOOM Update Assistant (HKLM-x32\...\{8D9BD07C-C098-4BC9-A83B-2CE454A2776C}) (Version: 1.4.57 - Logitech, Inc.)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
VZ_UpgradeMonitorTool (HKLM-x32\...\{C601F8DA-88F1-4380-A431-43072E095C95}) (Version: 1.3.1 - NEC CASIO Mobile Communications, Ltd.)
VZ_UpgradeTool (HKLM-x32\...\{F7086669-0FA1-4834-9C9C-978AC16848CD}) (Version: 1.3.0 - NEC CASIO Mobile Communications, Ltd.)
VZ-TL-PC (HKLM-x32\...\{9A25A804-4303-4787-B2DE-99AD745B1CBB}) (Version: 1.1.6 - NEC CASIO Mobile Communications, Ltd.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-211488708-3525939622-1550682978-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\John\AppData\Roaming\Dropbox\bin\DropboxExt64.1.0.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BF8E4F5-24AF-46F8-9803-2FAA75D443B6} - System32\Tasks\{D3CAD5B2-3C2E-4601-AFBA-27A4FA2DBA63} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {0CFD4DF7-3D36-435B-B493-E61B008F4DA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {18BEDE3E-626D-4EC6-8684-D0049D33D35C} - \Updater21804.exe -> No File <==== ATTENTION
Task: {1A3D6C0B-040D-4325-B8BB-C4DD1D38138E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-211488708-3525939622-1550682978-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {23D1C0E2-D8A3-4395-907B-691843D48BE1} - System32\Tasks\{BC70EC75-4F38-426E-B29C-4B78B6EB45E6} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {2A6255E7-CC76-44E7-AE33-67C2762BEA00} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3BFFD789-7E52-4102-A6CF-89C7F908F028} - System32\Tasks\{42C676A7-24C2-47F4-9998-A2561BB3FAFF} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {41B83F1B-D962-43B2-BD73-1D2DBE53C19C} - System32\Tasks\{2A71FE5B-8DD6-4733-9F75-CDF232BD94F8} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {513292AA-5EC0-45E7-BEA3-806C5CB80121} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-05-18] (McAfee, Inc.)
Task: {61C4D42A-0443-453F-894E-A108D113A68F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {6DF9F0B8-96E6-49F3-902B-1A19506EA2BA} - System32\Tasks\{07078906-EB68-4CAF-B686-8FFAA663B339} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {71FEBFD9-949C-4C98-A3A3-66C0F07923D3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {72E3959C-BA3A-415D-8EAA-2187D486FAD9} - System32\Tasks\{8D36E390-8650-43D5-8484-24A2828DD1E8} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {74E33F28-CB85-4963-83C5-9EA841390F7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {783E748D-EBFF-4B99-A658-2B73E07A379E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-211488708-3525939622-1550682978-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.)
Task: {8F91EC81-83A6-4096-ABAE-DA654E6E086F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-13] (Adobe Systems Incorporated)
Task: {94DC0845-A429-4D4B-9047-13F0291DFA90} - System32\Tasks\{0D99EF29-30A3-4B60-92DB-71861F3A547F} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {A0F87E21-2AFC-4B08-BA55-FF1C2D92C164} - System32\Tasks\{16D9B9CA-1EA9-4EDD-8EEB-C49E08245E4B} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {AD9A4BBF-37CD-4B72-A365-35CE89B28681} - System32\Tasks\{CC702A7F-3063-4FCA-8D27-EEF64F0BBD0D} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {BBDA9583-85D4-476C-9417-AA9EBAFC3D6F} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {C903FEF8-ED51-4AB7-BC0A-4B6B2315FB13} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-08-31] ()
Task: {CF659115-61AF-4C80-9640-1E7773DDB6EE} - System32\Tasks\{02D41DFB-91B8-4C8C-9F09-D160384283E7} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {E11E8FF9-D6D1-4582-B885-DA0C0ABF0591} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {EEC79726-FA54-4217-9B35-F33E65B9B435} - System32\Tasks\{90795D08-63CA-4F39-BFCD-B272D7E0D964} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2016-03-10] (Malwarebytes)
Task: {EF74137D-101C-4D2A-9906-1DF1C3E88EDD} - System32\Tasks\{C318582C-DAE8-4B64-91DB-223DF4607BEE} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {FF02B167-9254-45A8-AE74-BAF872FD0EFB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {FF073C0C-3A3D-4DA4-8443-B7C398FAACD2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04] (Dropbox, Inc.)
Task: {FF1B5303-3C73-44FA-BCD8-95B7F3C3FF8E} - System32\Tasks\{5B81B277-6E64-4FF8-9D6A-8B44ABE77B80} => C:\Program Files (x86)\iTunes\iTunes.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000Core.job => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-211488708-3525939622-1550682978-1000UA.job => C:\Users\John\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-13 06:45 - 2015-10-13 06:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-10-16 21:02 - 2012-01-26 22:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2011-10-25 22:29 - 2011-10-25 22:29 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-09-16 18:26 - 2015-09-16 18:26 - 00037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2015-09-16 18:26 - 2015-09-16 18:26 - 00037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00022312 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 01520936 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avformat-55.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 04274984 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avcodec-55.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00322856 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avutil-52.dll
2016-09-20 07:49 - 2016-10-10 14:19 - 00035792 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00145864 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00019408 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00116688 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-09-20 07:49 - 2016-10-10 14:19 - 00100296 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00018888 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\select.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00019760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00694224 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020816 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-09-20 07:49 - 2016-10-10 14:20 - 00123856 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 01682760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00105928 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00021312 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00052024 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00038696 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-10-26 15:19 - 2016-10-10 14:19 - 00392144 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-10-26 15:19 - 2016-10-10 14:21 - 00020936 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024528 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00116176 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00381752 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00124880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00025424 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024016 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00175560 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00030160 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00043472 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00048592 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00057808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00024016 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00246592 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00026456 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-20 07:49 - 2016-10-10 14:20 - 00241104 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00020280 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00028616 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00023376 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020800 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00019776 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020800 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-20 07:49 - 2016-10-10 14:21 - 00350152 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00022352 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 00024392 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-10-26 15:19 - 2016-10-10 14:17 - 00036296 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\librsync.dll
2016-10-26 15:19 - 2016-10-24 09:15 - 00084280 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-10-26 15:19 - 2016-10-24 09:15 - 01826096 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-09-20 07:49 - 2016-10-10 14:19 - 00083912 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\sip.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00531248 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 03928880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-10-26 15:19 - 2016-10-24 09:15 - 01972528 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00133424 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00224056 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00207672 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00020288 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-10-26 15:19 - 2016-10-10 14:24 - 00017864 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-10-26 15:19 - 2016-10-10 14:24 - 01631184 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-09-20 07:49 - 2016-10-10 14:21 - 00060880 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-09-20 07:49 - 2016-10-24 09:16 - 00024904 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00546096 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00357680 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00042808 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-10-26 15:19 - 2016-10-24 09:16 - 00168760 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-09-20 07:49 - 2016-10-10 14:25 - 00697304 _____ () C:\Users\John\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2016-05-12 03:44 - 2016-05-12 03:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9494e643d25019b25b5cf70f2ffc0778\IsdiInterop.ni.dll
2012-10-16 20:54 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-10-16 20:57 - 2012-01-21 07:23 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-24 14:54 - 2016-11-01 10:11 - 00046080 _____ () C:\Users\John\AppData\Local\Apps\2.0\P7MB5E8M.6KY\GLE0X4JV.KKE\amaz..tion_f2fa081ea2183235_0002.0001_cb34a912a946f839\NativeOperations.dll
2013-10-24 14:54 - 2013-10-24 14:54 - 00541696 _____ () C:\Users\John\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2016-07-05 18:13 - 2016-07-05 18:13 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2015-10-07 01:09 - 2015-10-07 01:09 - 00653096 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-07-05 18:18 - 2016-07-05 18:18 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\secunia.com -> hxxps://psi.secunia.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\008k.com -> www.008k.com (http://www.008k.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\00hq.com -> www.00hq.com (http://www.00hq.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\0scan.com -> www.0scan.com (http://www.0scan.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-2005-search.com -> www.1-2005-search.com (http://www.1-2005-search.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com (http://www.1-domains-registrations.com)
IE restricted site: HKU\S-1-5-21-211488708-3525939622-1550682978-1000\...\1-se.com -> 1-se.com
There are 9663 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-11-01 10:12 - 00000871 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-211488708-3525939622-1550682978-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{614A4948-7F4F-40A2-A5CB-D6F8B7FAAFB0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A81972E9-ACD7-4C4F-B975-3E5929D34FD9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{64E77E20-06DD-4342-B983-97FFF39DF9F7}] => (Allow) LPort=2869
FirewallRules: [{8E1A772C-2115-4FF0-AA40-6FF7D3CA02FC}] => (Allow) LPort=1900
FirewallRules: [{A9EB3F93-217B-49FE-9415-FADE3857C0D9}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{4ED5AC8A-0612-4D48-85F3-1B1C5B0A23B1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{94FAFA68-4C57-4226-9739-456E62C89113}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B258A0B6-3EED-4802-A305-31228FAA848C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{51923CED-B27A-4F2C-8444-5E44823D563B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{4370F326-176B-4F8C-B473-91F52E63AAD8}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A3F78B16-ED70-482B-B513-E9FA8F3ACE78}] => (Allow) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FDD084D5-8CC3-452F-981A-90FA94DEBB9D}] => (Allow) C:\Users\John\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5BC71E6D-01BD-41FB-B905-CA207F528F1C}] => (Allow) C:\Users\John\AppData\Local\Temp\7zS15A2\hppiw.exe
FirewallRules: [{8A6564D4-F5EE-45DB-9158-809B2AC306B9}] => (Allow) C:\Users\John\AppData\Local\Temp\7zS15A2\hppiw.exe
FirewallRules: [{8B10DB30-FD51-4864-A6B4-E1F286BC6A2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15E84B8C-379D-4467-BD13-D5F4917DB619}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9D7FECF8-BCD7-402B-8E00-518AC276FAA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{9063100D-C9F1-4DC7-8DB8-F019AD2DBE76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{16E92756-033F-431C-B4CC-92A3A638C206}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{90F40FFC-09EC-44E9-AA37-04FC3E8AF51B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{A9E8467F-4B9C-4F76-876C-65CE94BFC75B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D7FC69CE-6EB2-4427-9444-E9210CF20AAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F8398C6B-3C98-494F-A557-4AAB8E3154F2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5284D75B-82CD-4968-AB4E-F8A6AF36CDC8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{94CFE77A-8AC9-4BA0-9550-69FE6D16354D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{35643D50-8527-407E-A0FE-0CDC33164482}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{1197912B-488B-47CE-A38D-9235CED6C8FA}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [TCP Query User{A1444DE9-CACF-4FF9-B780-DD5AE36F6B78}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6A20397B-D6DC-4A84-9E89-352DDCA2B857}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{05E35BA6-21F4-47D7-ADC4-E6B328F52305}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{AFCF4817-FC31-43B2-9C75-ADD8B65D937E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4298B2DD-F988-476D-84F7-1432C952C752}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{33A129A1-9063-4FF8-B20E-30506CDCF7AB}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{FAF48A1D-E5F2-4D70-80B8-665AFC9F232D}C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{96488E3D-D0FB-4470-BB3D-CDC9D004C726}C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\john\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{4BB9EB68-FD41-4D27-9623-879872AE74FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9386172-77B4-4054-8A86-FFAB2CA4675A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{93982737-F9EE-472B-8CA5-6D13DA0220CF}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{81523421-D1CD-419D-AC9C-9289E9820096}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C3F63C04-C213-4362-A6C4-5C5CB3A50B05}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AC7BC0D5-37A8-4FB0-96D3-3441716FFC3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{29F3146E-CBDA-4A87-8A37-D5B1FBE84AFE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6E2D2774-5D6D-458A-8D6C-DB625FAAE7A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BE57FCBD-FE25-4252-A5AB-1E8AE68900A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
28-10-2016 19:47:09 Windows Update
05-11-2016 01:31:44 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Officejet 7610 series
Description: Officejet 7610 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/30/2016 02:07:58 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Acquisition of genuine ticket failed (hr=0x80072EE7) for template Id 66c92734-d682-4d71-983e-d6ec3f16059f
Error: (10/30/2016 02:07:58 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: License acquisition failure details.
hr=0x80072EE7
Error: (10/29/2016 08:25:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/29/2016 08:24:13 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/29/2016 08:24:13 AM) (Source: RealPlayerUpdateSvc) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/28/2016 07:49:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_wuauserv, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: wuaueng.dll, version: 7.6.7601.23453, time stamp: 0x57364d3a
Exception code: 0xc0000005
Fault offset: 0x00000000001583f7
Faulting process id: 0x478
Faulting application start time: 0x01d22fd907d5e800
Faulting application path: C:\Windows\system32\svchost.exe
Faulting module path: c:\windows\system32\wuaueng.dll
Report Id: 39874f3c-9d69-11e6-91bb-689423274ca4
Error: (10/28/2016 07:49:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 228: ERROR: read_msg errno 0 (The operation completed successfully.)
Error: (10/28/2016 07:49:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
Error: (10/28/2016 07:48:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 504: ERROR: read_msg errno 0 (The operation completed successfully.)
Error: (10/28/2016 07:48:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053
System errors:
=============
Error: (10/29/2016 08:28:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (10/29/2016 08:25:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (10/29/2016 08:24:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Garmin Device Interaction Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/29/2016 08:24:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Garmin Device Interaction Service service to connect.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (10/28/2016 07:49:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2013-08-03 23:17:19.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
Date: 2012-12-13 08:03:55.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 12248.95 MB
Available physical RAM: 9539.44 MB
Total Virtual: 24496.07 MB
Available Virtual: 20215.74 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:919.22 GB) (Free:668.82 GB) NTFS
Drive j: () (Removable) (Total:7.45 GB) (Free:3.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: EF0E2696)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=919.2 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-11-05 17:21:19
-----------------------------
17:21:19.469 OS Version: Windows x64 6.1.7601 Service Pack 1
17:21:19.469 Number of processors: 8 586 0x3A09
17:21:19.469 ComputerName: JOHNDESKTOP UserName: John
17:21:28.377 Initialize success
17:21:28.470 VM: initialized successfully
17:21:28.470 VM: Intel CPU supported
17:21:35.011 VM: supported disk I/O iaStor.sys
17:21:58.001 AVAST engine download error: 0
17:21:58.001 AVAST engine defs: 13080400
17:22:06.456 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:22:06.456 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
17:22:06.737 VM: Disk 0 MBR read successfully
17:22:06.737 Disk 0 MBR scan
17:22:06.753 Disk 0 Windows VISTA default MBR code
17:22:06.753 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:22:06.768 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 12544 MB offset 81920
17:22:06.768 Disk 0 Boot: NTFS code=1
17:22:06.800 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 941284 MB offset 25772032
17:22:07.252 Disk 0 scanning C:\Windows\system32\drivers
17:22:20.777 Service scanning
17:22:33.959 Modules scanning
17:22:33.959 Disk 0 trace - called modules:
17:22:33.975 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:22:33.991 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800cca4060]
17:22:33.991 3 CLASSPNP.SYS[fffff88001d9543f] -> nt!IofCallDriver -> [0xfffffa800a47a590]
17:22:33.991 5 ACPI.sys[fffff88000f927a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800a6a0050]
17:22:37.235 AVAST engine scan C:\Windows
17:22:40.792 AVAST engine scan C:\Windows\system32
17:24:52.332 AVAST engine scan C:\Windows\system32\drivers
17:25:02.628 AVAST engine scan C:\Users\John
19:11:24.070 AVAST engine scan C:\ProgramData
19:17:51.762 Disk 0 statistics 6489071/0/22 @ 0.63 MB/s
19:17:51.777 Scan finished successfully
19:46:17.125 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:46:17.125 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
19:46:20.277 Disk 0 statistics 6490256/0/23 @ 0.63 MB/s
19:46:20.277 Scan stopped
19:46:56.127 Disk 0 MBR has been saved successfully to "J:\MBR.dat"
19:46:56.142 The log file has been saved successfully to "J:\aswMBR.txt"